Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/gncjYovUARgq7enugeDa13K_eEI.roa
File: gncjYovUARgq7enugeDa13K_eEI.roa (raw, json)
Hash identifier: RXzRLX1K7G7Yd29ek6yu+wrVp0L3xLwvpw5wrlaeErM=
Subject key identifier: 82:77:23:62:8B:D4:01:18:2A:ED:E9:EE:81:E0:DA:D7:72:BF:78:42
Certificate issuer: /CN=576b57aed853f89da2a5b23df17f9217eefa61b6
Certificate serial: 01856BDC99CE375FA874B3D0BE04DA280137
Authority key identifier: 57:6B:57:AE:D8:53:F8:9D:A2:A5:B2:3D:F1:7F:92:17:EE:FA:61:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V2tXrthT-J2ipbI98X-SF-76YbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/gncjYovUARgq7enugeDa13K_eEI.roa
Signing time: Sun 01 Jan 2023 05:44:57 +0000
ROA not before: Sun 01 Jan 2023 05:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51053
IP address blocks: 185.208.160.0/22 maxlen: 24
193.104.3.0/24 maxlen: 24
141.101.40.0/21 maxlen: 24
2a01:4f80::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:99:ce:37:5f:a8:74:b3:d0:be:04:da:28:01:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576b57aed853f89da2a5b23df17f9217eefa61b6
Validity
Not Before: Jan 1 05:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=827723628bd401182aede9ee81e0dad772bf7842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f0:2f:10:78:73:01:31:fe:c8:6c:09:1d:a0:
3a:5f:d9:68:b4:db:f5:63:f2:3f:97:7e:06:20:15:
a5:c0:0c:07:41:e3:5d:2e:df:77:20:68:a5:35:09:
f9:ba:69:3b:41:dd:29:9b:f2:7c:bd:f6:7b:3f:ad:
35:29:33:d6:32:ff:fc:2e:8a:bf:69:e1:9a:29:86:
e4:48:8f:a5:0a:7e:58:cf:55:34:68:d8:51:ea:50:
c2:33:cc:87:94:ca:92:19:fa:7d:b7:2d:1a:e8:2b:
e0:4e:f2:f8:aa:09:1d:fc:bd:0c:82:2d:56:02:a4:
49:f5:fd:32:de:27:70:fb:33:c0:ea:92:c2:73:8c:
9e:a9:ea:cf:00:cb:50:e7:d7:3d:ca:13:4f:fa:e4:
85:06:59:83:53:12:08:26:65:04:6d:46:87:81:eb:
d0:60:0c:85:aa:41:6c:84:a1:f5:60:0a:01:65:99:
90:e0:e3:f5:41:51:c9:ab:ec:64:57:de:57:ed:32:
b3:99:10:20:3f:67:45:e7:b4:a0:ab:a9:7f:50:99:
97:c1:84:d5:3c:d6:f4:91:6b:13:02:04:29:01:69:
e6:b9:61:f2:48:cc:59:b6:a0:8d:ea:af:93:60:ca:
46:0c:e1:be:0a:f9:dc:cb:00:3c:85:1e:93:1a:6d:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:77:23:62:8B:D4:01:18:2A:ED:E9:EE:81:E0:DA:D7:72:BF:78:42
X509v3 Authority Key Identifier:
keyid:57:6B:57:AE:D8:53:F8:9D:A2:A5:B2:3D:F1:7F:92:17:EE:FA:61:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2tXrthT-J2ipbI98X-SF-76YbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/gncjYovUARgq7enugeDa13K_eEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/V2tXrthT-J2ipbI98X-SF-76YbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.40.0/21
185.208.160.0/22
193.104.3.0/24
IPv6:
2a01:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
6d:5b:1c:89:72:38:33:06:69:03:f5:6d:5a:01:85:95:e3:72:
b8:f4:c7:7c:1e:8f:1b:f1:91:cb:ba:5d:c7:8f:06:6f:f5:5f:
a5:68:06:4a:fe:d0:a2:95:ca:d3:25:50:de:8b:c4:f1:6d:76:
d6:76:ea:0b:64:65:f4:e6:ea:08:26:7a:1f:cd:5b:85:68:cb:
ae:46:93:c4:87:42:5e:00:c9:8a:5c:2b:bd:3d:02:87:4f:e7:
78:7b:87:0b:84:50:65:a3:53:3f:20:5b:6d:1e:43:02:c1:59:
1c:60:2f:ae:6e:ef:d7:2e:4a:cc:e2:c6:eb:ef:39:64:a8:66:
cf:c4:f9:dc:8e:f2:7c:21:8c:c8:af:8f:32:7f:78:fa:dc:00:
3e:23:86:3f:ff:1c:c2:44:c5:dc:32:5d:2c:87:22:83:ca:05:
f8:4f:d9:75:ee:99:b2:0e:c0:4c:1e:c7:87:bf:68:26:39:6a:
87:04:65:0c:e9:52:e3:f3:64:0b:e4:2c:45:a2:97:52:e3:93:
1c:72:35:c6:68:b7:cf:7b:f7:60:78:08:82:ea:67:13:79:85:
34:a4:54:39:ac:a9:7c:07:c3:71:b5:37:ef:bf:e7:f4:b4:f2:
c6:2a:6d:ab:9b:9b:94:d9:f1:1e:40:9e:c2:07:1d:06:4c:11:
94:72:3c:b2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVr3JnON1+odLPQvgTaKAE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmI1N2FlZDg1M2Y4OWRhMmE1YjIzZGYxN2Y5MjE3ZWVm
YTYxYjYwHhcNMjMwMTAxMDU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc3MjM2MjhiZDQwMTE4MmFlZGU5ZWU4MWUwZGFkNzcyYmY3ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovAvEHhzATH+yGwJHaA6X9lotNv1
Y/I/l34GIBWlwAwHQeNdLt93IGilNQn5umk7Qd0pm/J8vfZ7P601KTPWMv/8Loq/
aeGaKYbkSI+lCn5Yz1U0aNhR6lDCM8yHlMqSGfp9ty0a6CvgTvL4qgkd/L0Mgi1W
AqRJ9f0y3idw+zPA6pLCc4yeqerPAMtQ59c9yhNP+uSFBlmDUxIIJmUEbUaHgevQ
YAyFqkFshKH1YAoBZZmQ4OP1QVHJq+xkV95X7TKzmRAgP2dF57Sgq6l/UJmXwYTV
PNb0kWsTAgQpAWnmuWHySMxZtqCN6q+TYMpGDOG+CvncywA8hR6TGm2kcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIJ3I2KL1AEYKu3p7oHg2tdyv3hCMB8GA1UdIwQY
MBaAFFdrV67YU/idoqWyPfF/khfu+mG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjJ0WHJ0aFQtSjJpcGJJOThYLVNGLTc2WWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80NmY1MDEtNzc0NS00OWRhLWIxZDgt
MDczMDllNzk2Yzc4LzEvZ25jallvdlVBUmdxN2VudWdlRGExM0tfZUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80NmY1MDEtNzc0NS00OWRhLWIxZDgtMDczMDllNzk2Yzc4
LzEvVjJ0WHJ0aFQtSjJpcGJJOThYLVNGLTc2WWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDjWUoAwQC
udCgAwQAwWgDMA0EAgACMAcDBQMqAU+AMA0GCSqGSIb3DQEBCwUAA4IBAQBtWxyJ
cjgzBmkD9W1aAYWV43K49Md8Ho8b8ZHLul3HjwZv9V+laAZK/tCilcrTJVDei8Tx
bXbWduoLZGX05uoIJnofzVuFaMuuRpPEh0JeAMmKXCu9PQKHT+d4e4cLhFBlo1M/
IFttHkMCwVkcYC+ubu/XLkrM4sbr7zlkqGbPxPncjvJ8IYzIr48yf3j63AA+I4Y/
/xzCRMXcMl0shyKDygX4T9l17pmyDsBMHseHv2gmOWqHBGUM6VLj82QL5CxFopdS
45MccjXGaLfPe/dgeAiC6mcTeYU0pFQ5rKl8B8NxtTfvv+f0tPLGKm2rm5uU2fEe
QJ7CBx0GTBGUcjyy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:29 2024 by rpki-client on console-fra.rpki-client.org