Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/GvVkmzuCxTWbu7NdfmXPy2zyjyg.roa
File: GvVkmzuCxTWbu7NdfmXPy2zyjyg.roa (raw, json)
Hash identifier: nfQuEUQ6FdiXEnp2wNniby02eCL0F+8esnABAPTL7FU=
Subject key identifier: 1A:F5:64:9B:3B:82:C5:35:9B:BB:B3:5D:7E:65:CF:CB:6C:F2:8F:28
Certificate issuer: /CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Certificate serial: 01856F42C11BD02D232A2E54543B0ABE4A6A
Authority key identifier: 39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/GvVkmzuCxTWbu7NdfmXPy2zyjyg.roa
Signing time: Sun 01 Jan 2023 21:35:23 +0000
ROA not before: Sun 01 Jan 2023 21:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206101
IP address blocks: 185.196.112.0/24 maxlen: 24
185.196.115.0/24 maxlen: 24
185.196.114.0/24 maxlen: 24
185.196.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c1:1b:d0:2d:23:2a:2e:54:54:3b:0a:be:4a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Validity
Not Before: Jan 1 21:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af5649b3b82c5359bbbb35d7e65cfcb6cf28f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3d:d8:01:9d:aa:81:25:6d:77:e1:f4:7f:0d:
e2:45:81:10:32:e7:fa:a4:c4:b3:d0:0f:bf:1b:a5:
a4:36:87:e6:98:0b:3d:f6:47:84:ba:f8:84:ec:69:
14:ea:70:07:b5:63:1b:9c:51:58:63:f5:f4:06:20:
d1:58:d4:43:94:9a:8c:a6:fa:24:58:f8:16:34:5c:
40:2d:82:00:b6:91:74:ff:da:ad:52:89:34:f5:da:
ea:36:c4:38:e5:29:f5:77:d8:8c:14:9f:38:48:1a:
e7:03:a7:0d:01:ea:b7:36:9e:ae:6d:c1:9d:5a:02:
37:b2:37:bb:e0:2e:aa:4e:aa:1c:47:bc:e2:d7:5a:
58:5b:d8:c1:a9:d8:81:aa:82:19:68:d8:c3:4a:2b:
47:35:0c:49:6b:93:c2:99:d3:59:1c:79:ce:2e:93:
d0:7a:50:b5:fd:61:32:eb:ad:6d:40:5f:19:79:d8:
d0:01:43:e7:51:ce:9a:81:d6:a1:e8:ae:2d:4a:09:
27:7f:82:e0:1f:12:51:91:7a:4c:de:f0:42:7c:0d:
e5:0b:20:36:b8:79:79:2c:e0:cc:5d:39:12:76:4e:
af:95:84:f1:b2:0e:1e:85:d3:e2:15:8b:69:4a:39:
8d:aa:ce:32:85:a4:70:62:a4:55:1e:59:84:d9:b9:
34:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F5:64:9B:3B:82:C5:35:9B:BB:B3:5D:7E:65:CF:CB:6C:F2:8F:28
X509v3 Authority Key Identifier:
keyid:39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/GvVkmzuCxTWbu7NdfmXPy2zyjyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.112.0/22
Signature Algorithm: sha256WithRSAEncryption
68:d5:b3:32:09:c7:85:ef:e7:76:59:ea:7b:0b:62:7f:0f:1d:
0c:98:54:b5:96:0f:28:83:b3:5a:88:aa:a6:d9:62:cc:cb:ed:
6b:ff:53:65:18:52:c7:33:3d:14:8e:79:dc:ad:5c:9d:18:11:
5b:ca:53:63:45:eb:0e:a8:7c:a9:2b:09:b5:66:d4:78:4a:bd:
72:3e:10:a7:c0:c2:b3:c6:3b:83:25:29:8d:07:d0:41:b7:76:
66:55:be:1a:8f:e2:13:ee:55:37:12:11:41:a5:0f:95:e5:c0:
08:f7:c0:f7:86:34:75:74:e0:44:52:13:c7:2f:e4:4c:e5:bb:
3f:da:fa:ac:54:85:8e:4a:d8:cd:5a:dd:6b:46:cd:fb:ee:75:
bb:3f:04:91:06:cf:3e:3c:35:69:ce:cc:1c:24:92:e5:66:6f:
92:e9:1a:00:da:f8:23:1e:1e:48:35:64:55:f5:a5:24:5f:e4:
5a:2a:dc:36:14:15:2c:8a:01:66:41:9f:9f:3b:3c:64:8a:27:
e6:bf:4f:17:1a:e5:ee:15:f4:1a:9d:98:d7:0c:14:17:38:3b:
e8:3b:13:33:46:6a:f9:af:4d:9f:3c:df:60:5e:8c:79:89:4c:
a6:86:52:57:de:0f:69:a0:3a:23:a5:18:e2:bf:f2:59:70:41:
71:38:cf:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQsEb0C0jKi5UVDsKvkpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzZlNmFiMDg0YzllZWVkZTg2ZTJhZjZiZGU3MjE1Mjc0
Yjk1YTcwHhcNMjMwMTAxMjEzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY1NjQ5YjNiODJjNTM1OWJiYmIzNWQ3ZTY1Y2ZjYjZjZjI4ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz3YAZ2qgSVtd+H0fw3iRYEQMuf6
pMSz0A+/G6WkNofmmAs99keEuviE7GkU6nAHtWMbnFFYY/X0BiDRWNRDlJqMpvok
WPgWNFxALYIAtpF0/9qtUok09drqNsQ45Sn1d9iMFJ84SBrnA6cNAeq3Np6ubcGd
WgI3sje74C6qTqocR7zi11pYW9jBqdiBqoIZaNjDSitHNQxJa5PCmdNZHHnOLpPQ
elC1/WEy661tQF8ZedjQAUPnUc6agdah6K4tSgknf4LgHxJRkXpM3vBCfA3lCyA2
uHl5LODMXTkSdk6vlYTxsg4ehdPiFYtpSjmNqs4yhaRwYqRVHlmE2bk0sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBr1ZJs7gsU1m7uzXX5lz8ts8o8oMB8GA1UdIwQY
MBaAFDl25qsITJ7u3obir2vechUnS5WnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMt
ZDY2Njc0Y2ZhNDI0LzEvR3ZWa216dUN4VFdidTdOZGZtWFB5Mnp5anlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMtZDY2Njc0Y2ZhNDI0
LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucRwMA0G
CSqGSIb3DQEBCwUAA4IBAQBo1bMyCceF7+d2Wep7C2J/Dx0MmFS1lg8og7NaiKqm
2WLMy+1r/1NlGFLHMz0UjnncrVydGBFbylNjResOqHypKwm1ZtR4Sr1yPhCnwMKz
xjuDJSmNB9BBt3ZmVb4aj+IT7lU3EhFBpQ+V5cAI98D3hjR1dOBEUhPHL+RM5bs/
2vqsVIWOStjNWt1rRs377nW7PwSRBs8+PDVpzswcJJLlZm+S6RoA2vgjHh5INWRV
9aUkX+RaKtw2FBUsigFmQZ+fOzxkiifmv08XGuXuFfQanZjXDBQXODvoOxMzRmr5
r02fPN9gXox5iUymhlJX3g9poDojpRjiv/JZcEFxOM/B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:40 2024 by rpki-client on console-ams.rpki-client.org