Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/G5H9EJSkbOEYaJQgfrf5Q-AZXRQ.roa
File: G5H9EJSkbOEYaJQgfrf5Q-AZXRQ.roa (raw, json)
Hash identifier: NBBUU5tNUoNV0ioGw7XFnvdgGv9b6mG+77o2qD9INR8=
Subject key identifier: 1B:91:FD:10:94:A4:6C:E1:18:68:94:20:7E:B7:F9:43:E0:19:5D:14
Certificate issuer: /CN=667b2b1befba178f30d2a321c451b6eea5466274
Certificate serial: 01857169B5F647C5063AC854AD4A4F6D4F42
Authority key identifier: 66:7B:2B:1B:EF:BA:17:8F:30:D2:A3:21:C4:51:B6:EE:A5:46:62:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/G5H9EJSkbOEYaJQgfrf5Q-AZXRQ.roa
Signing time: Mon 02 Jan 2023 07:37:11 +0000
ROA not before: Mon 02 Jan 2023 07:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34312
IP address blocks: 195.95.206.0/23 maxlen: 24
193.111.6.0/23 maxlen: 23
89.200.248.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:b5:f6:47:c5:06:3a:c8:54:ad:4a:4f:6d:4f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667b2b1befba178f30d2a321c451b6eea5466274
Validity
Not Before: Jan 2 07:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b91fd1094a46ce1186894207eb7f943e0195d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:81:59:34:e5:ba:15:8e:33:28:01:74:bb:a7:
be:e2:88:ec:85:9e:24:16:81:75:fc:86:fc:2f:c6:
ce:fc:d4:75:09:4c:2e:07:b1:9e:1c:3b:01:1a:aa:
bb:b4:27:71:03:ae:ea:49:3a:56:ca:6b:17:8b:92:
ea:01:97:aa:4c:cd:45:e1:81:d1:9b:57:a7:cb:ab:
c8:8f:3d:9e:23:be:57:d3:b3:c3:6e:40:4e:00:01:
c6:86:8f:ef:24:9d:85:1b:a7:80:c1:69:4d:c3:4d:
51:8f:45:2e:ae:f8:be:a2:1f:91:dd:c0:58:44:6d:
1c:85:57:86:4c:52:81:80:a8:04:be:11:79:5e:28:
d8:a6:fd:02:ce:04:80:eb:c5:cc:73:ab:0c:cd:6f:
6f:1d:3d:5c:70:75:86:d6:5a:fd:a3:23:6a:8b:b4:
a3:ec:6a:fb:aa:29:34:d2:04:b8:05:32:98:dd:12:
b2:6f:9d:b6:e9:f2:18:1c:26:a0:d4:09:7e:4f:09:
ee:f6:f3:60:91:bd:19:f3:cd:51:9c:87:18:e1:f3:
cc:a1:7f:9d:09:cb:81:32:05:b4:d1:a6:1a:56:7b:
e2:75:04:bd:3a:65:91:22:fc:18:67:63:ed:89:31:
86:5e:af:11:ac:aa:fb:49:3b:24:1f:47:b3:09:c2:
80:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:91:FD:10:94:A4:6C:E1:18:68:94:20:7E:B7:F9:43:E0:19:5D:14
X509v3 Authority Key Identifier:
keyid:66:7B:2B:1B:EF:BA:17:8F:30:D2:A3:21:C4:51:B6:EE:A5:46:62:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnsrG--6F48w0qMhxFG27qVGYnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/G5H9EJSkbOEYaJQgfrf5Q-AZXRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7d07ec-2e66-477a-93c6-f8bdd2d7927d/1/ZnsrG--6F48w0qMhxFG27qVGYnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.200.248.0/21
193.111.6.0/23
195.95.206.0/23
Signature Algorithm: sha256WithRSAEncryption
63:c9:83:ad:33:ad:96:06:9f:94:e6:49:57:f3:84:29:fb:88:
bc:74:53:36:fd:41:ac:1e:f3:3e:49:61:4c:b1:c2:e2:3b:27:
77:28:91:e9:34:9b:55:84:aa:cf:bd:55:fb:9d:5f:5a:a2:fe:
12:46:f1:a5:42:db:ca:33:b5:fb:0e:65:3d:3c:1c:02:d3:4f:
dd:23:6a:9b:12:74:a3:5a:32:06:3e:e0:0a:44:44:63:94:eb:
32:4c:96:a2:d0:48:1b:6e:4c:9e:72:f9:09:58:b3:fe:08:4e:
8a:83:42:0d:a9:65:49:cf:08:cf:b5:a7:ff:3f:6a:f9:02:b9:
37:3d:31:35:26:02:4f:0a:43:f0:5c:8b:c8:17:97:ac:69:49:
2f:41:8a:70:44:47:56:21:c1:ca:45:c7:e8:c4:22:73:b4:e4:
f5:56:83:29:2d:0a:94:a1:c0:6b:a8:ce:90:e8:15:7c:be:9a:
e0:1b:1c:16:f8:03:6d:32:98:ea:da:ff:3a:f4:8d:e3:52:1f:
f2:0a:ac:46:bb:54:73:1a:71:b5:ff:d1:e7:f2:55:63:1b:50:
7a:06:21:8a:48:05:25:b2:0b:56:16:36:cb:87:c3:c5:be:27:
5b:85:2a:50:72:a0:ea:c2:19:22:b2:6e:5c:8b:59:ac:ef:c7:
fb:70:88:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxabX2R8UGOshUrUpPbU9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2IyYjFiZWZiYTE3OGYzMGQyYTMyMWM0NTFiNmVlYTU0
NjYyNzQwHhcNMjMwMTAyMDczNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkxZmQxMDk0YTQ2Y2UxMTg2ODk0MjA3ZWI3Zjk0M2UwMTk1ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoFZNOW6FY4zKAF0u6e+4ojshZ4k
FoF1/Ib8L8bO/NR1CUwuB7GeHDsBGqq7tCdxA67qSTpWymsXi5LqAZeqTM1F4YHR
m1eny6vIjz2eI75X07PDbkBOAAHGho/vJJ2FG6eAwWlNw01Rj0Uurvi+oh+R3cBY
RG0chVeGTFKBgKgEvhF5XijYpv0CzgSA68XMc6sMzW9vHT1ccHWG1lr9oyNqi7Sj
7Gr7qik00gS4BTKY3RKyb5226fIYHCag1Al+Twnu9vNgkb0Z881RnIcY4fPMoX+d
CcuBMgW00aYaVnvidQS9OmWRIvwYZ2PtiTGGXq8RrKr7STskH0ezCcKA0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBuR/RCUpGzhGGiUIH63+UPgGV0UMB8GA1UdIwQY
MBaAFGZ7KxvvuhePMNKjIcRRtu6lRmJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5zckctLTZGNDh3MHFNaHhGRzI3cVZHWW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC83ZDA3ZWMtMmU2Ni00NzdhLTkzYzYt
ZjhiZGQyZDc5MjdkLzEvRzVIOUVKU2tiT0VZYUpRZ2ZyZjVRLUFaWFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC83ZDA3ZWMtMmU2Ni00NzdhLTkzYzYtZjhiZGQyZDc5Mjdk
LzEvWm5zckctLTZGNDh3MHFNaHhGRzI3cVZHWW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWcj4AwQB
wW8GAwQBw1/OMA0GCSqGSIb3DQEBCwUAA4IBAQBjyYOtM62WBp+U5klX84Qp+4i8
dFM2/UGsHvM+SWFMscLiOyd3KJHpNJtVhKrPvVX7nV9aov4SRvGlQtvKM7X7DmU9
PBwC00/dI2qbEnSjWjIGPuAKRERjlOsyTJai0EgbbkyecvkJWLP+CE6Kg0INqWVJ
zwjPtaf/P2r5Ark3PTE1JgJPCkPwXIvIF5esaUkvQYpwREdWIcHKRcfoxCJztOT1
VoMpLQqUocBrqM6Q6BV8vprgGxwW+ANtMpjq2v869I3jUh/yCqxGu1RzGnG1/9Hn
8lVjG1B6BiGKSAUlsgtWFjbLh8PFvidbhSpQcqDqwhkism5ci1ms78f7cIjg
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:47 2024 by rpki-client on console-ams.rpki-client.org