Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/GKCqRmqgH80zrCHBy_HZQU4QCPY.roa
File: GKCqRmqgH80zrCHBy_HZQU4QCPY.roa (raw, json)
Hash identifier: k2juw/78yUa2C7qzAZUp5mGOdRq4y0jQz+xl4oT0/ZY=
Subject key identifier: 18:A0:AA:46:6A:A0:1F:CD:33:AC:21:C1:CB:F1:D9:41:4E:10:08:F6
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018D13D7F2E5178AE274CA44A690BAA03901
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/GKCqRmqgH80zrCHBy_HZQU4QCPY.roa
Signing time: Tue 16 Jan 2024 19:55:35 +0000
ROA not before: Tue 16 Jan 2024 19:55:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 45.8.89.0/24 maxlen: 24
77.83.95.0/24 maxlen: 24
92.119.128.0/24 maxlen: 24
92.119.130.0/24 maxlen: 24
194.93.3.0/24 maxlen: 24
194.169.161.0/24 maxlen: 24
194.169.162.0/24 maxlen: 24
213.139.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 09:18:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f2:e5:17:8a:e2:74:ca:44:a6:90:ba:a0:39:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 16 19:55:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18a0aa466aa01fcd33ac21c1cbf1d9414e1008f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ee:35:36:6b:ad:dc:34:3e:50:a9:3a:77:d3:
47:09:b3:60:de:fa:a3:f1:a7:3f:09:02:75:c4:2f:
30:8c:ba:fe:7f:df:5b:18:0c:b4:45:bd:0f:61:8c:
1c:79:8e:d0:85:93:dd:4e:1d:da:82:c5:e9:ab:2f:
cf:d5:64:c4:0b:2f:a3:ae:88:41:0f:04:eb:91:e5:
b1:3a:d6:cd:02:9c:14:72:46:86:94:07:89:05:59:
9d:39:c7:e0:33:3e:86:9e:3a:cf:19:8f:d0:cb:75:
50:b4:49:f1:51:72:59:a1:35:91:7c:81:5b:76:14:
49:12:66:0c:35:21:3b:ba:5e:2e:f3:6a:96:ba:da:
c5:0c:0c:15:6e:73:e7:c1:6d:2b:51:d0:c2:c4:59:
b8:93:20:ad:ed:eb:de:59:f7:e9:5c:4c:83:4f:ee:
4b:22:9b:08:08:08:69:7c:d9:80:d7:ae:32:b4:dc:
fe:d2:2f:cf:1b:a1:95:b4:66:10:2b:18:72:80:7e:
e6:37:aa:e8:2a:b9:f4:1e:df:a5:7e:99:0b:48:eb:
b2:63:b2:43:57:c6:e6:fa:10:61:58:6b:69:d1:38:
2f:f2:aa:7b:4e:49:b4:2a:ab:1c:b1:f7:4c:24:1a:
2d:d2:f1:8e:0c:44:4a:c5:de:79:7c:7f:6e:b0:b5:
7f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A0:AA:46:6A:A0:1F:CD:33:AC:21:C1:CB:F1:D9:41:4E:10:08:F6
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/GKCqRmqgH80zrCHBy_HZQU4QCPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.89.0/24
77.83.95.0/24
92.119.128.0/24
92.119.130.0/24
194.93.3.0/24
194.169.161.0-194.169.162.255
213.139.203.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:9c:51:50:df:18:9f:98:7f:11:b3:e0:26:fd:f3:07:dc:6b:
ce:b9:a0:1a:a5:73:23:d6:07:20:1e:d4:c0:ca:94:01:b9:01:
25:98:1e:89:10:2b:d4:f4:af:44:42:4b:18:8f:f5:e7:38:5e:
bc:ec:e5:6e:7a:7e:10:87:ce:37:c5:da:2b:4d:99:2b:8c:0f:
4b:49:69:04:96:e1:4b:05:c8:ab:8b:7b:0b:ab:e2:40:b2:de:
b2:a4:f0:6d:06:b4:69:cc:ef:24:27:37:7e:51:39:16:a1:0a:
8a:9f:c4:ed:83:da:b8:f9:42:53:99:68:ae:f1:0a:e8:e5:ca:
1f:dc:67:6e:91:8f:5c:a1:0a:8a:a5:22:29:8a:12:57:40:fa:
06:28:e0:da:4c:bd:83:d4:2c:51:5e:10:68:26:8e:56:59:0e:
fa:93:9a:e2:09:39:02:42:66:8c:58:ad:22:ac:04:b7:bc:9b:
34:36:47:05:1a:78:4d:9b:97:a1:f7:ae:79:2b:b0:2f:84:76:
7e:a7:78:a4:a3:c4:b1:0c:2f:00:77:13:63:33:8f:8f:78:40:
fd:4a:9d:76:b4:34:7a:d1:f6:ec:60:12:28:3d:e7:b2:02:7d:
95:27:5a:14:c5:d6:7a:fa:84:54:9c:ac:8d:a5:a0:2e:01:da:
f0:7c:c6:f7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY0T1/LlF4ridMpEppC6oDkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTE2MTk1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGEwYWE0NjZhYTAxZmNkMzNhYzIxYzFjYmYxZDk0MTRlMTAwOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+41Nmut3DQ+UKk6d9NHCbNg3vqj
8ac/CQJ1xC8wjLr+f99bGAy0Rb0PYYwceY7QhZPdTh3agsXpqy/P1WTECy+jrohB
DwTrkeWxOtbNApwUckaGlAeJBVmdOcfgMz6GnjrPGY/Qy3VQtEnxUXJZoTWRfIFb
dhRJEmYMNSE7ul4u82qWutrFDAwVbnPnwW0rUdDCxFm4kyCt7eveWffpXEyDT+5L
IpsICAhpfNmA164ytNz+0i/PG6GVtGYQKxhygH7mN6roKrn0Ht+lfpkLSOuyY7JD
V8bm+hBhWGtp0Tgv8qp7Tkm0KqscsfdMJBot0vGODERKxd55fH9usLV/XQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBigqkZqoB/NM6whwcvx2UFOEAj2MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvR0tDcVJtcWdIODB6ckNIQnlfSFpRVTRRQ1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQhZAwQA
TVNfAwQAXHeAAwQAXHeCAwQAwl0DMAwDBADCqaEDBADCqaIDBADVi8swDQYJKoZI
hvcNAQELBQADggEBADucUVDfGJ+YfxGz4Cb98wfca865oBqlcyPWByAe1MDKlAG5
ASWYHokQK9T0r0RCSxiP9ec4Xrzs5W56fhCHzjfF2itNmSuMD0tJaQSW4UsFyKuL
ewur4kCy3rKk8G0GtGnM7yQnN35RORahCoqfxO2D2rj5QlOZaK7xCujlyh/cZ26R
j1yhCoqlIimKEldA+gYo4NpMvYPULFFeEGgmjlZZDvqTmuIJOQJCZoxYrSKsBLe8
mzQ2RwUaeE2bl6H3rnkrsC+Edn6neKSjxLEMLwB3E2Mzj494QP1KnXa0NHrR9uxg
Eig957ICfZUnWhTF1nr6hFScrI2loC4B2vB8xvc=
Generated at Sat Jan 20 10:24:09 2024 by rpki-client on console-fra.rpki-client.org