Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/GbaX2K6FCWWgfAG40RtpR1t33fU.roa
File: GbaX2K6FCWWgfAG40RtpR1t33fU.roa (raw, json)
Hash identifier: ts/TOQAW2ield60CzTel2YUnqgis9XU361wZcxBgVdg=
Subject key identifier: 19:B6:97:D8:AE:85:09:65:A0:7C:01:B8:D1:1B:69:47:5B:77:DD:F5
Certificate issuer: /CN=9116dcbf78c62d51da9076a0d06adad36ee3b755
Certificate serial: 01856DDD586BEC0554389E014996CC022927
Authority key identifier: 91:16:DC:BF:78:C6:2D:51:DA:90:76:A0:D0:6A:DA:D3:6E:E3:B7:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRbcv3jGLVHakHag0Gra027jt1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/GbaX2K6FCWWgfAG40RtpR1t33fU.roa
Signing time: Sun 01 Jan 2023 15:05:00 +0000
ROA not before: Sun 01 Jan 2023 15:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43272
IP address blocks: 185.177.29.0/24 maxlen: 24
185.177.28.0/22 maxlen: 22
185.177.28.0/24 maxlen: 24
185.177.31.0/24 maxlen: 24
185.177.30.0/24 maxlen: 24
77.247.249.0/24 maxlen: 24
77.247.248.0/21 maxlen: 21
77.247.248.0/24 maxlen: 24
77.247.251.0/24 maxlen: 24
77.247.250.0/24 maxlen: 24
77.247.252.0/24 maxlen: 24
77.247.253.0/24 maxlen: 24
77.247.255.0/24 maxlen: 24
77.247.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:58:6b:ec:05:54:38:9e:01:49:96:cc:02:29:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9116dcbf78c62d51da9076a0d06adad36ee3b755
Validity
Not Before: Jan 1 15:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19b697d8ae850965a07c01b8d11b69475b77ddf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:18:47:9b:c0:55:18:5d:9b:be:86:d8:fa:73:
b4:61:ca:90:63:cb:ee:a9:27:ac:8c:5d:e1:c2:8d:
c0:d3:b6:29:17:b5:3d:c4:31:4e:9d:bc:e0:76:b3:
13:3c:ef:61:1f:71:58:ab:4b:35:00:06:e9:97:de:
0b:e8:e6:a7:a0:56:66:98:99:cd:8e:11:63:18:f9:
f0:35:36:0a:d3:93:f8:25:fc:1c:ae:20:77:9c:96:
2f:c3:16:4f:3a:6e:39:52:42:04:e5:ce:d7:c3:c1:
b8:a5:a9:fc:7e:47:5c:45:ba:06:32:34:3a:73:c8:
fb:88:e1:e6:8d:e5:12:3b:16:a4:f3:f1:19:ea:cf:
fc:a6:07:d8:47:98:c1:31:a4:23:11:30:bd:e5:cd:
c7:6d:8f:f2:42:73:7c:5a:fb:10:29:ab:d7:d5:dd:
3e:96:87:d3:0a:97:39:d2:9b:73:ea:c9:88:4c:d8:
f1:4d:a2:15:a9:4a:8a:06:f4:99:84:e2:b9:dd:e4:
1a:a7:2d:0e:63:8c:31:32:c0:59:d1:f1:a6:22:e7:
bf:68:3e:2d:e2:e7:ea:86:fa:ef:82:12:aa:8c:7b:
f6:73:28:ab:31:ac:5d:54:d0:83:68:12:a8:60:a2:
ac:91:b2:33:f8:7e:24:37:e9:68:d5:02:72:54:a9:
b5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B6:97:D8:AE:85:09:65:A0:7C:01:B8:D1:1B:69:47:5B:77:DD:F5
X509v3 Authority Key Identifier:
keyid:91:16:DC:BF:78:C6:2D:51:DA:90:76:A0:D0:6A:DA:D3:6E:E3:B7:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRbcv3jGLVHakHag0Gra027jt1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/GbaX2K6FCWWgfAG40RtpR1t33fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/kRbcv3jGLVHakHag0Gra027jt1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.248.0/21
185.177.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:7c:46:93:70:d3:31:e9:3a:da:3e:5c:16:c3:5e:8b:f3:f3:
86:c7:f3:fd:ea:d1:39:b5:47:c0:4c:dd:16:47:24:11:46:39:
b5:70:3b:a2:e9:b1:34:ab:e9:81:57:1e:80:15:63:b9:73:07:
3d:24:2e:80:49:55:6f:36:43:fe:a5:e0:3f:0d:9f:3d:b8:22:
9c:22:40:2a:28:92:be:ec:fe:75:c6:fc:88:63:d2:86:2a:f3:
31:2f:7f:0c:6a:76:bb:16:aa:75:d3:19:02:9d:d2:9e:b8:29:
aa:8d:70:47:93:ad:79:9f:5c:6b:ad:6a:0b:d4:8a:95:ea:48:
ea:51:bf:d5:57:d2:83:37:9e:bc:0d:55:c7:19:a2:0e:09:b3:
de:56:ff:72:27:90:a7:1c:fa:c1:64:67:7e:58:bb:c2:47:2d:
fb:9d:6a:09:57:12:1f:21:aa:35:8b:31:66:f5:28:70:34:4e:
3e:f9:92:ff:a7:da:64:e7:ee:d6:d2:c2:86:3b:54:f2:31:11:
3b:bf:ab:cb:6f:86:8f:03:e2:71:fa:5e:a4:e8:17:d8:a2:23:
19:3c:cc:c1:f5:ad:ef:1d:94:d0:b5:68:b1:5b:bb:35:93:ac:
46:ab:af:de:03:33:21:e9:80:68:1e:d8:19:37:46:f5:ef:4b:
c1:2b:8e:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt3Vhr7AVUOJ4BSZbMAiknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTZkY2JmNzhjNjJkNTFkYTkwNzZhMGQwNmFkYWQzNmVl
M2I3NTUwHhcNMjMwMTAxMTUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI2OTdkOGFlODUwOTY1YTA3YzAxYjhkMTFiNjk0NzViNzdkZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRhHm8BVGF2bvobY+nO0YcqQY8vu
qSesjF3hwo3A07YpF7U9xDFOnbzgdrMTPO9hH3FYq0s1AAbpl94L6OanoFZmmJnN
jhFjGPnwNTYK05P4JfwcriB3nJYvwxZPOm45UkIE5c7Xw8G4pan8fkdcRboGMjQ6
c8j7iOHmjeUSOxak8/EZ6s/8pgfYR5jBMaQjETC95c3HbY/yQnN8WvsQKavX1d0+
lofTCpc50ptz6smITNjxTaIVqUqKBvSZhOK53eQapy0OY4wxMsBZ0fGmIue/aD4t
4ufqhvrvghKqjHv2cyirMaxdVNCDaBKoYKKskbIz+H4kN+lo1QJyVKm1cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBm2l9iuhQlloHwBuNEbaUdbd931MB8GA1UdIwQY
MBaAFJEW3L94xi1R2pB2oNBq2tNu47dVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JiY3YzakdMVkhha0hhZzBHcmEwMjdqdDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xMmY1ZDEtZTc2MC00MTAxLWFmMjUt
N2ZjNDlkYTUzZDEzLzEvR2JhWDJLNkZDV1dnZkFHNDBSdHBSMXQzM2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xMmY1ZDEtZTc2MC00MTAxLWFmMjUtN2ZjNDlkYTUzZDEz
LzEva1JiY3YzakdMVkhha0hhZzBHcmEwMjdqdDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTff4AwQC
ubEcMA0GCSqGSIb3DQEBCwUAA4IBAQCffEaTcNMx6TraPlwWw16L8/OGx/P96tE5
tUfATN0WRyQRRjm1cDui6bE0q+mBVx6AFWO5cwc9JC6ASVVvNkP+peA/DZ89uCKc
IkAqKJK+7P51xvyIY9KGKvMxL38Mana7Fqp10xkCndKeuCmqjXBHk615n1xrrWoL
1IqV6kjqUb/VV9KDN568DVXHGaIOCbPeVv9yJ5CnHPrBZGd+WLvCRy37nWoJVxIf
Iao1izFm9ShwNE4++ZL/p9pk5+7W0sKGO1TyMRE7v6vLb4aPA+Jx+l6k6BfYoiMZ
PMzB9a3vHZTQtWixW7s1k6xGq6/eAzMh6YBoHtgZN0b170vBK44r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:46 2024 by rpki-client on console-fra.rpki-client.org