Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/Gnfl_2PUfwNiteh96aLIQ-zzIS4.roa
File: Gnfl_2PUfwNiteh96aLIQ-zzIS4.roa (raw, json)
Hash identifier: 1KrfJ7oJxNBuLXh9HjCbxoPMDg/a1xcOBPWU0Y1Sc1E=
Subject key identifier: 1A:77:E5:FF:63:D4:7F:03:62:B5:E8:7D:E9:A2:C8:43:EC:F3:21:2E
Certificate issuer: /CN=4c93213d88fa874eb4460e2c5cf1bb1a91da9078
Certificate serial: 018571F9EDD536292A01E50AA30A86128421
Authority key identifier: 4C:93:21:3D:88:FA:87:4E:B4:46:0E:2C:5C:F1:BB:1A:91:DA:90:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMhPYj6h060Rg4sXPG7GpHakHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/Gnfl_2PUfwNiteh96aLIQ-zzIS4.roa
Signing time: Mon 02 Jan 2023 10:14:42 +0000
ROA not before: Mon 02 Jan 2023 10:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41073
IP address blocks: 89.207.56.0/21 maxlen: 24
185.54.104.0/22 maxlen: 22
2a00:1ed8::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:ed:d5:36:29:2a:01:e5:0a:a3:0a:86:12:84:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93213d88fa874eb4460e2c5cf1bb1a91da9078
Validity
Not Before: Jan 2 10:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a77e5ff63d47f0362b5e87de9a2c843ecf3212e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:63:aa:b7:b8:fa:dd:aa:3f:8f:8c:1b:17:
47:4e:d8:30:71:a4:a5:f9:80:b0:53:0a:b2:5e:76:
3d:2f:b7:77:f1:1f:c5:86:ae:3f:e9:d5:df:bc:e1:
bc:64:15:03:d0:d6:e3:68:e3:f7:14:0d:96:4f:44:
1b:14:58:4b:1b:86:ac:8a:36:6a:8a:05:93:44:cb:
dc:02:e7:0f:a5:79:49:ad:4a:2a:91:2e:0e:b6:13:
e6:e2:0f:90:b5:99:a7:a6:2f:61:08:73:45:ab:1b:
ee:a5:b9:9a:cb:62:c1:9f:67:43:55:46:35:c5:b2:
f8:85:05:2e:b1:55:54:9f:93:93:54:20:3b:0f:a5:
0c:81:0d:75:06:9d:70:c5:77:d3:bf:2b:e6:5d:29:
15:32:fb:fb:b7:c3:85:80:94:9a:a2:e5:ed:8c:c5:
67:06:5d:8a:af:64:14:a4:80:c6:c6:23:6a:64:ab:
99:7e:6b:99:6a:9c:df:56:53:c0:40:67:88:f7:ab:
70:a3:8c:8d:34:62:0b:d9:89:81:9b:c9:0e:e6:8c:
29:c8:94:94:bc:f6:35:9e:83:79:91:09:74:a3:5d:
66:a4:48:5c:92:6b:5c:da:63:7f:71:c3:61:44:87:
11:3a:8f:88:99:03:53:1a:d0:43:a6:d1:96:13:3e:
b1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:77:E5:FF:63:D4:7F:03:62:B5:E8:7D:E9:A2:C8:43:EC:F3:21:2E
X509v3 Authority Key Identifier:
keyid:4C:93:21:3D:88:FA:87:4E:B4:46:0E:2C:5C:F1:BB:1A:91:DA:90:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMhPYj6h060Rg4sXPG7GpHakHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/Gnfl_2PUfwNiteh96aLIQ-zzIS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/TJMhPYj6h060Rg4sXPG7GpHakHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.56.0/21
185.54.104.0/22
IPv6:
2a00:1ed8::/29
Signature Algorithm: sha256WithRSAEncryption
3f:a2:b9:7b:6e:17:be:8a:31:08:8a:a3:30:43:ef:1a:72:af:
82:cc:e1:18:17:c8:08:f2:de:cf:94:33:1a:29:42:7c:53:d3:
87:ad:cd:fa:27:09:53:0c:97:22:d4:14:94:45:3d:45:33:20:
43:e7:38:a8:40:c0:f3:2e:99:b8:24:06:38:9b:8e:2d:4b:2e:
63:86:79:df:18:d6:49:4f:ab:4d:27:c7:5f:c1:b8:e7:8b:32:
c7:f2:1f:71:fd:4e:16:9e:fc:03:04:cb:d3:95:d3:a6:86:4a:
d5:cc:2b:65:cc:0b:e6:23:97:7b:a5:00:b1:c1:90:1c:d7:8f:
09:68:1a:a5:11:4f:24:de:9e:17:7f:33:7b:49:55:82:d5:ef:
7a:0d:f4:86:dd:4a:33:d0:95:22:75:ea:c9:09:16:a9:6f:1f:
d9:cd:0d:00:29:d8:27:1c:c2:63:4b:bf:70:6c:bf:0f:52:96:
89:0e:fb:8d:0e:35:29:00:fb:5d:cb:b8:97:08:b0:5a:e9:29:
07:59:2a:d6:82:64:d4:06:73:c1:0d:87:9f:83:31:11:3c:eb:
72:43:ab:14:ae:55:ec:0c:4a:cb:f3:de:e3:5d:2a:fe:1d:ec:
39:ce:7f:eb:5e:51:63:d1:a3:c2:8f:fe:75:4c:f0:7e:77:69:
ca:d4:bf:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVx+e3VNikqAeUKowqGEoQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMyMTNkODhmYTg3NGViNDQ2MGUyYzVjZjFiYjFhOTFk
YTkwNzgwHhcNMjMwMTAyMTAxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc3ZTVmZjYzZDQ3ZjAzNjJiNWU4N2RlOWEyYzg0M2VjZjMyMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsodjqre4+t2qP4+MGxdHTtgwcaSl
+YCwUwqyXnY9L7d38R/Fhq4/6dXfvOG8ZBUD0NbjaOP3FA2WT0QbFFhLG4asijZq
igWTRMvcAucPpXlJrUoqkS4OthPm4g+QtZmnpi9hCHNFqxvupbmay2LBn2dDVUY1
xbL4hQUusVVUn5OTVCA7D6UMgQ11Bp1wxXfTvyvmXSkVMvv7t8OFgJSaouXtjMVn
Bl2Kr2QUpIDGxiNqZKuZfmuZapzfVlPAQGeI96two4yNNGIL2YmBm8kO5owpyJSU
vPY1noN5kQl0o11mpEhckmtc2mN/ccNhRIcROo+ImQNTGtBDptGWEz6xrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBp35f9j1H8DYrXofemiyEPs8yEuMB8GA1UdIwQY
MBaAFEyTIT2I+odOtEYOLFzxuxqR2pB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNaFBZajZoMDYwUmc0c1hQRzdHcEhha0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNGU2OTYtOWQ3OC00MTRjLWFmNDAt
Y2Y1NmM2NmEwYWMwLzEvR25mbF8yUFVmd05pdGVoOTZhTElRLXp6SVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNGU2OTYtOWQ3OC00MTRjLWFmNDAtY2Y1NmM2NmEwYWMw
LzEvVEpNaFBZajZoMDYwUmc0c1hQRzdHcEhha0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDWc84AwQC
uTZoMA0EAgACMAcDBQMqAB7YMA0GCSqGSIb3DQEBCwUAA4IBAQA/orl7bhe+ijEI
iqMwQ+8acq+CzOEYF8gI8t7PlDMaKUJ8U9OHrc36JwlTDJci1BSURT1FMyBD5zio
QMDzLpm4JAY4m44tSy5jhnnfGNZJT6tNJ8dfwbjnizLH8h9x/U4WnvwDBMvTldOm
hkrVzCtlzAvmI5d7pQCxwZAc148JaBqlEU8k3p4XfzN7SVWC1e96DfSG3Uoz0JUi
derJCRapbx/ZzQ0AKdgnHMJjS79wbL8PUpaJDvuNDjUpAPtdy7iXCLBa6SkHWSrW
gmTUBnPBDYefgzERPOtyQ6sUrlXsDErL897jXSr+Hew5zn/rXlFj0aPCj/51TPB+
d2nK1L/+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org