Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/GFTIwsyyz77Vdk2oqrbgI5wTmDQ.roa
File: GFTIwsyyz77Vdk2oqrbgI5wTmDQ.roa (raw, json)
Hash identifier: Wk/ZVDN1J3HKKfqGUFSQn20fR20rKCoF4EGP9BHUkdE=
Subject key identifier: 18:54:C8:C2:CC:B2:CF:BE:D5:76:4D:A8:AA:B6:E0:23:9C:13:98:34
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B4AA3039C91E95264034758B2BE7F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/GFTIwsyyz77Vdk2oqrbgI5wTmDQ.roa
Signing time: Sun 01 Jan 2023 18:15:00 +0000
ROA not before: Sun 01 Jan 2023 18:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.196.0/22 maxlen: 24
45.8.203.0/24 maxlen: 24
45.8.205.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
85.208.105.0/24 maxlen: 24
45.66.152.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
5.180.32.0/22 maxlen: 24
85.209.160.0/22 maxlen: 24
5.180.48.0/22 maxlen: 24
85.208.112.0/22 maxlen: 24
5.253.36.0/22 maxlen: 24
5.253.44.0/24 maxlen: 24
45.8.252.0/22 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.0.0/22 maxlen: 24
45.9.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:4a:a3:03:9c:91:e9:52:64:03:47:58:b2:be:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1854c8c2ccb2cfbed5764da8aab6e0239c139834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e7:d0:5e:d7:21:40:78:23:63:ca:11:26:cc:
c0:4c:94:e3:cb:2f:46:30:2f:b4:8b:50:e1:56:bc:
d4:84:d5:98:1b:2d:02:3d:51:64:aa:f0:47:be:3e:
39:32:5b:e0:e6:bc:b9:fd:9e:2e:f3:85:8e:6e:dc:
14:8c:12:3a:b0:d6:49:90:e9:0c:86:0a:8f:e3:d0:
75:c5:d6:e3:74:b9:51:dd:33:a4:bf:5d:ea:b7:f4:
a0:20:3f:2a:78:a5:d7:00:d5:0e:8b:06:9f:ce:92:
61:05:85:45:9e:00:c5:70:64:f5:cd:d5:f1:4b:7f:
cd:9e:93:82:71:6c:6e:98:ce:1f:d5:eb:63:23:b2:
40:58:46:aa:06:aa:a3:a8:8d:e6:07:e4:d3:11:97:
41:be:d3:83:7e:d8:37:8f:f5:3c:9d:a1:76:95:42:
0b:16:61:bb:48:52:57:d8:98:c0:dc:40:c9:a2:9f:
fc:f0:e3:df:ed:de:d7:f3:ac:c1:41:89:7e:d3:69:
1e:d3:22:4e:0d:11:fa:02:ee:c2:62:99:c3:7a:39:
ea:c9:29:7b:6a:cc:d7:dc:2b:b1:ec:27:d7:66:bf:
64:c3:0d:cb:74:07:50:43:44:90:08:e3:b9:71:ae:
93:75:ec:17:95:75:95:65:1e:cd:74:b6:bb:74:31:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:54:C8:C2:CC:B2:CF:BE:D5:76:4D:A8:AA:B6:E0:23:9C:13:98:34
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/GFTIwsyyz77Vdk2oqrbgI5wTmDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/22
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.36.0/22
5.253.44.0/22
45.8.184.0-45.8.199.255
45.8.203.0/24
45.8.205.0/24
45.8.252.0-45.9.7.255
45.66.152.0/22
85.208.105.0/24
85.208.112.0/22
85.209.160.0/22
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:c4:bb:db:f6:cf:3e:2d:7a:fc:36:41:a2:85:64:c5:dd:37:
ce:8b:63:7a:66:9b:88:92:4b:9e:6c:ff:9a:05:f2:fb:59:bb:
b6:60:13:ef:bd:8d:9a:b7:40:be:2c:f4:0a:0d:1c:55:ca:d5:
4d:0f:4a:d2:13:93:6c:a4:f5:8a:27:c9:bf:01:7e:a4:97:12:
09:33:16:3e:46:ac:3f:45:68:68:30:c4:04:9f:94:5e:7d:c7:
29:ea:59:b6:df:e0:c4:a5:0d:ca:2c:9f:07:eb:5c:6e:96:15:
84:8a:88:05:1f:2e:aa:ad:d8:5f:b7:34:ca:ff:2e:31:a7:4b:
dc:52:f7:c7:e8:05:43:07:57:bb:df:ed:4d:8d:95:4a:a7:9f:
5e:5a:ea:04:f0:5e:ff:8e:68:0b:9d:46:5b:e8:07:0f:c4:5f:
03:3d:14:c3:67:31:7f:dc:3b:d1:49:23:dc:07:33:78:00:4a:
f0:05:1d:f2:f2:04:3f:fd:21:49:57:89:59:f9:4b:63:07:f0:
ea:71:6a:a6:9a:fc:87:eb:ec:46:f0:da:c5:41:d6:01:02:c7:
8d:f2:e5:17:7b:35:09:14:47:d2:02:11:61:04:8c:a2:2c:9a:
6f:dc:1b:77:03:6e:12:86:38:57:40:d5:90:71:51:f4:67:1a:
14:24:5c:d1
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYVui0qjA5yR6VJkA0dYsr5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODU0YzhjMmNjYjJjZmJlZDU3NjRkYThhYWI2ZTAyMzljMTM5ODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOfQXtchQHgjY8oRJszATJTjyy9G
MC+0i1DhVrzUhNWYGy0CPVFkqvBHvj45Mlvg5ry5/Z4u84WObtwUjBI6sNZJkOkM
hgqP49B1xdbjdLlR3TOkv13qt/SgID8qeKXXANUOiwafzpJhBYVFngDFcGT1zdXx
S3/NnpOCcWxumM4f1etjI7JAWEaqBqqjqI3mB+TTEZdBvtODftg3j/U8naF2lUIL
FmG7SFJX2JjA3EDJop/88OPf7d7X86zBQYl+02ke0yJODRH6Au7CYpnDejnqySl7
aszX3Cux7CfXZr9kww3LdAdQQ0SQCOO5ca6TdewXlXWVZR7NdLa7dDG2WQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFBhUyMLMss++1XZNqKq24COcE5g0MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvR0ZUSXdzeXl6NzdWZGsyb3FyYmdJNXdUbURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAgW0IAME
AgW0MAMEAAW0UAMEAAW0UgMEAgW06AMEAgX9JAMEAgX9LDAMAwQDLQi4AwQDLQjA
AwQALQjLAwQALQjNMAwDBAItCPwDBAMtCQADBAItQpgDBABV0GkDBAJV0HADBAJV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBALPEu9v2zz4tevw2QaKFZMXdN86L
Y3pmm4iSS55s/5oF8vtZu7ZgE++9jZq3QL4s9AoNHFXK1U0PStITk2yk9Yonyb8B
fqSXEgkzFj5GrD9FaGgwxASflF59xynqWbbf4MSlDcosnwfrXG6WFYSKiAUfLqqt
2F+3NMr/LjGnS9xS98foBUMHV7vf7U2NlUqnn15a6gTwXv+OaAudRlvoBw/EXwM9
FMNnMX/cO9FJI9wHM3gASvAFHfLyBD/9IUlXiVn5S2MH8Opxaqaa/Ifr7Ebw2sVB
1gECx43y5Rd7NQkUR9ICEWEEjKIsmm/cG3cDbhKGOFdA1ZBxUfRnGhQkXNE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-ams.rpki-client.org