Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/Gc5Wf4gIoXqBJxMz50L79JdcbMg.roa
File: Gc5Wf4gIoXqBJxMz50L79JdcbMg.roa (raw, json)
Hash identifier: cLFyQu/qxp3umt/VV5vADKjtiqWfOoc9olcFzjmuyjs=
Subject key identifier: 19:CE:56:7F:88:08:A1:7A:81:27:13:33:E7:42:FB:F4:97:5C:6C:C8
Certificate issuer: /CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Certificate serial: 01856CE5E3E4EB8B8507804D4B233E2D9679
Authority key identifier: 02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/Gc5Wf4gIoXqBJxMz50L79JdcbMg.roa
Signing time: Sun 01 Jan 2023 10:34:43 +0000
ROA not before: Sun 01 Jan 2023 10:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2611
IP address blocks: 91.241.30.0/24 maxlen: 24
193.191.240.0/20 maxlen: 20
185.122.248.0/22 maxlen: 22
193.191.192.0/19 maxlen: 19
193.190.0.0/15 maxlen: 24
2001:6a8:a001::/48 maxlen: 48
2001:6a8::/32 maxlen: 32
2001:6a8:be00::/48 maxlen: 48
2001:6a8:8a00::/48 maxlen: 48
2001:6a8:9200::/48 maxlen: 48
2001:67c:2a58::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:e3:e4:eb:8b:85:07:80:4d:4b:23:3e:2d:96:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Validity
Not Before: Jan 1 10:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19ce567f8808a17a81271333e742fbf4975c6cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3e:93:ec:50:58:01:96:39:4d:42:34:a8:11:
ac:be:59:60:d5:dd:7b:48:17:d2:af:25:13:9e:7e:
f8:db:83:1d:c5:d8:51:22:c2:30:ab:57:a7:7a:23:
b0:85:b6:9a:33:8e:31:f5:8a:a6:a9:89:97:dd:a5:
0e:b3:32:13:10:c5:4a:9d:fe:03:ee:31:60:99:b4:
ab:25:bb:8c:c8:1f:47:6a:17:b7:45:0c:97:b5:76:
a7:59:c6:78:d0:f4:d7:eb:a3:e5:ec:a0:c7:d1:f6:
64:78:1f:72:71:b1:a9:db:99:40:dc:87:be:d9:97:
68:eb:3c:e4:e3:67:c5:16:0c:59:7e:63:8d:63:fb:
1f:f8:93:86:9b:f2:3a:9f:f4:ec:aa:2c:7a:89:c6:
95:6f:0c:5a:6d:d7:9a:67:c7:92:91:3e:89:60:0e:
cb:0d:6e:85:f6:67:23:c6:d7:43:bc:96:b0:62:57:
bd:ee:63:f2:6d:ba:d3:82:ec:4b:72:91:36:00:4b:
3e:9d:5a:2e:ec:54:79:62:cd:4f:e5:86:ac:99:c9:
bb:7e:72:c1:9f:64:4e:c6:8c:f8:1d:8e:65:ad:66:
da:17:63:24:15:3c:d7:7f:e5:b9:ab:ae:ab:8c:c0:
91:8b:b3:54:90:ac:cb:b9:4c:a8:a0:23:db:ee:e2:
1e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CE:56:7F:88:08:A1:7A:81:27:13:33:E7:42:FB:F4:97:5C:6C:C8
X509v3 Authority Key Identifier:
keyid:02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/Gc5Wf4gIoXqBJxMz50L79JdcbMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.30.0/24
185.122.248.0/22
193.190.0.0/15
IPv6:
2001:67c:2a58::/48
2001:6a8::/32
Signature Algorithm: sha256WithRSAEncryption
35:3f:a1:bb:1b:ab:1f:d5:a8:b5:29:84:3b:a9:6e:f4:57:94:
84:92:58:8e:ee:ae:6e:6c:0a:01:8e:18:af:ab:52:1f:8b:8c:
5b:9c:48:ae:2f:50:db:d6:d9:c3:f4:35:1a:47:f6:9f:b0:37:
b6:a4:18:c0:0d:8c:74:0b:0f:92:43:36:d0:37:2c:0d:c1:4b:
53:b3:ad:d3:f8:75:42:43:2f:71:38:6b:5b:ad:13:41:b1:8c:
7f:40:d2:0a:45:eb:89:16:07:52:10:c8:f6:15:f2:81:20:ad:
3d:66:ff:ff:39:99:10:40:61:ed:0e:e1:8a:6f:d5:fb:d0:0d:
8f:e0:19:d2:fd:0d:de:ca:39:43:58:6f:28:ec:b0:c0:63:72:
eb:a6:38:19:95:78:fe:09:eb:20:4c:02:9b:ac:2e:7a:f2:a9:
dc:fa:6b:38:18:1e:e0:dc:8d:99:af:dd:3e:06:9c:49:25:13:
c4:7a:bb:02:49:98:1f:f7:28:9d:dc:65:87:d9:12:10:36:d5:
6f:1c:32:41:64:c2:2f:5b:0c:0c:f2:a5:0d:74:5f:f9:de:5d:
92:71:b1:35:a0:f2:a4:e1:7f:73:94:78:08:21:98:72:1e:38:
df:61:a2:f8:38:a3:cb:18:74:ae:51:dc:ac:cc:d1:11:12:1d:
78:57:60:74
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVs5ePk64uFB4BNSyM+LZZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzM5NDAyYzQyYjNmODQ5OTVjNGQ1OGVmNjcwZThkMTZj
MmFmZTIwHhcNMjMwMTAxMTAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNlNTY3Zjg4MDhhMTdhODEyNzEzMzNlNzQyZmJmNDk3NWM2Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz6T7FBYAZY5TUI0qBGsvllg1d17
SBfSryUTnn7424MdxdhRIsIwq1eneiOwhbaaM44x9YqmqYmX3aUOszITEMVKnf4D
7jFgmbSrJbuMyB9Hahe3RQyXtXanWcZ40PTX66Pl7KDH0fZkeB9ycbGp25lA3Ie+
2Zdo6zzk42fFFgxZfmONY/sf+JOGm/I6n/Tsqix6icaVbwxabdeaZ8eSkT6JYA7L
DW6F9mcjxtdDvJawYle97mPybbrTguxLcpE2AEs+nVou7FR5Ys1P5Yasmcm7fnLB
n2ROxoz4HY5lrWbaF2MkFTzXf+W5q66rjMCRi7NUkKzLuUyooCPb7uIeHQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBnOVn+ICKF6gScTM+dC+/SXXGzIMB8GA1UdIwQY
MBaAFAIzlALEKz+EmVxNWO9nDo0Wwq/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2It
ZmM2NGJmYzNkMmY5LzEvR2M1V2Y0Z0lvWHFCSnhNejUwTDc5SmRjYk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2ItZmM2NGJmYzNkMmY5
LzEvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAXBAIAATARAwQAW/EeAwQC
uXr4AwMBwb4wFgQCAAIwEAMHACABBnwqWAMFACABBqgwDQYJKoZIhvcNAQELBQAD
ggEBADU/obsbqx/VqLUphDupbvRXlISSWI7urm5sCgGOGK+rUh+LjFucSK4vUNvW
2cP0NRpH9p+wN7akGMANjHQLD5JDNtA3LA3BS1OzrdP4dUJDL3E4a1utE0GxjH9A
0gpF64kWB1IQyPYV8oEgrT1m//85mRBAYe0O4Ypv1fvQDY/gGdL9Dd7KOUNYbyjs
sMBjcuumOBmVeP4J6yBMApusLnryqdz6azgYHuDcjZmv3T4GnEklE8R6uwJJmB/3
KJ3cZYfZEhA21W8cMkFkwi9bDAzypQ10X/neXZJxsTWg8qThf3OUeAghmHIeON9h
ovg4o8sYdK5R3KzM0RESHXhXYHQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:45 2023 by rpki-client on console-ams.rpki-client.org