Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/gImnzIjcWvCFN8GI-jWV5uEana4.roa
File: gImnzIjcWvCFN8GI-jWV5uEana4.roa (raw, json)
Hash identifier: yGqcZRDaAU2nS/YLru0AuuV6yH8J1Q9xOmIYC/Pr34g=
Subject key identifier: 80:89:A7:CC:88:DC:5A:F0:85:37:C1:88:FA:35:95:E6:E1:1A:9D:AE
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 01856F2FDF4D2DE441E362F4B96C8E3461AC
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/gImnzIjcWvCFN8GI-jWV5uEana4.roa
Signing time: Sun 01 Jan 2023 21:14:46 +0000
ROA not before: Sun 01 Jan 2023 21:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56595
IP address blocks: 185.94.232.0/24 maxlen: 24
185.94.232.0/22 maxlen: 24
185.94.232.0/23 maxlen: 24
185.94.233.0/24 maxlen: 24
185.94.234.0/23 maxlen: 24
185.94.234.0/24 maxlen: 24
185.94.235.0/24 maxlen: 24
2a03:e840::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:df:4d:2d:e4:41:e3:62:f4:b9:6c:8e:34:61:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 21:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8089a7cc88dc5af08537c188fa3595e6e11a9dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c0:8e:44:ae:ac:b2:15:b9:17:c4:9e:b2:a6:
9d:bb:4c:e7:cc:05:50:dc:75:7f:28:c5:34:6c:02:
49:92:58:16:3d:40:64:28:38:09:9c:73:4d:ee:01:
86:9c:0e:d1:4d:fa:a5:bc:15:cd:3a:ad:78:18:6f:
7c:5b:5b:7d:8f:c3:33:c5:56:7b:ba:45:f4:99:0b:
66:52:e2:15:2e:a7:b2:e8:3e:d2:70:84:82:e1:43:
74:28:70:d8:65:b0:68:c9:48:6c:fa:bf:d5:f7:b5:
e4:69:9f:9d:de:fc:45:72:2c:81:24:43:ca:0a:d9:
0a:df:93:7a:d2:9d:84:20:7a:71:08:e2:7c:6f:16:
34:14:af:e2:c8:77:0d:12:5a:01:35:1b:c5:f5:7a:
48:03:0b:9c:b4:0d:69:11:0f:68:65:5b:3c:2d:18:
ec:af:03:8d:cd:5d:0e:b4:9d:af:18:d1:5b:17:a6:
1b:e1:5c:5d:f8:b5:08:ef:43:9c:88:72:82:18:63:
1c:5f:35:74:21:76:2b:27:fb:9b:23:4c:1a:df:1a:
36:18:e2:39:46:e1:df:23:60:eb:e8:75:63:8f:95:
32:4f:fb:66:c5:f4:d1:53:57:2b:e7:fe:fb:04:ac:
60:6a:0d:ca:93:07:86:e3:dc:27:47:7b:4f:0a:c1:
16:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:89:A7:CC:88:DC:5A:F0:85:37:C1:88:FA:35:95:E6:E1:1A:9D:AE
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/gImnzIjcWvCFN8GI-jWV5uEana4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.232.0/22
IPv6:
2a03:e840::/32
Signature Algorithm: sha256WithRSAEncryption
04:94:dd:dc:5c:d4:6e:2e:c8:56:09:64:7d:1c:ca:3e:92:87:
08:0a:68:37:38:20:d7:6c:40:30:59:30:ee:74:c2:6d:9b:cf:
24:60:e5:2d:78:90:4f:cb:3f:90:eb:93:d2:b4:43:08:5e:cb:
02:9e:06:19:8a:3b:3e:00:4e:aa:d3:6d:6e:4e:71:c5:a2:78:
d0:a0:7b:83:b9:2d:85:d1:0b:27:b6:d4:40:6d:0d:74:5e:99:
7a:e0:ba:7b:32:f0:7d:a4:a2:92:83:48:98:11:4d:6e:0a:4c:
3d:b0:4b:05:67:f8:34:b2:1d:3e:52:d1:c0:65:48:38:fa:6e:
b7:fd:b2:f8:60:76:a1:d1:5f:eb:21:60:ab:03:bd:2a:6e:77:
8e:68:83:14:db:1a:80:bd:66:0a:1f:61:95:3b:ab:bf:08:01:
b8:a3:68:90:99:80:de:88:ec:86:1d:13:21:67:4e:12:20:c1:
50:e1:9c:a6:b4:85:8d:e2:8c:1e:56:b6:00:78:4e:1b:6b:9b:
13:b1:16:40:2a:f9:34:b9:43:ca:55:49:c3:6e:e0:f4:77:f7:
eb:98:f9:d1:b1:89:89:d9:01:fd:6e:cf:35:96:db:94:40:e8:
1d:04:12:3b:65:97:58:bf:a9:ae:da:c8:0c:6d:97:e6:84:1d:
3f:88:79:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL99NLeRB42L0uWyONGGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGM3MzUzMGJiNjg0ZmQ1NjlkZmM0MzI3MDQ2NzU3MDQx
ODM0MjkwHhcNMjMwMTAxMjExNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg5YTdjYzg4ZGM1YWYwODUzN2MxODhmYTM1OTVlNmUxMWE5ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8CORK6sshW5F8Sesqadu0znzAVQ
3HV/KMU0bAJJklgWPUBkKDgJnHNN7gGGnA7RTfqlvBXNOq14GG98W1t9j8MzxVZ7
ukX0mQtmUuIVLqey6D7ScISC4UN0KHDYZbBoyUhs+r/V97XkaZ+d3vxFciyBJEPK
CtkK35N60p2EIHpxCOJ8bxY0FK/iyHcNEloBNRvF9XpIAwuctA1pEQ9oZVs8LRjs
rwONzV0OtJ2vGNFbF6Yb4Vxd+LUI70OciHKCGGMcXzV0IXYrJ/ubI0wa3xo2GOI5
RuHfI2Dr6HVjj5UyT/tmxfTRU1cr5/77BKxgag3KkweG49wnR3tPCsEWIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFICJp8yI3FrwhTfBiPo1lebhGp2uMB8GA1UdIwQY
MBaAFKEMc1MLtoT9Vp38QycEZ1cEGDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAt
N2QwODI5MWE3NjYyLzEvZ0ltbnpJamNXdkNGTjhHSS1qV1Y1dUVhbmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAtN2QwODI5MWE3NjYy
LzEvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV7oMA0E
AgACMAcDBQAqA+hAMA0GCSqGSIb3DQEBCwUAA4IBAQAElN3cXNRuLshWCWR9HMo+
kocICmg3OCDXbEAwWTDudMJtm88kYOUteJBPyz+Q65PStEMIXssCngYZijs+AE6q
021uTnHFonjQoHuDuS2F0QsnttRAbQ10Xpl64Lp7MvB9pKKSg0iYEU1uCkw9sEsF
Z/g0sh0+UtHAZUg4+m63/bL4YHah0V/rIWCrA70qbneOaIMU2xqAvWYKH2GVO6u/
CAG4o2iQmYDeiOyGHRMhZ04SIMFQ4ZymtIWN4oweVrYAeE4ba5sTsRZAKvk0uUPK
VUnDbuD0d/frmPnRsYmJ2QH9bs81ltuUQOgdBBI7ZZdYv6mu2sgMbZfmhB0/iHmX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:35 2024 by rpki-client on console-ams.rpki-client.org