Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/GCD1tKOiDDq2wxQin0VbivTN9c8.roa
File: GCD1tKOiDDq2wxQin0VbivTN9c8.roa (raw, json)
Hash identifier: DYl2Rm8uF8L1SfaWil+LwubIntsKSv/KM5gzJ7HQHek=
Subject key identifier: 18:20:F5:B4:A3:A2:0C:3A:B6:C3:14:22:9F:45:5B:8A:F4:CD:F5:CF
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0192769AD6F6B9A411A99E8027A5A808F1B9
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/GCD1tKOiDDq2wxQin0VbivTN9c8.roa
Signing time: Thu 10 Oct 2024 13:25:11 +0000
ROA not before: Thu 10 Oct 2024 13:25:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
46.102.106.0/24 maxlen: 24
62.197.45.0/24 maxlen: 24
62.197.48.0/23 maxlen: 23
176.97.79.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
213.142.146.0/23 maxlen: 23
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
2a02:c6c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 17:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:9a:d6:f6:b9:a4:11:a9:9e:80:27:a5:a8:08:f1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 10 13:25:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1820f5b4a3a20c3ab6c314229f455b8af4cdf5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:42:e0:87:af:35:df:de:08:ea:91:c9:83:
11:63:a6:cf:7e:17:53:4a:27:51:d5:0c:b0:be:f8:
f6:ef:7c:8f:17:72:26:80:be:31:3d:22:f3:86:90:
7f:df:5a:d3:3b:47:4f:86:09:94:b4:27:f4:21:9e:
79:4e:57:fa:00:ef:66:8f:1b:82:94:42:a8:4d:0e:
40:c5:a1:1b:58:87:1a:ce:fc:b1:a0:33:dd:cc:a9:
02:1a:d9:e3:be:59:4a:f4:f0:01:fd:9e:69:18:27:
cd:6c:e9:32:8a:05:d4:5c:f2:93:5a:f8:85:55:55:
46:ce:76:cf:c8:2b:f2:ac:ee:c1:ef:f4:b3:0b:e3:
ac:ab:62:85:4a:da:d4:0f:d1:d0:30:36:d7:b8:5f:
11:d3:b5:34:7e:b7:28:29:33:80:75:66:05:30:53:
a5:09:2d:1d:76:8d:61:86:2c:bc:6c:7e:08:bb:e4:
23:12:3b:5b:5d:c0:ab:09:98:58:53:e9:8e:05:ef:
db:ec:e8:5e:64:76:83:9d:ce:aa:de:ec:8b:27:53:
8a:d6:d2:34:16:e4:5e:1c:25:60:9e:fc:f9:7b:5c:
de:5f:79:5d:22:61:6d:1c:72:31:35:3c:a9:52:bd:
8b:5a:4a:66:12:25:5f:a3:a4:80:63:1c:e1:f3:e4:
c5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:20:F5:B4:A3:A2:0C:3A:B6:C3:14:22:9F:45:5B:8A:F4:CD:F5:CF
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/GCD1tKOiDDq2wxQin0VbivTN9c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
46.102.106.0/24
62.197.45.0/24
62.197.48.0/23
176.97.79.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
213.142.146.0/23
IPv6:
2a02:c6c1:2::/48
2a02:c6c1:10::/48
2a02:c6c2::/31
Signature Algorithm: sha256WithRSAEncryption
33:74:47:07:da:28:2e:f9:0c:b3:fb:50:0b:54:17:b3:3f:89:
57:56:e3:76:7f:c8:96:6d:f0:bf:e2:63:6b:58:7e:eb:b3:40:
a2:b5:66:13:47:e8:69:e2:89:1c:19:df:db:e7:ab:00:f8:3d:
7d:0c:0f:c7:24:b9:d2:29:81:90:4f:9e:b6:47:ba:97:03:e0:
37:06:6b:50:b3:6a:d3:dc:76:67:2e:f7:51:05:f4:17:96:b4:
dd:0c:e7:2c:0b:ae:3c:08:f2:60:fb:87:27:f9:0a:0a:19:df:
db:f9:8a:70:b6:54:e7:a8:95:12:30:0e:b0:73:b3:27:e2:95:
c4:0c:31:13:c7:46:6c:f4:f2:5f:a5:e8:65:a6:bf:7d:6c:83:
eb:4e:2d:01:7f:cb:20:d9:9e:6f:1d:42:36:b6:3f:c3:a6:75:
90:77:12:75:04:92:70:cd:13:ac:80:d8:c6:3f:c9:e2:a8:24:
7a:2b:11:25:5f:79:ac:c4:aa:15:91:d5:ca:00:26:26:55:de:
16:1a:5c:4a:56:7f:d3:8e:f4:dd:bd:a2:03:ef:4c:6d:12:c2:
a7:4f:12:0a:83:5e:02:d6:fa:74:2a:65:e2:64:64:c6:a9:3d:
b2:8d:e4:2f:9e:16:18:18:2c:94:bf:cf:b4:f3:12:bb:74:f4:
ca:f6:d7:42
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZJ2mtb2uaQRqZ6AJ6WoCPG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMDEwMTMyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODIwZjViNGEzYTIwYzNhYjZjMzE0MjI5ZjQ1NWI4YWY0Y2RmNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdBC4IevNd/eCOqRyYMRY6bPfhdT
SidR1Qywvvj273yPF3ImgL4xPSLzhpB/31rTO0dPhgmUtCf0IZ55Tlf6AO9mjxuC
lEKoTQ5AxaEbWIcazvyxoDPdzKkCGtnjvllK9PAB/Z5pGCfNbOkyigXUXPKTWviF
VVVGznbPyCvyrO7B7/SzC+Osq2KFStrUD9HQMDbXuF8R07U0frcoKTOAdWYFMFOl
CS0ddo1hhiy8bH4Iu+QjEjtbXcCrCZhYU+mOBe/b7OheZHaDnc6q3uyLJ1OK1tI0
FuReHCVgnvz5e1zeX3ldImFtHHIxNTypUr2LWkpmEiVfo6SAYxzh8+TFfQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFBgg9bSjogw6tsMUIp9FW4r0zfXPMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvR0NEMXRLT2lERHEyd3hRaW4wVmJpdlROOWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBhwQCAAEwgYADBAQF
LUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQAJfwD
MAwDBAAl/A0DBAQl/AADBAItiDADBAAuZmoDBAA+xS0DBAE+xTADBACwYU8DBAK5
7qgDBAC8dBUwDAMEALx0FwMEArx0GAMEAdWOkjAfBAIAAjAZAwcAKgLGwQACAwcA
KgLGwQAQAwUBKgLGwjANBgkqhkiG9w0BAQsFAAOCAQEAM3RHB9ooLvkMs/tQC1QX
sz+JV1bjdn/Ilm3wv+Jja1h+67NAorVmE0foaeKJHBnf2+erAPg9fQwPxyS50imB
kE+etke6lwPgNwZrULNq09x2Zy73UQX0F5a03QznLAuuPAjyYPuHJ/kKChnf2/mK
cLZU56iVEjAOsHOzJ+KVxAwxE8dGbPTyX6XoZaa/fWyD604tAX/LINmebx1CNrY/
w6Z1kHcSdQSScM0TrIDYxj/J4qgkeisRJV95rMSqFZHVygAmJlXeFhpcSlZ/0470
3b2iA+9MbRLCp08SCoNeAtb6dCpl4mRkxqk9so3kL54WGBgslL/PtPMSu3T0yvbX
Qg==
-----END CERTIFICATE-----
Generated at Tue Oct 29 19:20:08 2024 by rpki-client on console-fra.rpki-client.org