Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/GnL56-by47J5v-nA127B7OYbBuk.roa
File: GnL56-by47J5v-nA127B7OYbBuk.roa (raw, json)
Hash identifier: 3fcVY4YQgyVZctUqfQW9qJYpr48sapEOtribTZi18yQ=
Subject key identifier: 1A:72:F9:EB:E6:F2:E3:B2:79:BF:E9:C0:D7:6E:C1:EC:E6:1B:06:E9
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 0185C51BEDB2256DC9CA719A44D8ECA7EC2E
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/GnL56-by47J5v-nA127B7OYbBuk.roa
Signing time: Wed 18 Jan 2023 13:40:19 +0000
ROA not before: Wed 18 Jan 2023 13:40:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 86.107.255.0/24 maxlen: 24
89.43.156.0/22 maxlen: 24
79.132.145.0/24 maxlen: 24
46.247.245.0/24 maxlen: 24
79.132.153.0/24 maxlen: 24
79.132.154.0/24 maxlen: 24
85.112.211.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
86.105.91.0/24 maxlen: 24
185.183.63.0/24 maxlen: 24
86.107.248.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c5:1b:ed:b2:25:6d:c9:ca:71:9a:44:d8:ec:a7:ec:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 18 13:40:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a72f9ebe6f2e3b279bfe9c0d76ec1ece61b06e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4d:c1:75:6b:b9:b6:1d:e3:c4:4c:56:26:d5:
6e:b0:31:4b:25:61:02:1e:f3:51:3d:f2:c0:8a:b9:
63:34:a0:f7:cc:3a:ba:47:73:5b:05:92:d2:a3:7c:
40:6b:8e:e0:4b:a8:f6:bd:32:4f:9a:2c:13:6a:05:
38:98:f2:0e:f0:c2:b6:aa:76:2a:fe:34:7c:8a:97:
78:0f:f6:6c:e2:c9:c8:bf:77:7f:ed:f2:6b:47:dd:
b0:cb:a3:2c:29:bf:89:f2:91:75:80:65:1a:5a:d0:
bb:db:c8:da:50:0d:f9:fc:db:ad:a8:fd:02:f2:11:
f1:3c:fa:09:24:71:cb:e8:c9:37:e1:fa:54:3d:19:
4e:d1:56:0e:4e:fc:a2:a8:f0:af:eb:ac:1f:79:bc:
4d:e7:da:85:b0:d4:5a:e9:2d:d2:61:91:8f:21:3b:
22:39:0e:1b:53:0a:95:6f:14:9b:b8:93:27:93:cc:
e8:61:70:7a:cb:1d:58:b9:fc:28:e5:ae:26:db:28:
2c:f4:65:d9:95:ff:1a:f9:0e:8e:bb:dc:8e:b2:7f:
f2:a7:e1:21:3b:4b:62:24:ad:7d:08:3a:50:63:29:
32:3f:d0:86:f4:20:d1:98:b0:12:cd:88:6b:a0:7e:
61:3b:64:72:ef:b2:bb:ef:cf:0f:fd:2c:c4:de:03:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:72:F9:EB:E6:F2:E3:B2:79:BF:E9:C0:D7:6E:C1:EC:E6:1B:06:E9
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/GnL56-by47J5v-nA127B7OYbBuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.245.0/24
79.132.145.0/24
79.132.153.0-79.132.154.255
85.112.211.0/24
86.105.91.0/24
86.107.248.0/21
89.43.156.0/22
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ff:20:e9:a8:39:88:b9:7a:99:aa:b4:31:d7:fe:9a:5e:42:
a7:94:a5:ae:c0:27:f3:32:74:40:bb:30:e6:81:ed:63:2c:5e:
e7:36:3f:d9:b9:d6:ea:e9:90:e0:14:ad:41:1b:64:6b:34:cc:
84:b1:2e:19:0a:eb:29:e3:8e:89:11:c8:ac:99:39:83:2c:62:
bb:88:a3:9f:0c:fc:4e:28:24:ae:ff:2a:6e:94:99:e7:4f:14:
6e:82:a5:8f:37:21:5e:f1:0c:79:67:2d:d4:e5:76:76:39:55:
3e:b6:f5:08:ce:11:7e:6c:09:8e:b0:ca:1b:42:46:12:1f:af:
32:a1:2c:27:56:d4:a7:b1:dc:7d:f9:83:d6:8f:d7:a8:ad:fe:
dc:1d:12:d8:25:39:8d:26:42:a8:65:7c:57:d6:4a:64:84:0e:
04:6b:43:4e:4c:39:e4:7f:9b:ce:3f:50:b5:8c:12:81:63:33:
84:23:75:d3:cd:7f:e4:a2:ff:1a:d6:66:3f:22:74:e8:bb:0d:
f8:2e:44:c0:d5:35:c9:c2:38:9b:b2:3d:c4:b5:1e:b9:09:ed:
cf:96:01:01:29:5e:2e:af:6c:39:70:67:59:fb:41:eb:a0:e8:
13:1d:30:aa:52:9e:9b:20:dc:a8:e3:4f:9e:b7:43:3c:43:c1:
02:7e:18:74
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYXFG+2yJW3JynGaRNjsp+wuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTE4MTM0MDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTcyZjllYmU2ZjJlM2IyNzliZmU5YzBkNzZlYzFlY2U2MWIwNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU3BdWu5th3jxExWJtVusDFLJWEC
HvNRPfLAirljNKD3zDq6R3NbBZLSo3xAa47gS6j2vTJPmiwTagU4mPIO8MK2qnYq
/jR8ipd4D/Zs4snIv3d/7fJrR92wy6MsKb+J8pF1gGUaWtC728jaUA35/NutqP0C
8hHxPPoJJHHL6Mk34fpUPRlO0VYOTvyiqPCv66wfebxN59qFsNRa6S3SYZGPITsi
OQ4bUwqVbxSbuJMnk8zoYXB6yx1Yufwo5a4m2ygs9GXZlf8a+Q6Ou9yOsn/yp+Eh
O0tiJK19CDpQYykyP9CG9CDRmLASzYhroH5hO2Ry77K7788P/SzE3gMgRQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBpy+evm8uOyeb/pwNduwezmGwbpMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvR25MNTYtYnk0N0o1di1uQTEyN0I3T1liQnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALvf1AwQA
T4SRMAwDBABPhJkDBABPhJoDBABVcNMDBABWaVsDBANWa/gDBAJZK5wDBAC5tz8D
BAC535QwDQYJKoZIhvcNAQELBQADggEBAAH/IOmoOYi5epmqtDHX/ppeQqeUpa7A
J/MydEC7MOaB7WMsXuc2P9m51urpkOAUrUEbZGs0zISxLhkK6ynjjokRyKyZOYMs
YruIo58M/E4oJK7/Km6UmedPFG6CpY83IV7xDHlnLdTldnY5VT629QjOEX5sCY6w
yhtCRhIfrzKhLCdW1Kex3H35g9aP16it/twdEtglOY0mQqhlfFfWSmSEDgRrQ05M
OeR/m84/ULWMEoFjM4QjddPNf+Si/xrWZj8idOi7DfguRMDVNcnCOJuyPcS1HrkJ
7c+WAQEpXi6vbDlwZ1n7Qeug6BMdMKpSnpsg3KjjT563QzxDwQJ+GHQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:14 2024 by rpki-client on console-ams.rpki-client.org