Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/GGl0jHeHeR7WDBmojs4ClMNt3ds.roa
File: GGl0jHeHeR7WDBmojs4ClMNt3ds.roa (raw, json)
Hash identifier: 88VANbNah0Th1Mc7VvGGnSE+l/xmb5TTzj1oqlYr8xE=
Subject key identifier: 18:69:74:8C:77:87:79:1E:D6:0C:19:A8:8E:CE:02:94:C3:6D:DD:DB
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0185B97718AC2A19D67A68C7F2770554A4DC
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/GGl0jHeHeR7WDBmojs4ClMNt3ds.roa
Signing time: Mon 16 Jan 2023 07:24:28 +0000
ROA not before: Mon 16 Jan 2023 07:24:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3352
IP address blocks: 83.60.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b9:77:18:ac:2a:19:d6:7a:68:c7:f2:77:05:54:a4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 16 07:24:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1869748c7787791ed60c19a88ece0294c36ddddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7c:99:40:bf:b4:09:d9:2c:85:91:20:e2:cd:
91:8e:96:6e:72:01:80:42:6a:34:ef:ff:4b:02:8a:
10:25:7d:16:0d:30:5a:c5:bb:17:65:76:45:a1:e1:
1f:30:1f:b4:86:4a:84:f7:03:38:e2:5f:40:fa:7e:
ec:c5:b2:fd:bb:ae:21:b3:4c:3d:a0:e1:2b:11:1c:
d6:a0:ef:71:c5:ba:09:d9:94:ef:e8:69:b7:13:f6:
20:10:65:6f:90:08:99:de:58:93:87:fc:14:71:0d:
e3:56:f2:cb:be:93:01:29:7b:8e:32:70:cf:c2:ea:
f1:37:05:9d:a6:ef:51:60:93:51:7f:ca:ae:c3:65:
2f:a4:6c:a8:e8:51:48:b1:20:6c:af:91:6f:29:83:
c6:7c:0c:47:fa:bc:56:24:bf:97:7f:0b:b5:8a:75:
19:4b:29:e2:f2:29:31:73:99:17:ca:26:b8:b1:82:
77:eb:95:16:c8:82:ea:ed:8b:aa:b6:7a:d9:35:07:
1e:23:8c:20:41:2a:d3:3f:b8:fd:55:58:84:33:5b:
ca:c6:2b:0a:a3:f2:7b:74:16:96:08:38:7d:8c:dc:
d4:3f:ec:18:fc:5f:a1:b9:ff:56:b7:45:99:98:ef:
10:a2:2c:12:79:e9:c1:ab:76:64:2e:68:0c:95:16:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:69:74:8C:77:87:79:1E:D6:0C:19:A8:8E:CE:02:94:C3:6D:DD:DB
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/GGl0jHeHeR7WDBmojs4ClMNt3ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.137.0.0/16
79.144.0.0/15
79.147.0.0/16
81.37.0.0-81.39.255.255
83.34.0.0/15
83.37.0.0/16
83.57.0.0/16
83.59.0.0-83.60.255.255
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
Signature Algorithm: sha256WithRSAEncryption
aa:83:55:b4:12:3e:36:31:bf:a4:47:6e:31:34:26:a8:f3:ae:
2f:b2:fb:53:03:db:28:11:68:4e:41:44:24:f7:8f:e9:6c:42:
df:c8:a6:95:42:67:61:59:89:b2:20:43:1d:9e:a3:39:cc:dd:
c8:9c:b7:9d:46:96:00:7d:fb:81:98:2a:6e:a5:7e:7a:25:7e:
49:71:d3:06:4d:6d:28:17:a0:79:6c:d2:d8:80:b2:12:f8:27:
c1:23:49:50:2f:d5:46:94:bc:03:94:30:a6:fd:3e:aa:cb:25:
ba:34:c7:7c:d3:09:f8:86:a9:fb:43:ce:af:b6:94:76:7c:05:
8f:d5:fd:a9:e7:4a:15:9e:07:3c:2a:71:d8:01:3e:5b:df:e8:
15:4b:6a:21:7d:38:03:19:a4:f3:d9:80:c3:29:65:c9:11:55:
32:41:eb:04:b7:6c:60:2f:43:4d:df:48:83:49:25:40:da:48:
52:ab:a3:df:54:24:4a:44:3f:ab:a7:17:0c:37:8d:c8:9f:3d:
5c:5f:c8:23:42:c9:2a:39:94:cb:fb:eb:28:2c:4b:3f:8e:5b:
31:ef:9f:55:33:db:4a:f0:18:5a:e4:cd:7b:01:4c:40:2d:fc:
5b:24:bb:28:e8:dc:b1:87:f2:41:fc:22:0d:d8:18:71:d7:65:
4f:a4:46:86
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYW5dxisKhnWemjH8ncFVKTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMTE2MDcyNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODY5NzQ4Yzc3ODc3OTFlZDYwYzE5YTg4ZWNlMDI5NGMzNmRkZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3yZQL+0CdkshZEg4s2RjpZucgGA
Qmo07/9LAooQJX0WDTBaxbsXZXZFoeEfMB+0hkqE9wM44l9A+n7sxbL9u64hs0w9
oOErERzWoO9xxboJ2ZTv6Gm3E/YgEGVvkAiZ3liTh/wUcQ3jVvLLvpMBKXuOMnDP
wurxNwWdpu9RYJNRf8quw2UvpGyo6FFIsSBsr5FvKYPGfAxH+rxWJL+Xfwu1inUZ
Syni8ikxc5kXyia4sYJ365UWyILq7YuqtnrZNQceI4wgQSrTP7j9VViEM1vKxisK
o/J7dBaWCDh9jNzUP+wY/F+huf9Wt0WZmO8QoiwSeenBq3ZkLmgMlRbycwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBhpdIx3h3ke1gwZqI7OApTDbd3bMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvR0dsMGpIZUhlUjdXREJtb2pzNENsTU50M2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwMAAokDAwFP
kAMDAE+TMAoDAwBRJQMDA1EgAwMBUyIDAwBTJQMDAFM5MAoDAwBTOwMDAFM8AwMC
WAgwCgMDAFgNAwMAWBADAwFYGDANBgkqhkiG9w0BAQsFAAOCAQEAqoNVtBI+NjG/
pEduMTQmqPOuL7L7UwPbKBFoTkFEJPeP6WxC38imlUJnYVmJsiBDHZ6jOczdyJy3
nUaWAH37gZgqbqV+eiV+SXHTBk1tKBegeWzS2ICyEvgnwSNJUC/VRpS8A5Qwpv0+
qsslujTHfNMJ+Iap+0POr7aUdnwFj9X9qedKFZ4HPCpx2AE+W9/oFUtqIX04Axmk
89mAwyllyRFVMkHrBLdsYC9DTd9Ig0klQNpIUquj31QkSkQ/q6cXDDeNyJ89XF/I
I0LJKjmUy/vrKCxLP45bMe+fVTPbSvAYWuTNewFMQC38WyS7KOjcsYfyQfwiDdgY
cddlT6RGhg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:36 2023 by rpki-client on console-ams.rpki-client.org