Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/GS05T6K6YRcuBalod05PutBzqow.roa
File: GS05T6K6YRcuBalod05PutBzqow.roa (raw, json)
Hash identifier: ODA8nvR20vamc0KVBcGL5ghk6rdRnhaHKKkVKUNdQqE=
Subject key identifier: 19:2D:39:4F:A2:BA:61:17:2E:05:A9:68:77:4E:4F:BA:D0:73:AA:8C
Certificate issuer: /CN=00642b607b94a143ff41c554c913bd5a651f8c05
Certificate serial: 018703851A5D5730B50177B668AA52193CB5
Authority key identifier: 00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/GS05T6K6YRcuBalod05PutBzqow.roa
Signing time: Tue 21 Mar 2023 09:34:27 +0000
ROA not before: Tue 21 Mar 2023 09:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50563
IP address blocks: 37.98.204.0/22 maxlen: 22
37.98.205.0/24 maxlen: 24
37.98.206.0/23 maxlen: 23
37.98.206.0/24 maxlen: 24
37.98.204.0/24 maxlen: 24
37.98.204.0/23 maxlen: 23
37.98.207.0/24 maxlen: 24
93.119.16.0/23 maxlen: 23
93.119.16.0/24 maxlen: 24
93.119.17.0/24 maxlen: 24
93.119.19.0/24 maxlen: 24
195.189.208.0/23 maxlen: 23
195.189.208.0/24 maxlen: 24
195.189.209.0/24 maxlen: 24
188.240.192.0/24 maxlen: 24
188.240.193.0/24 maxlen: 24
185.72.112.0/22 maxlen: 22
185.72.112.0/23 maxlen: 23
185.72.112.0/24 maxlen: 24
185.72.115.0/24 maxlen: 24
185.72.113.0/24 maxlen: 24
185.72.114.0/23 maxlen: 23
185.72.114.0/24 maxlen: 24
185.125.28.0/22 maxlen: 22
185.66.44.0/24 maxlen: 24
185.66.44.0/23 maxlen: 23
185.66.44.0/22 maxlen: 22
185.66.45.0/24 maxlen: 24
185.66.46.0/23 maxlen: 23
185.66.46.0/24 maxlen: 24
185.66.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:85:1a:5d:57:30:b5:01:77:b6:68:aa:52:19:3c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00642b607b94a143ff41c554c913bd5a651f8c05
Validity
Not Before: Mar 21 09:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=192d394fa2ba61172e05a968774e4fbad073aa8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4b:c5:87:c9:8f:17:c5:ef:40:6c:c5:ab:2f:
9e:ad:7f:f1:e3:c6:05:3b:a3:9b:6a:98:da:5a:48:
ee:51:0d:2f:c2:4a:f3:ee:9c:36:67:f7:12:63:60:
76:f0:f1:73:77:cc:40:4e:86:fe:30:cb:f7:4e:8c:
4b:51:09:ad:c8:c3:13:e5:9d:52:99:30:f7:71:0a:
29:df:16:82:00:65:bb:b3:2d:4f:cc:92:76:23:ed:
2d:77:48:98:48:b4:3b:ee:64:23:2e:69:6b:ce:c8:
c1:26:18:fb:26:7b:ee:01:d5:f8:f5:b8:fb:68:9a:
a9:de:bf:50:f1:3e:2c:22:c5:46:78:ac:c7:8f:39:
2a:12:09:33:73:d0:d6:12:8e:38:6f:56:6d:33:df:
93:b6:a2:29:7e:5d:89:ea:08:c0:2b:5f:9f:de:60:
2f:0f:7d:1d:76:5e:7f:4e:bf:7d:d7:c0:08:f8:3c:
63:7b:74:7c:8c:4b:43:15:84:77:07:20:50:0d:ea:
e8:3b:52:90:d6:d0:20:f1:d5:50:c8:0f:bb:73:f2:
57:dd:c7:df:80:9a:31:8b:ec:e2:2e:4a:13:4c:47:
16:8c:d4:f3:ca:e7:84:75:ca:d6:4a:f7:c0:40:96:
41:33:01:66:00:46:68:55:85:a2:97:b2:7e:0b:33:
6a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2D:39:4F:A2:BA:61:17:2E:05:A9:68:77:4E:4F:BA:D0:73:AA:8C
X509v3 Authority Key Identifier:
keyid:00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/GS05T6K6YRcuBalod05PutBzqow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/AGQrYHuUoUP_QcVUyRO9WmUfjAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.204.0/22
93.119.16.0/23
93.119.19.0/24
185.66.44.0/22
185.72.112.0/22
185.125.28.0/22
188.240.192.0/23
195.189.208.0/23
Signature Algorithm: sha256WithRSAEncryption
47:bf:44:91:7f:8a:d7:76:30:c7:23:11:ef:59:c8:a7:92:46:
45:2c:cd:e4:1f:d7:4f:f1:62:3d:4c:35:7f:49:e7:96:cc:e0:
8e:f9:b9:c6:c0:cf:4b:f5:88:7d:4d:98:f1:b1:60:0d:61:96:
2b:bb:e3:2d:35:3a:c8:9c:d7:5a:36:e4:3a:3c:18:db:f8:dd:
63:3f:7a:18:2c:8c:d0:2b:d3:3d:42:95:50:50:c7:ed:a4:e1:
a8:c2:21:3e:bf:40:f0:b5:d3:3f:1a:0b:f0:90:18:65:ae:9e:
27:ae:16:5c:ad:dd:8a:8c:86:6b:fd:5d:b7:f7:3e:1a:ff:d7:
6f:9d:25:83:d4:64:be:c1:1a:62:f7:a1:43:6b:f5:c0:be:5a:
f8:6b:fb:14:e7:3b:ba:6a:0d:17:e5:21:3b:ed:60:9e:3e:fd:
e1:64:d6:90:d4:a2:c1:e3:c6:94:7e:60:1d:79:4e:f7:e1:4b:
27:19:6a:38:d6:d5:0d:b5:c0:9d:49:7e:a6:6c:b2:f2:00:94:
a6:69:ed:13:60:9b:da:19:81:40:c8:b4:09:af:65:bf:a7:2b:
7a:27:1f:c9:91:21:19:f3:bf:57:9e:90:13:55:a3:1c:c2:63:
9b:66:4a:55:b4:97:28:04:bc:57:5f:62:e5:da:33:67:bb:77:
c1:1e:2f:d5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYcDhRpdVzC1AXe2aKpSGTy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNjQyYjYwN2I5NGExNDNmZjQxYzU1NGM5MTNiZDVhNjUx
ZjhjMDUwHhcNMjMwMzIxMDkzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJkMzk0ZmEyYmE2MTE3MmUwNWE5Njg3NzRlNGZiYWQwNzNhYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0vFh8mPF8XvQGzFqy+erX/x48YF
O6ObapjaWkjuUQ0vwkrz7pw2Z/cSY2B28PFzd8xATob+MMv3ToxLUQmtyMMT5Z1S
mTD3cQop3xaCAGW7sy1PzJJ2I+0td0iYSLQ77mQjLmlrzsjBJhj7JnvuAdX49bj7
aJqp3r9Q8T4sIsVGeKzHjzkqEgkzc9DWEo44b1ZtM9+TtqIpfl2J6gjAK1+f3mAv
D30ddl5/Tr9918AI+Dxje3R8jEtDFYR3ByBQDeroO1KQ1tAg8dVQyA+7c/JX3cff
gJoxi+ziLkoTTEcWjNTzyueEdcrWSvfAQJZBMwFmAEZoVYWil7J+CzNqtwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBktOU+iumEXLgWpaHdOT7rQc6qMMB8GA1UdIwQY
MBaAFABkK2B7lKFD/0HFVMkTvVplH4wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUt
MTliYzdiZGNjYmMxLzEvR1MwNVQ2SzZZUmN1QmFsb2QwNVB1dEJ6cW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUtMTliYzdiZGNjYmMx
LzEvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCJWLMAwQB
XXcQAwQAXXcTAwQCuUIsAwQCuUhwAwQCuX0cAwQBvPDAAwQBw73QMA0GCSqGSIb3
DQEBCwUAA4IBAQBHv0SRf4rXdjDHIxHvWcinkkZFLM3kH9dP8WI9TDV/SeeWzOCO
+bnGwM9L9Yh9TZjxsWANYZYru+MtNTrInNdaNuQ6PBjb+N1jP3oYLIzQK9M9QpVQ
UMftpOGowiE+v0DwtdM/GgvwkBhlrp4nrhZcrd2KjIZr/V239z4a/9dvnSWD1GS+
wRpi96FDa/XAvlr4a/sU5zu6ag0X5SE77WCePv3hZNaQ1KLB48aUfmAdeU734Usn
GWo41tUNtcCdSX6mbLLyAJSmae0TYJvaGYFAyLQJr2W/pyt6Jx/JkSEZ879XnpAT
VaMcwmObZkpVtJcoBLxXX2Ll2jNnu3fBHi/V
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:19 2024 by rpki-client on console-ams.rpki-client.org