Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/GkexfDiz5JlN7zwiII13vauLIu8.roa
File: GkexfDiz5JlN7zwiII13vauLIu8.roa (raw, json)
Hash identifier: ibXnX5gvkBNJkO3u7aO/QQDgNGI74izXQ6rBZil2mco=
Subject key identifier: 1A:47:B1:7C:38:B3:E4:99:4D:EF:3C:22:20:8D:77:BD:AB:8B:22:EF
Certificate issuer: /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial: 018572BA78AFF2E4A42A5BD9E719DAEA96FE
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/GkexfDiz5JlN7zwiII13vauLIu8.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58002
IP address blocks: 37.208.64.0/20 maxlen: 20
77.247.232.0/21 maxlen: 21
77.247.237.0/29 maxlen: 29
92.241.0.0/19 maxlen: 19
2a00:c9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:78:af:f2:e4:a4:2a:5b:d9:e7:19:da:ea:96:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a47b17c38b3e4994def3c22208d77bdab8b22ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d5:31:97:c7:cc:9e:31:84:b8:d9:a7:83:29:
6d:5e:7c:6f:57:c3:d8:60:02:9c:ae:c1:de:ce:ec:
de:4b:62:39:25:6e:37:d1:fc:c2:5b:44:29:70:c3:
99:dd:e7:b5:02:f9:8c:ce:dc:d5:b5:c3:00:1f:65:
8c:be:c2:9f:85:a2:6e:89:d7:04:85:1d:d3:a5:ba:
66:65:63:48:a5:4c:cb:f9:74:79:90:e5:c8:32:2f:
ce:9e:c7:a0:ab:40:76:f4:29:fc:d2:ed:22:76:6d:
dd:81:b1:62:ca:bd:c3:e1:4c:7e:39:40:ae:c8:1f:
a3:7f:41:ea:9a:75:02:e7:c0:bf:29:97:c2:da:0e:
07:03:ba:d5:a5:2d:39:97:e0:49:08:0b:4e:8e:a9:
4d:45:1a:3e:32:1c:8a:18:6d:cc:27:87:32:3a:0a:
e2:c5:10:84:d9:af:4c:0c:a0:f4:7a:36:ae:ab:76:
5e:23:53:29:64:51:f1:7c:87:8c:a8:03:7c:00:58:
c1:de:54:23:4e:84:f6:f6:99:c8:1c:d2:b2:39:f6:
e0:a9:e4:f2:74:f0:44:9b:23:9c:43:67:d7:45:b7:
dd:43:3a:f6:2e:5d:b4:d1:a4:7c:37:90:df:e8:b7:
76:fd:e9:a2:13:ed:be:43:b7:be:53:9d:85:4c:3c:
c8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:47:B1:7C:38:B3:E4:99:4D:EF:3C:22:20:8D:77:BD:AB:8B:22:EF
X509v3 Authority Key Identifier:
keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/GkexfDiz5JlN7zwiII13vauLIu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.64.0/20
77.247.232.0/21
92.241.0.0/19
IPv6:
2a00:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
88:d3:e8:8a:08:90:a7:4f:f0:d1:bd:62:c3:ad:9d:4e:e0:5a:
a4:9c:83:c6:a6:11:d7:df:c2:d0:1a:f2:59:50:1b:a1:08:f0:
44:9c:ee:0f:1f:67:c5:92:51:81:66:d8:6e:9e:bd:81:53:2d:
a9:71:e0:0c:10:37:32:0e:b4:38:da:35:5f:c0:c9:ef:a5:3d:
2f:69:14:83:a6:79:a1:b1:7e:14:75:ef:4b:5d:6f:f0:08:9b:
16:c8:fc:0c:ab:48:ce:5e:70:6c:04:bc:e6:3c:69:d8:98:0e:
57:20:21:bd:b8:d5:f4:18:ce:cd:f2:e2:b8:6a:91:10:e1:1e:
5c:81:99:27:9d:3b:97:aa:33:d3:df:5c:26:79:e6:fa:0b:07:
48:0f:b3:a2:d2:f9:a9:98:f1:bf:e2:89:4b:64:27:92:0d:6d:
bd:cb:06:3a:c8:42:cc:66:34:ef:b1:47:36:b2:d1:4d:52:ca:
3e:bb:d0:5a:c4:e4:a8:62:9c:f6:4c:d4:4a:a9:30:98:30:b2:
86:5c:43:0a:54:3c:62:e1:eb:d5:59:5c:48:21:6e:54:28:5a:
51:b4:69:bc:aa:8b:f1:d5:8a:69:6f:fc:48:40:a3:3f:ce:72:
14:21:18:39:7e:41:9c:d5:a2:53:1a:f5:54:df:dc:1f:03:b7:
97:9f:35:22
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyuniv8uSkKlvZ5xna6pb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQ3YjE3YzM4YjNlNDk5NGRlZjNjMjIyMDhkNzdiZGFiOGIyMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89Uxl8fMnjGEuNmngyltXnxvV8PY
YAKcrsHezuzeS2I5JW430fzCW0QpcMOZ3ee1AvmMztzVtcMAH2WMvsKfhaJuidcE
hR3TpbpmZWNIpUzL+XR5kOXIMi/Onsegq0B29Cn80u0idm3dgbFiyr3D4Ux+OUCu
yB+jf0HqmnUC58C/KZfC2g4HA7rVpS05l+BJCAtOjqlNRRo+MhyKGG3MJ4cyOgri
xRCE2a9MDKD0ejauq3ZeI1MpZFHxfIeMqAN8AFjB3lQjToT29pnIHNKyOfbgqeTy
dPBEmyOcQ2fXRbfdQzr2Ll200aR8N5Df6Ld2/emiE+2+Q7e+U52FTDzILwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBpHsXw4s+SZTe88IiCNd72riyLvMB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEvR2tleGZEaXo1SmxON3p3aUlJMTN2YXVMSXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEJdBAAwQD
TffoAwQFXPEAMA0EAgACMAcDBQAqAMnAMA0GCSqGSIb3DQEBCwUAA4IBAQCI0+iK
CJCnT/DRvWLDrZ1O4FqknIPGphHX38LQGvJZUBuhCPBEnO4PH2fFklGBZthunr2B
Uy2pceAMEDcyDrQ42jVfwMnvpT0vaRSDpnmhsX4Ude9LXW/wCJsWyPwMq0jOXnBs
BLzmPGnYmA5XICG9uNX0GM7N8uK4apEQ4R5cgZknnTuXqjPT31wmeeb6CwdID7Oi
0vmpmPG/4olLZCeSDW29ywY6yELMZjTvsUc2stFNUso+u9BaxOSoYpz2TNRKqTCY
MLKGXEMKVDxi4evVWVxIIW5UKFpRtGm8qovx1Yppb/xIQKM/znIUIRg5fkGc1aJT
GvVU39wfA7eXnzUi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:08 2024 by rpki-client on console-fra.rpki-client.org