Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/GGyNwBEEBIk2lFR-GTI_VUHKWsg.roa
File: GGyNwBEEBIk2lFR-GTI_VUHKWsg.roa (raw, json)
Hash identifier: 83exDrN+zJA1IEbQx18yi+LCwGeTh82hvWEhYyqJU9s=
Subject key identifier: 18:6C:8D:C0:11:04:04:89:36:94:54:7E:19:32:3F:55:41:CA:5A:C8
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018A406CFE4FC0D66503895D823BB664999D
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/GGyNwBEEBIk2lFR-GTI_VUHKWsg.roa
Signing time: Tue 29 Aug 2023 08:33:19 +0000
ROA not before: Tue 29 Aug 2023 08:33:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8447
IP address blocks: 192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
85.90.128.0/19 maxlen: 19
213.33.63.0/24 maxlen: 24
193.187.212.0/22 maxlen: 22
192.164.64.0/21 maxlen: 21
193.80.0.0/15 maxlen: 15
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
193.187.240.0/22 maxlen: 22
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
192.164.224.0/19 maxlen: 19
93.111.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 14
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 15
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 20
194.96.0.0/16 maxlen: 16
80.89.96.0/20 maxlen: 20
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
81.5.192.0/18 maxlen: 18
192.164.32.0/22 maxlen: 22
193.154.0.0/16 maxlen: 16
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
193.83.0.0/16 maxlen: 16
80.120.0.0/14 maxlen: 14
62.46.0.0/15 maxlen: 15
212.183.0.0/17 maxlen: 17
80.75.56.0/21 maxlen: 21
93.82.0.0/15 maxlen: 15
188.45.0.0/16 maxlen: 16
91.112.0.0/14 maxlen: 14
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
62.116.32.0/19 maxlen: 19
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
194.118.0.0/16 maxlen: 16
194.152.96.0/19 maxlen: 19
84.20.160.0/19 maxlen: 19
46.206.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:6c:fe:4f:c0:d6:65:03:89:5d:82:3b:b6:64:99:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Aug 29 08:33:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=186c8dc0110404893694547e19323f5541ca5ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:f6:23:06:d0:b3:65:9d:34:78:18:1a:b1:
7f:2f:1d:2c:4a:4d:03:0e:43:c0:c9:fd:fa:70:eb:
02:88:76:31:56:1e:7f:5a:e1:0d:4a:e8:c3:fb:8d:
92:47:22:e6:5c:32:d3:e2:f7:09:77:06:cd:fb:75:
40:30:8b:ee:64:a4:20:58:70:e4:ec:77:b7:02:dd:
b2:24:19:19:24:2e:d1:27:6d:8e:3e:81:b8:61:a9:
46:6e:19:a7:be:63:96:b8:09:4b:23:30:5e:db:59:
ae:ea:90:ac:ab:e5:86:41:3c:96:31:1c:f1:2e:ee:
17:1a:09:01:57:d6:39:fd:4d:a2:1d:e4:f4:57:c5:
bb:1f:07:ec:cf:64:e8:ce:fb:bc:94:0c:df:ee:02:
21:e6:0d:4b:d6:c1:07:68:c8:3e:a8:08:88:fd:70:
e5:6a:29:4f:3b:11:42:63:8c:15:fa:93:ba:6b:84:
3f:25:36:21:c8:31:16:bd:e2:96:2b:d5:14:42:32:
0c:82:32:58:60:b5:36:87:07:08:69:ba:18:33:63:
7e:b0:eb:ee:1b:2b:a4:94:f1:ff:08:11:af:66:7d:
ea:8a:92:4a:aa:41:9b:92:34:17:54:a5:ec:e5:2c:
0d:2e:48:75:3c:92:40:89:d4:8f:17:1f:f3:f3:b2:
ea:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6C:8D:C0:11:04:04:89:36:94:54:7E:19:32:3F:55:41:CA:5A:C8
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/GGyNwBEEBIk2lFR-GTI_VUHKWsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
195.3.64.0/18
212.183.0.0/17
213.33.0.0/17
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
d5:41:8b:df:05:1d:1c:71:ba:74:51:b3:6b:a2:8d:91:5a:51:
6b:bc:7f:1b:0f:6d:17:33:ee:8e:30:1e:c1:30:d1:43:42:93:
f2:dd:da:71:24:d6:5a:61:c0:97:ab:f3:f3:cf:c0:e7:d7:56:
85:45:d1:46:ec:6c:ec:b2:be:fe:ae:02:ec:0d:c7:2c:b7:c3:
58:b9:6a:bf:30:00:8b:da:b7:86:60:70:d0:e8:5b:ab:08:b8:
b9:aa:fd:44:55:1b:f2:40:2f:a0:c0:ce:36:3f:37:f8:80:ef:
5c:cc:95:ef:f6:6d:d6:67:9c:cb:17:fd:db:42:44:76:7b:ea:
c0:68:0d:4f:57:af:69:60:cd:f2:9d:0a:b1:94:f6:d7:a7:e9:
bb:06:28:c4:c4:9e:0c:39:91:e0:49:ad:bb:c8:bb:87:56:5f:
4d:75:e2:ad:ba:94:36:ee:97:a4:81:f4:09:d7:2b:60:dc:24:
d2:35:3f:a0:4d:f3:26:31:c5:8b:1d:28:73:57:d0:b3:af:e9:
c5:d4:2b:6c:ad:c4:63:a2:e3:1d:62:7a:98:21:a2:53:3c:95:
01:65:5c:2d:e4:13:ae:ef:03:cd:14:c2:41:ce:72:ef:e7:04:
9d:01:40:02:d6:4b:9e:56:8c:56:ce:1a:83:c7:15:47:e6:f9:
28:af:9e:ff
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAYpAbP5PwNZlA4ldgju2ZJmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwODI5MDgzMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODZjOGRjMDExMDQwNDg5MzY5NDU0N2UxOTMyM2Y1NTQxY2E1YWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeX2IwbQs2WdNHgYGrF/Lx0sSk0D
DkPAyf36cOsCiHYxVh5/WuENSujD+42SRyLmXDLT4vcJdwbN+3VAMIvuZKQgWHDk
7He3At2yJBkZJC7RJ22OPoG4YalGbhmnvmOWuAlLIzBe21mu6pCsq+WGQTyWMRzx
Lu4XGgkBV9Y5/U2iHeT0V8W7Hwfsz2Tozvu8lAzf7gIh5g1L1sEHaMg+qAiI/XDl
ailPOxFCY4wV+pO6a4Q/JTYhyDEWveKWK9UUQjIMgjJYYLU2hwcIaboYM2N+sOvu
GyuklPH/CBGvZn3qipJKqkGbkjQXVKXs5SwNLkh1PJJAidSPFx/z87Lq7QIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFBhsjcARBASJNpRUfhkyP1VBylrIMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvR0d5TndCRUVCSWsybEZSLUdUSV9WVUhLV3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCAQMEAgABMIH8
AwMBLkoDAwEuzgMDAT4uAwQFPnQgAwQFUEsgAwQEUFlgAwMCUHgDBARQ8OADBAZR
BcADBAVUFKADBAVVWoADAwFYdAMEBlmQwAMDAltwAwQHXPgAAwMBXVIDAwBdbwME
BrBCAAMEB7BCgAMDArK8AwMCvBQDAwC8LTALAwMCwKQDBALApCAwDAMEAMCkJwME
A8CkQDAMAwQEwKRQAwQFwKSAMAsDBATApNADAwDApAMDAcFQAwMAwVMDAwDBmjAM
AwQCwbvUAwQCwbvwMAwDBALCMHwDBALCMIgDAwDCYAMDAMJ2AwQFwphgAwQGwwNA
AwQH1LcAAwQH1SEAMCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJADBQMgAUu4
MA0GCSqGSIb3DQEBCwUAA4IBAQDVQYvfBR0ccbp0UbNroo2RWlFrvH8bD20XM+6O
MB7BMNFDQpPy3dpxJNZaYcCXq/Pzz8Dn11aFRdFG7Gzssr7+rgLsDccst8NYuWq/
MACL2reGYHDQ6FurCLi5qv1EVRvyQC+gwM42Pzf4gO9czJXv9m3WZ5zLF/3bQkR2
e+rAaA1PV69pYM3ynQqxlPbXp+m7BijExJ4MOZHgSa27yLuHVl9NdeKtupQ27pek
gfQJ1ytg3CTSNT+gTfMmMcWLHShzV9Czr+nF1CtsrcRjouMdYnqYIaJTPJUBZVwt
5BOu7wPNFMJBznLv5wSdAUAC1kueVoxWzhqDxxVH5vkor57/
-----END CERTIFICATE-----
Generated at Tue Sep 5 11:42:36 2023 by rpki-client on console-ams.rpki-client.org