Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/gsOIfTsIaBUSIZHR0s0k1ZClBLU.roa
File: gsOIfTsIaBUSIZHR0s0k1ZClBLU.roa (raw, json)
Hash identifier: BWT3UwXu61tl8OiM877vKhR++fRwlv7aMyVNCyGL0lA=
Subject key identifier: 82:C3:88:7D:3B:08:68:15:12:21:91:D1:D2:CD:24:D5:90:A5:04:B5
Certificate issuer: /CN=a34f365e78064b58c44d48cfb39291d3fb1d9e10
Certificate serial: 0185710BF4E1658FEAFBD5823A732965FDD1
Authority key identifier: A3:4F:36:5E:78:06:4B:58:C4:4D:48:CF:B3:92:91:D3:FB:1D:9E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/gsOIfTsIaBUSIZHR0s0k1ZClBLU.roa
Signing time: Mon 02 Jan 2023 05:54:47 +0000
ROA not before: Mon 02 Jan 2023 05:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20694
IP address blocks: 185.166.200.0/22 maxlen: 22
217.114.64.0/20 maxlen: 20
188.94.24.0/21 maxlen: 21
2a01:688::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:f4:e1:65:8f:ea:fb:d5:82:3a:73:29:65:fd:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a34f365e78064b58c44d48cfb39291d3fb1d9e10
Validity
Not Before: Jan 2 05:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82c3887d3b086815122191d1d2cd24d590a504b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:41:1f:db:d7:fa:d9:0d:a0:22:23:23:0b:ca:
23:6e:0f:39:83:6d:3e:c9:11:09:6c:c1:1d:c6:01:
b5:2a:33:70:f9:8e:30:62:57:db:84:eb:78:ed:f3:
da:81:29:d5:bd:41:73:07:4e:d0:14:33:ae:d3:d8:
95:ac:e2:d5:77:7f:84:b5:4b:a4:12:c6:18:ec:95:
4f:b5:b5:25:b1:9e:a3:4d:91:fb:f7:a0:2c:8e:ed:
79:9e:3e:6e:29:f4:40:88:2f:5a:49:1b:2c:47:40:
64:ab:75:ab:76:8e:90:08:94:07:a1:1f:67:65:14:
a8:a1:1f:35:bf:95:d6:d2:b7:0a:73:ea:90:ce:57:
ac:b8:28:43:8c:4c:c2:b8:9f:03:ec:9c:45:2b:a0:
fd:0d:90:8f:a2:2c:0f:db:ca:02:0c:68:2e:73:64:
81:12:6d:94:b6:f1:8e:86:a8:d3:fc:9e:9c:b8:78:
5e:79:db:b3:37:b6:30:e2:39:8f:d3:8a:7a:ca:95:
c1:1e:ce:c3:3c:e1:bd:9f:51:9e:3a:c8:a1:ad:a7:
e5:71:5a:c1:45:3a:0a:09:ea:8b:24:2a:ea:12:22:
e9:44:e9:bc:e7:64:d2:d6:7e:d3:ea:1d:d8:8f:0e:
61:ef:43:62:db:ca:50:b4:c7:bc:f2:73:2a:0e:f2:
9a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C3:88:7D:3B:08:68:15:12:21:91:D1:D2:CD:24:D5:90:A5:04:B5
X509v3 Authority Key Identifier:
keyid:A3:4F:36:5E:78:06:4B:58:C4:4D:48:CF:B3:92:91:D3:FB:1D:9E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/gsOIfTsIaBUSIZHR0s0k1ZClBLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/o082XngGS1jETUjPs5KR0_sdnhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.200.0/22
188.94.24.0/21
217.114.64.0/20
IPv6:
2a01:688::/32
Signature Algorithm: sha256WithRSAEncryption
6c:5b:72:db:63:e2:7b:0a:49:d8:2b:de:36:6e:b9:ff:15:28:
60:67:44:51:ab:5e:24:7c:cd:58:d2:cb:e6:4e:cf:d5:f5:09:
f7:b1:0f:e4:cc:cf:df:8a:a7:b7:37:b9:2f:c8:f1:e4:cb:3a:
33:79:c6:58:1a:96:be:24:0d:c6:aa:fa:84:da:4d:e6:7a:3c:
d5:1f:1b:41:9d:61:64:71:aa:33:81:63:b2:7b:03:9f:cd:b4:
3a:9b:26:9c:11:51:a9:b5:fb:83:b6:25:30:ae:7a:c7:53:3c:
ae:61:c8:70:b1:04:75:0a:d0:52:27:3a:33:74:24:ba:7e:d2:
89:1e:39:a8:17:12:22:af:76:94:2e:13:7b:98:54:9d:fc:76:
8a:b2:8c:43:26:cb:39:9d:ba:f5:f7:da:6e:c4:98:31:2d:0d:
b0:98:da:ef:3f:ad:73:36:66:34:88:ae:3c:71:90:af:41:22:
d8:aa:8d:7e:15:60:87:42:54:4d:ee:10:79:d3:4a:9c:ce:a4:
4b:0e:a9:f6:72:d2:18:fb:13:8c:3d:63:f0:5d:67:6b:1c:c0:
ba:14:8f:dc:82:1c:65:45:42:46:2d:82:b5:97:ae:8c:ed:8b:
ee:f7:c7:3b:35:f0:14:a6:6a:b8:12:52:3f:4e:de:c8:67:a6:
74:18:40:34
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxC/ThZY/q+9WCOnMpZf3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNGYzNjVlNzgwNjRiNThjNDRkNDhjZmIzOTI5MWQzZmIx
ZDllMTAwHhcNMjMwMTAyMDU1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmMzODg3ZDNiMDg2ODE1MTIyMTkxZDFkMmNkMjRkNTkwYTUwNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+EEf29f62Q2gIiMjC8ojbg85g20+
yREJbMEdxgG1KjNw+Y4wYlfbhOt47fPagSnVvUFzB07QFDOu09iVrOLVd3+EtUuk
EsYY7JVPtbUlsZ6jTZH796Asju15nj5uKfRAiC9aSRssR0Bkq3Wrdo6QCJQHoR9n
ZRSooR81v5XW0rcKc+qQzlesuChDjEzCuJ8D7JxFK6D9DZCPoiwP28oCDGguc2SB
Em2UtvGOhqjT/J6cuHheeduzN7Yw4jmP04p6ypXBHs7DPOG9n1GeOsihraflcVrB
RToKCeqLJCrqEiLpROm852TS1n7T6h3Yjw5h70Ni28pQtMe88nMqDvKawQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFILDiH07CGgVEiGR0dLNJNWQpQS1MB8GA1UdIwQY
MBaAFKNPNl54BktYxE1Iz7OSkdP7HZ4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzA4MlhuZ0dTMWpFVFVqUHM1S1IwX3NkbmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZWU3YzUtMTI2NC00N2U5LThhMTIt
MDQxYjc4YWRhMjE1LzEvZ3NPSWZUc0lhQlVTSVpIUjBzMGsxWkNsQkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZWU3YzUtMTI2NC00N2U5LThhMTItMDQxYjc4YWRhMjE1
LzEvbzA4MlhuZ0dTMWpFVFVqUHM1S1IwX3NkbmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuabIAwQD
vF4YAwQE2XJAMA0EAgACMAcDBQAqAQaIMA0GCSqGSIb3DQEBCwUAA4IBAQBsW3Lb
Y+J7CknYK942brn/FShgZ0RRq14kfM1Y0svmTs/V9Qn3sQ/kzM/fiqe3N7kvyPHk
yzozecZYGpa+JA3GqvqE2k3mejzVHxtBnWFkcaozgWOyewOfzbQ6myacEVGptfuD
tiUwrnrHUzyuYchwsQR1CtBSJzozdCS6ftKJHjmoFxIir3aULhN7mFSd/HaKsoxD
Jss5nbr199puxJgxLQ2wmNrvP61zNmY0iK48cZCvQSLYqo1+FWCHQlRN7hB500qc
zqRLDqn2ctIY+xOMPWPwXWdrHMC6FI/cghxlRUJGLYK1l66M7Yvu98c7NfAUpmq4
ElI/Tt7IZ6Z0GEA0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:21 2024 by rpki-client on console-fra.rpki-client.org