Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/gn1mb26rwuBGvDtJW9n-lHuYicY.roa
File: gn1mb26rwuBGvDtJW9n-lHuYicY.roa (raw, json)
Hash identifier: IdfVY1mjQmMDf31+bVlw4XNIDoCIrt7+/xtFGQ8f8KI=
Subject key identifier: 82:7D:66:6F:6E:AB:C2:E0:46:BC:3B:49:5B:D9:FE:94:7B:98:89:C6
Certificate issuer: /CN=b872da0f9c6c5686a3db9ee124a99042b0a882d1
Certificate serial: 018570150D819598BC47FDABF838490F9B55
Authority key identifier: B8:72:DA:0F:9C:6C:56:86:A3:DB:9E:E1:24:A9:90:42:B0:A8:82:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHLaD5xsVoaj257hJKmQQrCogtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/gn1mb26rwuBGvDtJW9n-lHuYicY.roa
Signing time: Mon 02 Jan 2023 01:25:05 +0000
ROA not before: Mon 02 Jan 2023 01:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58291
IP address blocks: 213.156.28.0/22 maxlen: 24
185.102.68.0/22 maxlen: 22
2a01:4c01::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:0d:81:95:98:bc:47:fd:ab:f8:38:49:0f:9b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b872da0f9c6c5686a3db9ee124a99042b0a882d1
Validity
Not Before: Jan 2 01:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=827d666f6eabc2e046bc3b495bd9fe947b9889c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:98:33:2d:e8:1b:d7:8e:15:84:2e:e7:90:44:
b1:c8:a5:42:06:e7:a3:76:2f:5e:06:6f:f1:33:53:
cf:ab:fc:1c:f7:ee:e2:c3:51:b0:2c:d5:c2:66:21:
e4:9c:d8:61:31:e9:71:a5:e0:39:5a:23:18:62:de:
22:c1:34:5e:58:16:20:a8:e9:17:48:23:cb:2e:10:
a9:31:b7:cb:90:f3:e9:59:77:dd:99:a4:c9:e6:4f:
d1:b5:58:22:b9:8b:55:bc:0d:f7:22:e7:56:57:be:
95:83:28:5b:58:75:67:51:c3:19:16:9f:10:9f:7a:
58:02:ea:c5:f1:97:36:eb:92:71:9b:c3:fd:6f:ea:
ee:78:84:16:d9:58:85:0f:ac:af:7f:62:fe:05:3d:
c6:f4:8e:d8:b1:2f:59:f7:f8:5f:11:3d:47:d9:a0:
c9:e2:b5:fa:d9:ea:27:c9:92:5b:ed:14:d2:9f:95:
bf:d0:f3:82:d3:d3:5c:5d:6c:9c:f8:9b:93:06:3e:
74:4c:15:66:7f:36:f6:88:7f:07:55:44:8b:2f:22:
8a:f0:46:79:87:9d:7b:3e:39:19:a0:f7:fd:80:5d:
9c:9b:3c:29:69:e8:92:d9:d3:38:ad:38:d8:1b:b2:
63:0f:81:f6:71:36:cc:21:c9:63:20:bd:03:d1:f4:
f0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7D:66:6F:6E:AB:C2:E0:46:BC:3B:49:5B:D9:FE:94:7B:98:89:C6
X509v3 Authority Key Identifier:
keyid:B8:72:DA:0F:9C:6C:56:86:A3:DB:9E:E1:24:A9:90:42:B0:A8:82:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHLaD5xsVoaj257hJKmQQrCogtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/gn1mb26rwuBGvDtJW9n-lHuYicY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/uHLaD5xsVoaj257hJKmQQrCogtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.68.0/22
213.156.28.0/22
IPv6:
2a01:4c01::/32
Signature Algorithm: sha256WithRSAEncryption
04:de:9c:cd:85:3e:4b:50:7c:40:59:ee:40:a3:a9:23:68:f4:
f0:2e:79:ee:cc:92:66:02:73:24:cf:98:0f:60:ff:25:69:b4:
cc:57:95:ed:1e:7b:78:4b:7e:71:4c:11:18:13:46:a9:86:5c:
45:9d:37:bc:1d:15:0a:56:5e:56:06:27:29:94:e7:01:d4:ee:
2f:97:02:78:a7:d1:54:f0:fe:0c:c3:f1:09:4d:af:c1:0a:95:
53:60:00:65:73:3e:20:cf:5c:43:c8:37:47:e8:99:15:3b:ec:
89:4a:67:cb:fe:e3:9c:3c:be:6f:6e:7a:df:91:24:e8:3f:98:
1e:8b:53:a8:86:fd:ac:83:dd:ca:dc:ab:bf:86:71:d6:34:3f:
2e:fa:1d:a2:d1:1f:11:a9:24:00:35:2f:02:1a:13:4a:01:2e:
d8:a7:88:ee:3e:36:27:8f:d7:e7:ca:11:36:fb:5a:8c:c1:01:
ad:7f:78:1e:ec:3e:2f:25:7f:25:66:59:06:8b:1c:41:c6:27:
86:57:e7:8e:2c:d0:d0:b0:4d:1b:fb:09:85:88:06:2d:c1:2b:
ed:93:78:6a:8f:99:b6:a0:5e:1a:9b:c5:04:f7:94:93:fe:3c:
bb:87:c9:d5:45:86:ba:86:5f:f8:ac:01:a6:f2:d4:68:a2:d1:
7c:06:c2:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwFQ2BlZi8R/2r+DhJD5tVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NzJkYTBmOWM2YzU2ODZhM2RiOWVlMTI0YTk5MDQyYjBh
ODgyZDEwHhcNMjMwMTAyMDEyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjdkNjY2ZjZlYWJjMmUwNDZiYzNiNDk1YmQ5ZmU5NDdiOTg4OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pgzLegb144VhC7nkESxyKVCBuej
di9eBm/xM1PPq/wc9+7iw1GwLNXCZiHknNhhMelxpeA5WiMYYt4iwTReWBYgqOkX
SCPLLhCpMbfLkPPpWXfdmaTJ5k/RtVgiuYtVvA33IudWV76VgyhbWHVnUcMZFp8Q
n3pYAurF8Zc265Jxm8P9b+rueIQW2ViFD6yvf2L+BT3G9I7YsS9Z9/hfET1H2aDJ
4rX62eonyZJb7RTSn5W/0POC09NcXWyc+JuTBj50TBVmfzb2iH8HVUSLLyKK8EZ5
h517PjkZoPf9gF2cmzwpaeiS2dM4rTjYG7JjD4H2cTbMIcljIL0D0fTwhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIJ9Zm9uq8LgRrw7SVvZ/pR7mInGMB8GA1UdIwQY
MBaAFLhy2g+cbFaGo9ue4SSpkEKwqILRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUhMYUQ1eHNWb2FqMjU3aEpLbVFRckNvZ3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yNzE2ZWMtNTY1Ny00ZjU2LThmNDMt
ZTIzMTAzYTg4MDUyLzEvZ24xbWIyNnJ3dUJHdkR0Slc5bi1sSHVZaWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yNzE2ZWMtNTY1Ny00ZjU2LThmNDMtZTIzMTAzYTg4MDUy
LzEvdUhMYUQ1eHNWb2FqMjU3aEpLbVFRckNvZ3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWZEAwQC
1ZwcMA0EAgACMAcDBQAqAUwBMA0GCSqGSIb3DQEBCwUAA4IBAQAE3pzNhT5LUHxA
We5Ao6kjaPTwLnnuzJJmAnMkz5gPYP8labTMV5XtHnt4S35xTBEYE0aphlxFnTe8
HRUKVl5WBicplOcB1O4vlwJ4p9FU8P4Mw/EJTa/BCpVTYABlcz4gz1xDyDdH6JkV
O+yJSmfL/uOcPL5vbnrfkSToP5gei1Oohv2sg93K3Ku/hnHWND8u+h2i0R8RqSQA
NS8CGhNKAS7Yp4juPjYnj9fnyhE2+1qMwQGtf3ge7D4vJX8lZlkGixxBxieGV+eO
LNDQsE0b+wmFiAYtwSvtk3hqj5m2oF4am8UE95ST/jy7h8nVRYa6hl/4rAGm8tRo
otF8BsIJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:13 2024 by rpki-client on console-fra.rpki-client.org