Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/gyz9qBG3iiLCNIyU92N63ezAqG4.roa
File: gyz9qBG3iiLCNIyU92N63ezAqG4.roa (raw, json)
Hash identifier: 7imtWXWy1ndNlymY8oEXGL5MUw4JzXqi95VwrWI1/+s=
Subject key identifier: 83:2C:FD:A8:11:B7:8A:22:C2:34:8C:94:F7:63:7A:DD:EC:C0:A8:6E
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 018D646A7B24E1A9F2C8BA16CFCE13A51799
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/gyz9qBG3iiLCNIyU92N63ezAqG4.roa
Signing time: Thu 01 Feb 2024 11:25:16 +0000
ROA not before: Thu 01 Feb 2024 11:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8560
IP address blocks: 85.215.32.0/19 maxlen: 24
85.215.64.0/20 maxlen: 24
85.215.96.0/19 maxlen: 24
85.215.128.0/17 maxlen: 24
185.56.148.0/22 maxlen: 24
2a01:239::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 14:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:6a:7b:24:e1:a9:f2:c8:ba:16:cf:ce:13:a5:17:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Feb 1 11:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=832cfda811b78a22c2348c94f7637addecc0a86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:62:a6:d2:ac:6d:db:93:a4:f0:8d:61:ed:
60:04:38:17:8a:50:8f:3b:6a:67:0a:58:21:0c:a1:
2b:a6:c3:54:8c:38:ff:d5:4d:7a:15:27:5f:2f:78:
ca:90:04:02:6e:48:24:ed:88:12:95:fc:65:f5:13:
4a:89:83:72:70:05:cd:45:3a:29:1b:57:b6:e3:29:
3f:f8:ee:ee:e0:a7:35:8e:d9:53:59:ac:cd:1e:88:
ac:4f:bf:bb:7e:59:2f:11:fb:9c:93:79:27:e3:db:
17:71:5f:8d:b2:92:b2:69:b4:2d:83:b5:9b:57:59:
12:48:4b:72:c8:d9:d1:cc:e8:96:4a:85:17:75:9b:
b7:e7:0a:0b:ea:af:e3:c5:4a:76:0b:36:ed:d1:57:
26:b3:78:b5:1c:5c:63:ed:ee:9a:f2:09:fb:87:99:
75:2b:f6:f6:16:93:dd:c5:5e:06:7c:27:7d:16:bf:
97:dd:a8:7f:df:83:44:8a:7f:09:ca:b2:7d:de:84:
45:26:bd:03:47:83:06:aa:1f:99:97:60:d2:d8:01:
04:3e:bc:c3:ff:99:60:32:41:a4:81:ec:7a:48:79:
e7:11:8d:c0:5f:5c:e5:cb:71:4f:f5:8e:f9:b5:bb:
28:2e:4f:23:db:3e:46:12:c6:65:46:44:58:34:56:
0b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:2C:FD:A8:11:B7:8A:22:C2:34:8C:94:F7:63:7A:DD:EC:C0:A8:6E
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/gyz9qBG3iiLCNIyU92N63ezAqG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.215.32.0-85.215.79.255
85.215.96.0-85.215.255.255
185.56.148.0/22
IPv6:
2a01:239::/32
Signature Algorithm: sha256WithRSAEncryption
87:21:b0:f2:c7:89:1e:80:17:49:ad:88:38:98:5a:64:6d:fa:
cb:a0:7a:56:1a:26:e9:f5:3f:47:c8:27:78:b9:40:13:9f:01:
4a:43:63:c3:18:be:ac:7f:41:fd:60:ae:c8:6d:d7:fe:66:bc:
06:b0:e5:07:44:7f:9e:7e:b5:af:03:de:9d:5a:05:5e:22:1c:
a6:88:6f:71:7f:4d:79:67:30:f6:85:e4:38:ce:15:71:a8:19:
a1:02:fd:a0:9e:18:38:a5:0e:6c:d1:74:69:7e:64:ae:35:e2:
27:ac:26:6d:57:b4:87:93:43:01:2d:4f:8a:46:5e:24:e1:12:
71:0e:e6:4c:6a:1e:2a:64:84:5a:18:b5:5d:65:e6:e6:b3:5a:
35:27:60:42:1d:4d:02:17:e1:78:18:73:19:c4:ae:7b:e8:12:
40:8a:af:ce:12:1e:c1:2c:59:9d:b2:b0:87:83:4b:0e:49:3b:
19:4c:00:c2:3e:d9:e5:09:c0:71:cc:c7:51:07:e9:7a:17:ac:
d8:cb:a2:6c:2c:94:e4:d1:37:2a:f0:90:ea:33:46:9a:26:fa:
03:96:d8:ac:da:08:4a:a5:15:80:3d:8d:bf:1e:76:17:9c:9b:
58:2f:85:b2:ce:ae:14:19:42:4e:ed:15:f5:c0:87:08:c2:ef:
13:6a:f3:57
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY1kansk4anyyLoWz84TpReZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl
OTY1ZWIwHhcNMjQwMjAxMTEyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzJjZmRhODExYjc4YTIyYzIzNDhjOTRmNzYzN2FkZGVjYzBhODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdViptKsbduTpPCNYe1gBDgXilCP
O2pnClghDKErpsNUjDj/1U16FSdfL3jKkAQCbkgk7YgSlfxl9RNKiYNycAXNRTop
G1e24yk/+O7u4Kc1jtlTWazNHoisT7+7flkvEfuck3kn49sXcV+NspKyabQtg7Wb
V1kSSEtyyNnRzOiWSoUXdZu35woL6q/jxUp2Czbt0Vcms3i1HFxj7e6a8gn7h5l1
K/b2FpPdxV4GfCd9Fr+X3ah/34NEin8JyrJ93oRFJr0DR4MGqh+Zl2DS2AEEPrzD
/5lgMkGkgex6SHnnEY3AX1zly3FP9Y75tbsoLk8j2z5GEsZlRkRYNFYL+QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIMs/agRt4oiwjSMlPdjet3swKhuMB8GA1UdIwQY
MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt
ZTM4MzQ1MTZmYzA4LzEvZ3l6OXFCRzNpaUxDTkl5VTkyTjYzZXpBcUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4
LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhMAwDBAVV1yAD
BARV10AwCwMEBVXXYAMDA1XQAwQCuTiUMA0EAgACMAcDBQAqAQI5MA0GCSqGSIb3
DQEBCwUAA4IBAQCHIbDyx4kegBdJrYg4mFpkbfrLoHpWGibp9T9HyCd4uUATnwFK
Q2PDGL6sf0H9YK7Ibdf+ZrwGsOUHRH+efrWvA96dWgVeIhymiG9xf015ZzD2heQ4
zhVxqBmhAv2gnhg4pQ5s0XRpfmSuNeInrCZtV7SHk0MBLU+KRl4k4RJxDuZMah4q
ZIRaGLVdZebms1o1J2BCHU0CF+F4GHMZxK576BJAiq/OEh7BLFmdsrCHg0sOSTsZ
TADCPtnlCcBxzMdRB+l6F6zYy6JsLJTk0Tcq8JDqM0aaJvoDltis2ghKpRWAPY2/
HnYXnJtYL4Wyzq4UGUJO7RX1wIcIwu8TavNX
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:57:50 2025 by rpki-client