Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/bGYvnijlxvPCeYJ9QRrAnBLXMgI.roa
File: bGYvnijlxvPCeYJ9QRrAnBLXMgI.roa (raw, json)
Hash identifier: hEJu6ATq23xXmjAn7eK9/Fc9Pikjl5xtOSZPcf27Drk=
Subject key identifier: 6C:66:2F:9E:28:E5:C6:F3:C2:79:82:7D:41:1A:C0:9C:12:D7:32:02
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018ADC58C58DA734B55D99739BA39493F415
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/bGYvnijlxvPCeYJ9QRrAnBLXMgI.roa
Signing time: Thu 28 Sep 2023 15:11:59 +0000
ROA not before: Thu 28 Sep 2023 15:11:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61161
IP address blocks: 185.100.56.0/22 maxlen: 24
185.17.72.0/22 maxlen: 24
2a04:600::/29 maxlen: 48
2a0d:3200::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:58:c5:8d:a7:34:b5:5d:99:73:9b:a3:94:93:f4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Sep 28 15:11:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c662f9e28e5c6f3c279827d411ac09c12d73202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:29:81:39:2c:d8:47:a0:be:7d:09:e1:9b:
fb:e6:73:a6:27:fd:3d:84:4d:e3:a6:3b:12:c1:e0:
d9:c5:de:12:57:c9:56:03:37:75:c0:ac:54:b0:ba:
06:d3:58:87:26:f6:e1:29:64:87:38:be:44:c9:ec:
8f:3c:d1:b2:73:bf:69:68:cc:a4:36:90:3c:af:84:
4b:ff:cf:fa:b7:85:34:fe:5c:7c:52:e2:61:49:5d:
e4:c5:4c:64:00:f7:53:b5:0e:a2:ce:be:d0:d2:2e:
5a:1e:94:bd:bb:27:94:fd:48:2e:3c:26:33:e8:0b:
da:d4:6f:ed:07:4b:35:65:d8:a4:4b:0d:a2:d9:d8:
f0:1f:e0:68:ba:bb:4a:79:72:a4:eb:dc:94:96:f1:
41:a8:d0:47:1f:7b:6a:38:0c:ee:d9:6e:b1:70:65:
9c:32:6c:84:13:43:04:f0:25:49:2c:42:a2:7e:26:
ae:6b:73:94:d5:af:16:ce:25:44:20:f7:d1:c9:6f:
8f:d0:1e:44:f2:a0:ca:d2:54:b3:e4:57:d9:4d:3e:
7a:6c:eb:91:0d:05:2e:53:64:bb:02:e0:2b:23:07:
26:56:33:11:c9:ea:84:89:bf:80:32:59:31:ab:db:
73:6a:3c:17:ba:d8:9a:22:3c:a9:44:b3:f3:ba:d3:
56:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:66:2F:9E:28:E5:C6:F3:C2:79:82:7D:41:1A:C0:9C:12:D7:32:02
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/bGYvnijlxvPCeYJ9QRrAnBLXMgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.72.0/22
185.100.56.0/22
IPv6:
2a04:600::/29
2a0d:3200::/29
Signature Algorithm: sha256WithRSAEncryption
00:a9:7b:4b:54:a9:88:17:2e:ef:72:12:ed:c5:f3:f5:bf:2c:
c0:20:b6:ed:e8:23:fe:53:91:b8:d9:cb:67:13:f7:6a:81:99:
5d:54:25:22:b1:61:4c:27:ad:3a:76:6a:d8:d9:a2:b8:a2:38:
a9:08:8f:a9:2c:b5:b4:b6:2a:1f:99:c3:9e:7c:70:7e:c1:c6:
0e:a3:0a:35:d5:eb:98:8a:77:4f:64:97:8c:bc:6e:3f:84:24:
38:ac:01:3d:84:0c:2c:ec:de:28:39:ea:8b:50:d9:0d:4e:3e:
05:1e:74:7c:79:02:8b:cd:a1:67:ea:de:38:63:af:d0:c3:17:
43:cb:89:76:86:82:d1:db:dd:4c:71:86:9d:21:f6:53:c9:41:
e3:3c:4e:74:3f:55:49:1b:c8:47:da:22:62:09:64:2f:5a:0a:
f0:ba:ba:ac:29:8d:e8:75:a4:38:47:ef:2d:36:3b:56:59:2e:
50:0d:7f:20:1e:45:3b:44:41:ba:1d:a3:7e:3a:b1:77:0c:f0:
bf:8a:34:49:eb:f4:dd:4f:a2:57:2e:fc:c5:4b:b4:03:f9:de:
c7:59:39:63:00:ed:b6:c0:c3:39:32:d5:44:3a:fb:5f:8e:3e:
2b:fe:0b:9f:32:4d:5d:57:d2:36:5c:e7:97:9f:9c:5b:23:e4:
22:c6:7a:d5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYrcWMWNpzS1XZlzm6OUk/QVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwOTI4MTUxMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY2MmY5ZTI4ZTVjNmYzYzI3OTgyN2Q0MTFhYzA5YzEyZDczMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbIpgTks2Eegvn0J4Zv75nOmJ/09
hE3jpjsSweDZxd4SV8lWAzd1wKxUsLoG01iHJvbhKWSHOL5EyeyPPNGyc79paMyk
NpA8r4RL/8/6t4U0/lx8UuJhSV3kxUxkAPdTtQ6izr7Q0i5aHpS9uyeU/UguPCYz
6Ava1G/tB0s1ZdikSw2i2djwH+BourtKeXKk69yUlvFBqNBHH3tqOAzu2W6xcGWc
MmyEE0ME8CVJLEKifiaua3OU1a8WziVEIPfRyW+P0B5E8qDK0lSz5FfZTT56bOuR
DQUuU2S7AuArIwcmVjMRyeqEib+AMlkxq9tzajwXutiaIjypRLPzutNWGwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGxmL54o5cbzwnmCfUEawJwS1zICMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvYkdZdm5pamx4dlBDZVlKOVFSckFuQkxYTWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRFIAwQC
uWQ4MBQEAgACMA4DBQMqBAYAAwUDKg0yADANBgkqhkiG9w0BAQsFAAOCAQEAAKl7
S1SpiBcu73IS7cXz9b8swCC27egj/lORuNnLZxP3aoGZXVQlIrFhTCetOnZq2Nmi
uKI4qQiPqSy1tLYqH5nDnnxwfsHGDqMKNdXrmIp3T2SXjLxuP4QkOKwBPYQMLOze
KDnqi1DZDU4+BR50fHkCi82hZ+reOGOv0MMXQ8uJdoaC0dvdTHGGnSH2U8lB4zxO
dD9VSRvIR9oiYglkL1oK8Lq6rCmN6HWkOEfvLTY7VlkuUA1/IB5FO0RBuh2jfjqx
dwzwv4o0Sev03U+iVy78xUu0A/nex1k5YwDttsDDOTLVRDr7X44+K/4LnzJNXVfS
Nlznl5+cWyPkIsZ61Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org