Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/GH6owbK83N573IVPaUvLTNnZ-AE.roa
File: GH6owbK83N573IVPaUvLTNnZ-AE.roa (raw, json)
Hash identifier: DV6GZWLinnGg/mMVIOsXUud2wM9REikLERIufZnZjsE=
Subject key identifier: 18:7E:A8:C1:B2:BC:DC:DE:7B:DC:85:4F:69:4B:CB:4C:D9:D9:F8:01
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0189D6D129EFD02C0A91D998DFCA08853086
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/GH6owbK83N573IVPaUvLTNnZ-AE.roa
Signing time: Tue 08 Aug 2023 20:22:59 +0000
ROA not before: Tue 08 Aug 2023 20:22:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.56.0/24 maxlen: 24
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.115.204.0/24 maxlen: 24
85.115.207.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.66.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.75.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.74.0/24 maxlen: 24
85.153.83.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.104.0/22 maxlen: 22
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:d1:29:ef:d0:2c:0a:91:d9:98:df:ca:08:85:30:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Aug 8 20:22:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=187ea8c1b2bcdcde7bdc854f694bcb4cd9d9f801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:90:89:cf:2e:2c:87:e3:ca:28:9d:4b:22:14:
28:41:0a:6e:2e:dc:77:bc:52:76:1c:95:b3:79:f1:
92:e3:e9:be:3e:40:16:48:d6:d7:5b:34:d2:4f:20:
bf:26:c2:f6:a3:8b:ab:b0:1b:3c:04:1e:55:5b:01:
28:7a:51:18:02:ba:17:53:14:26:49:b4:a6:2c:ce:
0a:a1:fd:56:dd:32:f2:91:88:c4:72:2e:7f:13:e6:
ca:87:52:c2:5c:d5:87:2f:be:2f:0b:4d:e9:ab:67:
42:5f:28:7e:d3:6f:cc:59:3c:f4:4a:49:ff:34:06:
53:b0:95:82:2d:ea:ad:76:02:52:6a:08:ec:b8:96:
c4:25:43:45:4e:4b:c3:53:c0:78:6d:bd:71:75:a4:
d2:ca:b7:a9:88:08:cb:e9:bc:40:7f:fa:5e:81:be:
ac:1f:e6:ce:ca:20:33:b7:16:2f:2f:22:2b:d8:f4:
02:79:4b:87:76:ba:1d:06:a5:ec:dd:a6:9f:d4:46:
81:5e:cf:3f:4a:9b:52:44:56:13:37:bd:ca:6f:54:
59:3a:6b:9d:1b:ae:97:d7:73:20:10:6f:67:da:e7:
8d:94:73:44:61:20:bf:6f:3a:53:75:62:3d:2b:27:
f8:9c:8e:ed:ff:0f:91:2e:03:0f:eb:64:29:84:bf:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7E:A8:C1:B2:BC:DC:DE:7B:DC:85:4F:69:4B:CB:4C:D9:D9:F8:01
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/GH6owbK83N573IVPaUvLTNnZ-AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.115.207.0/24
85.153.6.0-85.153.8.255
85.153.41.0-85.153.42.255
85.153.52.0-85.153.56.255
85.153.59.0-85.153.63.255
85.153.65.0-85.153.75.255
85.153.80.0/20
85.153.104.0/21
85.153.113.0/24
85.153.118.0-85.153.126.255
Signature Algorithm: sha256WithRSAEncryption
4a:30:ab:92:3b:06:5c:ee:59:a1:e8:09:87:ef:de:24:6f:bc:
92:3c:39:79:f7:bb:04:6e:91:85:65:d4:86:23:41:df:ff:70:
99:05:f1:86:37:fd:95:64:a2:66:e4:51:50:c5:1a:0c:d1:3f:
44:b8:4d:f2:7b:09:99:5b:c4:8d:45:0a:34:0b:1b:8e:0d:77:
fb:73:6a:d6:f0:94:c7:7d:24:18:69:01:16:f5:a2:8d:90:12:
b6:98:e0:d5:c0:1f:47:51:c0:dd:fc:81:e4:59:8e:1f:ee:1f:
5a:32:98:69:e8:31:4d:03:a8:5f:fc:0d:0f:61:7b:4a:05:7f:
03:4e:57:d1:f6:5c:f5:df:ef:94:7d:00:5d:1d:e2:a9:c0:a7:
6a:14:0a:87:07:a4:97:c2:30:fe:81:26:0e:1d:39:36:f7:0c:
48:fa:71:b3:f0:19:d3:69:c9:18:fa:7b:20:ce:74:ed:81:7a:
6a:f0:d3:9f:f3:b4:76:2a:48:6b:4e:87:f4:ca:ea:bd:9b:d9:
e4:61:17:cf:17:76:dc:68:53:6c:87:24:29:69:18:d9:e0:07:
bc:64:72:9c:1b:93:12:1b:4c:df:e8:7d:66:74:55:3f:69:7a:
d5:9b:aa:c7:fc:d1:63:a5:0c:e5:1d:a3:84:cd:a5:72:5d:b1:
d1:2a:2d:c3
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYnW0Snv0CwKkdmY38oIhTCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwODA4MjAyMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdlYThjMWIyYmNkY2RlN2JkYzg1NGY2OTRiY2I0Y2Q5ZDlmODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJCJzy4sh+PKKJ1LIhQoQQpuLtx3
vFJ2HJWzefGS4+m+PkAWSNbXWzTSTyC/JsL2o4ursBs8BB5VWwEoelEYAroXUxQm
SbSmLM4Kof1W3TLykYjEci5/E+bKh1LCXNWHL74vC03pq2dCXyh+02/MWTz0Skn/
NAZTsJWCLeqtdgJSagjsuJbEJUNFTkvDU8B4bb1xdaTSyrepiAjL6bxAf/pegb6s
H+bOyiAztxYvLyIr2PQCeUuHdrodBqXs3aaf1EaBXs8/SptSRFYTN73Kb1RZOmud
G66X13MgEG9n2ueNlHNEYSC/bzpTdWI9Kyf4nI7t/w+RLgMP62QphL9FvQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBh+qMGyvNzee9yFT2lLy0zZ2fgBMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvR0g2b3diSzgzTjU3M0lWUGFVdkxUTm5aLUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFVzzAME
AFVzzzAMAwQBVZkGAwQAVZkIMAwDBABVmSkDBABVmSowDAMEAlWZNAMEAFWZODAM
AwQAVZk7AwQGVZkAMAwDBABVmUEDBAJVmUgDBARVmVADBANVmWgDBABVmXEwDAME
AVWZdgMEAFWZfjANBgkqhkiG9w0BAQsFAAOCAQEASjCrkjsGXO5ZoegJh+/eJG+8
kjw5efe7BG6RhWXUhiNB3/9wmQXxhjf9lWSiZuRRUMUaDNE/RLhN8nsJmVvEjUUK
NAsbjg13+3Nq1vCUx30kGGkBFvWijZAStpjg1cAfR1HA3fyB5FmOH+4fWjKYaegx
TQOoX/wND2F7SgV/A05X0fZc9d/vlH0AXR3iqcCnahQKhwekl8Iw/oEmDh05NvcM
SPpxs/AZ02nJGPp7IM507YF6avDTn/O0dipIa06H9MrqvZvZ5GEXzxd23GhTbIck
KWkY2eAHvGRynBuTEhtM3+h9ZnRVP2l61Zuqx/zRY6UM5R2jhM2lcl2x0Sotww==
-----END CERTIFICATE-----
Generated at Tue Aug 8 21:28:53 2023 by rpki-client on console-fra.rpki-client.org