Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/GzySMcERMKKXhtB1bo5YT_DY7WM.roa
File: GzySMcERMKKXhtB1bo5YT_DY7WM.roa (raw, json)
Hash identifier: nbd3PJCE2o8a48TSwZNiy2coBRSTlg7BSQaKTGCd6PE=
Subject key identifier: 1B:3C:92:31:C1:11:30:A2:97:86:D0:75:6E:8E:58:4F:F0:D8:ED:63
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A284EBE016F84C8E7EE4D639FFD33
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/GzySMcERMKKXhtB1bo5YT_DY7WM.roa
Signing time: Sun 01 Jan 2023 03:05:00 +0000
ROA not before: Sun 01 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48219
IP address blocks: 37.230.143.0/24 maxlen: 24
185.2.35.0/24 maxlen: 24
141.101.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:28:4e:be:01:6f:84:c8:e7:ee:4d:63:9f:fd:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b3c9231c11130a29786d0756e8e584ff0d8ed63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:87:26:9f:46:16:1a:6c:64:03:3e:43:f2:5c:
26:8d:3c:35:1e:05:fa:84:86:f5:9e:6e:2c:ce:53:
ba:b5:75:e7:16:4b:1e:e6:e0:46:55:d3:90:ac:a9:
47:6f:df:c6:f1:bd:c7:e7:b1:57:1c:60:16:fb:37:
6e:34:4a:ea:36:6e:62:41:0c:3c:e9:0d:bd:3e:83:
fd:2a:5e:dd:f6:70:4a:03:14:49:d8:9e:09:cd:8d:
51:a0:7d:ae:0b:61:16:a0:5f:1f:fa:c9:b9:d6:fe:
93:9b:74:d2:71:7c:05:4c:5e:16:8c:53:3e:95:dd:
18:06:4c:04:26:97:16:6b:cd:dd:60:3f:e5:dc:d6:
51:88:ad:1e:4e:d4:45:b1:a0:a2:78:aa:18:eb:e8:
37:d7:35:ac:ea:a8:df:4b:20:64:3d:7f:fa:ff:23:
3c:02:e6:90:e7:e9:08:6d:15:ba:a9:eb:88:74:65:
cb:97:c9:77:c7:9e:e7:ce:0d:7d:7f:2e:34:0d:b1:
9e:ef:ab:a6:04:b2:a0:82:50:57:43:61:36:b4:47:
41:29:53:ec:4b:e1:6f:f4:03:25:10:10:0b:89:7a:
11:7c:1c:23:33:f6:34:96:27:06:b8:f3:88:30:44:
50:a6:29:d0:f4:f4:9e:d6:7f:42:56:8d:91:e1:4c:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3C:92:31:C1:11:30:A2:97:86:D0:75:6E:8E:58:4F:F0:D8:ED:63
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/GzySMcERMKKXhtB1bo5YT_DY7WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.143.0/24
141.101.246.0/24
185.2.35.0/24
Signature Algorithm: sha256WithRSAEncryption
61:5e:4b:df:36:c9:42:13:29:13:b2:2a:e7:17:fa:a2:f5:91:
b0:06:7d:b3:3a:3f:05:90:42:65:3f:7c:9a:15:56:22:39:ac:
16:ea:8d:f7:e5:13:bd:c6:a1:93:55:cb:3d:85:3a:ca:6f:42:
26:35:55:b0:83:c9:6a:5c:44:51:82:80:7e:59:af:b2:94:77:
00:eb:b7:e0:15:06:e2:81:44:50:02:30:67:26:7f:36:98:1d:
98:fb:6b:66:17:54:36:ea:31:8c:e9:ff:ff:70:aa:cf:93:05:
a9:0a:ca:53:f7:98:c7:55:96:70:ef:54:de:16:67:87:55:de:
04:6f:01:2e:97:98:ef:a8:88:02:b0:95:df:34:6f:10:8d:46:
b5:c7:af:7a:60:3c:05:04:0a:83:13:8f:d8:ad:b9:42:9c:d3:
de:c5:b0:3f:40:5c:fe:48:f6:0b:f4:df:da:c5:7b:b6:82:d3:
d9:04:69:df:0a:0a:01:09:cd:3f:26:d7:70:ff:a0:27:1b:5d:
c1:ac:60:06:fb:c3:a6:d9:b4:87:52:84:99:ee:56:75:6b:87:
33:a3:b3:d6:a1:58:60:f5:09:a0:e6:46:2d:09:00:e3:de:ba:
f4:f2:b0:d6:9f:56:b2:17:87:1e:eb:8c:72:b7:62:0a:31:a8:
e9:84:ed:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrSihOvgFvhMjn7k1jn/0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNjOTIzMWMxMTEzMGEyOTc4NmQwNzU2ZThlNTg0ZmYwZDhlZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYcmn0YWGmxkAz5D8lwmjTw1HgX6
hIb1nm4szlO6tXXnFkse5uBGVdOQrKlHb9/G8b3H57FXHGAW+zduNErqNm5iQQw8
6Q29PoP9Kl7d9nBKAxRJ2J4JzY1RoH2uC2EWoF8f+sm51v6Tm3TScXwFTF4WjFM+
ld0YBkwEJpcWa83dYD/l3NZRiK0eTtRFsaCieKoY6+g31zWs6qjfSyBkPX/6/yM8
AuaQ5+kIbRW6qeuIdGXLl8l3x57nzg19fy40DbGe76umBLKgglBXQ2E2tEdBKVPs
S+Fv9AMlEBALiXoRfBwjM/Y0licGuPOIMERQpinQ9PSe1n9CVo2R4UygaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBs8kjHBETCil4bQdW6OWE/w2O1jMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvR3p5U01jRVJNS0tYaHRCMWJvNVlUX0RZN1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJeaPAwQA
jWX2AwQAuQIjMA0GCSqGSIb3DQEBCwUAA4IBAQBhXkvfNslCEykTsirnF/qi9ZGw
Bn2zOj8FkEJlP3yaFVYiOawW6o335RO9xqGTVcs9hTrKb0ImNVWwg8lqXERRgoB+
Wa+ylHcA67fgFQbigURQAjBnJn82mB2Y+2tmF1Q26jGM6f//cKrPkwWpCspT95jH
VZZw71TeFmeHVd4EbwEul5jvqIgCsJXfNG8QjUa1x696YDwFBAqDE4/YrblCnNPe
xbA/QFz+SPYL9N/axXu2gtPZBGnfCgoBCc0/Jtdw/6AnG13BrGAG+8Om2bSHUoSZ
7lZ1a4czo7PWoVhg9Qmg5kYtCQDj3rr08rDWn1ayF4ce64xyt2IKMajphO0J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org