Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/GgQJFcYxqAd9I6dqLWN39qNrALI.roa
File: GgQJFcYxqAd9I6dqLWN39qNrALI.roa (raw, json)
Hash identifier: r9Wpd/n46XJcSBYrHtBjlUmyg1VGvcMFQ2fnewCqx0U=
Subject key identifier: 1A:04:09:15:C6:31:A8:07:7D:23:A7:6A:2D:63:77:F6:A3:6B:00:B2
Certificate issuer: /CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Certificate serial: 01856B5340DA90CAA7D6BD5FFB36F573F9CA
Authority key identifier: 40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/GgQJFcYxqAd9I6dqLWN39qNrALI.roa
Signing time: Sun 01 Jan 2023 03:14:56 +0000
ROA not before: Sun 01 Jan 2023 03:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204814
IP address blocks: 185.239.28.0/22 maxlen: 24
45.128.248.0/22 maxlen: 24
84.252.96.0/22 maxlen: 24
45.158.24.0/22 maxlen: 24
2a0c:4780::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:40:da:90:ca:a7:d6:bd:5f:fb:36:f5:73:f9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Validity
Not Before: Jan 1 03:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a040915c631a8077d23a76a2d6377f6a36b00b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:16:0d:d7:2b:2d:9c:e3:08:66:00:3e:d4:d3:
24:0f:54:21:eb:ba:c3:a4:ec:78:82:db:f7:a1:45:
83:4f:6e:99:7d:85:1d:46:16:67:09:82:e3:40:e2:
35:6b:96:d6:32:cd:99:6c:40:89:fa:39:b4:f7:95:
e8:1f:e8:84:89:db:c6:1e:3c:f1:c6:a2:b1:ba:f0:
96:c2:dd:f2:b2:9c:77:1f:43:42:b4:56:cc:c7:ec:
b1:ff:80:c1:b0:e0:ac:88:ae:ae:81:ab:99:98:38:
fb:c1:07:98:e8:67:0f:5b:bd:c4:2c:fb:1b:20:29:
62:76:88:b9:d0:5d:5a:66:36:ef:70:ef:7c:fc:5a:
07:f7:0f:0f:a0:5e:54:44:90:8f:e2:6e:2e:6d:34:
d4:0b:1f:d2:82:25:bc:b8:48:b7:40:e1:ac:36:b8:
02:c9:b9:01:b2:09:8d:bf:7a:ba:92:b9:b1:10:4e:
6b:d2:73:9c:c7:72:02:6e:62:a4:6f:1d:72:36:89:
83:51:f4:72:db:0d:00:2e:c6:3c:a2:fe:47:b1:e0:
34:8f:dc:e3:f7:1e:e8:a1:78:51:69:5b:60:44:fb:
e4:78:2c:be:6f:f5:11:b0:fc:54:83:72:74:ff:11:
f8:46:c1:93:12:74:ae:e4:b1:ef:2e:0e:45:48:b2:
d9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:04:09:15:C6:31:A8:07:7D:23:A7:6A:2D:63:77:F6:A3:6B:00:B2
X509v3 Authority Key Identifier:
keyid:40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/GgQJFcYxqAd9I6dqLWN39qNrALI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.248.0/22
45.158.24.0/22
84.252.96.0/22
185.239.28.0/22
IPv6:
2a0c:4780::/29
Signature Algorithm: sha256WithRSAEncryption
2c:26:8d:10:b1:3a:8b:3d:26:ce:a3:e8:fb:e1:b6:50:4c:70:
d8:01:0b:c5:86:c1:45:e3:97:1e:6d:a8:1b:21:06:33:04:75:
28:89:1a:57:7d:dd:8c:fc:3a:22:4b:79:d5:1d:e0:4e:91:6b:
a4:d2:ad:35:2e:70:6a:f6:93:63:8a:40:f9:a9:d7:0c:2b:0f:
39:8c:7d:c6:2d:26:25:fb:2a:9e:19:f1:b3:48:a7:d3:f2:cd:
1d:46:5c:87:6f:e2:0c:a8:14:02:74:0b:fa:d9:e3:69:c2:89:
55:a3:6d:1a:06:d2:ed:f6:56:f7:58:36:9f:43:d3:f5:0f:83:
ab:4d:bb:eb:c5:f5:0e:6c:88:a8:4f:0b:81:7b:54:54:1d:38:
2f:53:20:9e:e1:af:18:1a:e6:b2:e3:71:8b:5e:ec:49:aa:c2:
7f:36:b1:9f:9e:e8:92:dd:27:35:18:a1:5e:2e:1d:bb:ad:c5:
1a:d0:1c:df:1f:f9:75:2e:7c:de:a3:36:24:e6:e2:5c:61:77:
b8:82:2b:b4:3f:6d:1f:4a:ab:7a:ef:7a:5a:f8:86:f4:ad:78:
71:34:ef:b2:51:5f:5d:04:36:02:12:b6:ec:f2:fa:1a:7f:d7:
1c:5f:58:9c:ff:cd:c3:43:d9:b0:1e:06:54:b9:56:6a:ca:90:
b9:20:e0:e9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVrU0DakMqn1r1f+zb1c/nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmE5MjI1MGMyODU4MGYyYWQ0Y2MxYzM1N2IwMmEyNWE3
OTBjZjcwHhcNMjMwMTAxMDMxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTA0MDkxNWM2MzFhODA3N2QyM2E3NmEyZDYzNzdmNmEzNmIwMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhYN1ystnOMIZgA+1NMkD1Qh67rD
pOx4gtv3oUWDT26ZfYUdRhZnCYLjQOI1a5bWMs2ZbECJ+jm095XoH+iEidvGHjzx
xqKxuvCWwt3yspx3H0NCtFbMx+yx/4DBsOCsiK6ugauZmDj7wQeY6GcPW73ELPsb
IClidoi50F1aZjbvcO98/FoH9w8PoF5URJCP4m4ubTTUCx/SgiW8uEi3QOGsNrgC
ybkBsgmNv3q6krmxEE5r0nOcx3ICbmKkbx1yNomDUfRy2w0ALsY8ov5HseA0j9zj
9x7ooXhRaVtgRPvkeCy+b/URsPxUg3J0/xH4RsGTEnSu5LHvLg5FSLLZtwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBoECRXGMagHfSOnai1jd/ajawCyMB8GA1UdIwQY
MBaAFEBqkiUMKFgPKtTMHDV7AqJaeQz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMt
N2YyMGVmMDJmMjY0LzEvR2dRSkZjWXhxQWQ5STZkcUxXTjM5cU5yQUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMtN2YyMGVmMDJmMjY0
LzEvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYD4AwQC
LZ4YAwQCVPxgAwQCue8cMA0EAgACMAcDBQMqDEeAMA0GCSqGSIb3DQEBCwUAA4IB
AQAsJo0QsTqLPSbOo+j74bZQTHDYAQvFhsFF45cebagbIQYzBHUoiRpXfd2M/Doi
S3nVHeBOkWuk0q01LnBq9pNjikD5qdcMKw85jH3GLSYl+yqeGfGzSKfT8s0dRlyH
b+IMqBQCdAv62eNpwolVo20aBtLt9lb3WDafQ9P1D4OrTbvrxfUObIioTwuBe1RU
HTgvUyCe4a8YGuay43GLXuxJqsJ/NrGfnuiS3Sc1GKFeLh27rcUa0BzfH/l1Lnze
ozYk5uJcYXe4giu0P20fSqt673pa+Ib0rXhxNO+yUV9dBDYCErbs8voaf9ccX1ic
/83DQ9mwHgZUuVZqypC5IODp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org