Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/Gvcq5evQ2qXDBaTmdFq_ADdM4F8.roa
File: Gvcq5evQ2qXDBaTmdFq_ADdM4F8.roa (raw, json)
Hash identifier: MaZ+FNZ3bIyhOW+YXpqptqhl3lT/WQpGZWKj65z5KHM=
Subject key identifier: 1A:F7:2A:E5:EB:D0:DA:A5:C3:05:A4:E6:74:5A:BF:00:37:4C:E0:5F
Certificate issuer: /CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Certificate serial: 01888B58C9DFC9F099D485F0E7462F54449B
Authority key identifier: 91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/Gvcq5evQ2qXDBaTmdFq_ADdM4F8.roa
Signing time: Mon 05 Jun 2023 11:37:11 +0000
ROA not before: Mon 05 Jun 2023 11:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8608
IP address blocks: 62.100.0.0/18 maxlen: 18
89.220.0.0/17 maxlen: 17
217.17.128.0/20 maxlen: 20
84.41.128.0/17 maxlen: 17
212.67.160.0/19 maxlen: 19
217.112.112.0/20 maxlen: 20
88.211.128.0/18 maxlen: 18
195.18.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Wed 25 Oct 2023 11:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:58:c9:df:c9:f0:99:d4:85:f0:e7:46:2f:54:44:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Validity
Not Before: Jun 5 11:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af72ae5ebd0daa5c305a4e6745abf00374ce05f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:12:a1:83:85:ea:1b:9b:5c:00:48:42:40:ae:
f6:13:07:e4:d1:82:a0:56:77:f9:fc:d7:5e:32:f6:
9a:61:19:ed:51:71:3b:b0:f1:35:09:f3:42:11:81:
97:7e:6a:5c:30:f3:aa:ca:88:47:ed:18:9d:0f:e6:
fe:a1:77:7e:8c:ef:80:78:f6:35:2d:6d:0c:00:c4:
2c:6c:21:31:b0:c6:15:83:a9:a9:ec:02:17:9f:8f:
de:9c:64:bb:20:f9:c1:e0:12:2d:06:ff:3f:7b:f5:
3b:bf:1d:d5:21:e3:50:90:26:c7:9b:c6:82:30:cb:
c4:0f:74:e5:0c:43:01:cd:e6:e0:59:af:bd:30:f4:
7b:aa:da:21:8d:48:67:a5:c1:3e:5b:4f:d5:b4:e5:
40:43:fb:02:d6:88:90:58:fb:37:54:a2:89:9d:f0:
6b:4e:0d:8c:3a:d1:12:b0:7b:15:fb:4e:25:c2:62:
f1:05:1a:6b:c1:f2:bc:cd:fc:27:89:0a:27:76:5a:
02:ca:6f:89:a5:11:db:cd:31:89:17:aa:2a:a7:d0:
e3:77:9b:8d:cd:ad:cd:5f:57:f3:09:96:8d:1e:f4:
27:cb:3a:b8:68:51:9a:80:64:d0:09:e2:45:55:94:
ab:47:4b:61:e4:41:80:57:8f:49:99:74:79:67:75:
6b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F7:2A:E5:EB:D0:DA:A5:C3:05:A4:E6:74:5A:BF:00:37:4C:E0:5F
X509v3 Authority Key Identifier:
keyid:91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/Gvcq5evQ2qXDBaTmdFq_ADdM4F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.0.0/18
84.41.128.0/17
88.211.128.0/18
89.220.0.0/17
195.18.64.0/18
212.67.160.0/19
217.17.128.0/20
217.112.112.0/20
Signature Algorithm: sha256WithRSAEncryption
90:28:5d:53:ee:61:0e:cf:1f:04:fe:b3:99:18:11:0b:97:1a:
85:1d:ef:35:56:84:e2:d7:31:5d:70:fd:8f:49:04:9b:9c:cb:
be:87:81:2f:cd:57:b5:d1:72:49:12:f3:61:3d:52:ee:6b:08:
83:67:f3:b0:88:2f:62:77:a8:ad:55:ea:44:18:cd:c7:0f:f3:
1f:2c:f6:1b:76:8e:c1:83:78:84:70:e7:ea:38:60:3c:3b:de:
af:8f:92:72:a3:0a:a6:c2:48:6d:dd:9f:43:14:09:54:18:50:
d2:39:75:71:e7:b7:69:5c:6f:32:85:f4:48:fa:1a:5b:38:35:
02:1e:0b:63:e4:c4:6b:54:4b:ff:46:be:78:39:ea:b0:6a:d8:
6e:70:34:55:3a:3f:2d:62:f9:00:9d:27:f6:a4:5b:0e:0c:b0:
b6:13:ac:09:22:5b:f5:95:04:6e:99:e1:9f:ae:5f:ce:9c:e1:
2b:2f:5c:c5:c6:35:3a:7a:e0:aa:7a:00:8b:04:0a:f7:a9:c6:
95:87:88:d1:12:b3:cc:3b:3b:ad:5f:6e:1f:bb:7e:03:eb:00:
6e:6d:d5:94:fd:6e:05:e4:99:73:5d:06:5f:a9:27:c8:94:74:
83:c4:75:9e:1f:91:ed:07:b1:e1:1d:76:a0:4d:c4:27:fb:b6:
dc:5c:8d:63
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYiLWMnfyfCZ1IXw50YvVESbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzEwYmZkZTU4MTNhYjQ3YzM4YzVjMTkwNGVjMjZiMzJj
MmEwOTUwHhcNMjMwNjA1MTEzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY3MmFlNWViZDBkYWE1YzMwNWE0ZTY3NDVhYmYwMDM3NGNlMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxKhg4XqG5tcAEhCQK72Ewfk0YKg
Vnf5/NdeMvaaYRntUXE7sPE1CfNCEYGXfmpcMPOqyohH7RidD+b+oXd+jO+AePY1
LW0MAMQsbCExsMYVg6mp7AIXn4/enGS7IPnB4BItBv8/e/U7vx3VIeNQkCbHm8aC
MMvED3TlDEMBzebgWa+9MPR7qtohjUhnpcE+W0/VtOVAQ/sC1oiQWPs3VKKJnfBr
Tg2MOtESsHsV+04lwmLxBRprwfK8zfwniQondloCym+JpRHbzTGJF6oqp9Djd5uN
za3NX1fzCZaNHvQnyzq4aFGagGTQCeJFVZSrR0th5EGAV49JmXR5Z3Vr8QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBr3KuXr0NqlwwWk5nRavwA3TOBfMB8GA1UdIwQY
MBaAFJHBC/3lgTq0fDjFwZBOwmsywqCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTct
MDRkNzRmMzY4Njk4LzEvR3ZjcTVldlEycVhEQmFUbWRGcV9BRGRNNEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTctMDRkNzRmMzY4Njk4
LzEva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQGPmQAAwQH
VCmAAwQGWNOAAwQHWdwAAwQGwxJAAwQF1EOgAwQE2RGAAwQE2XBwMA0GCSqGSIb3
DQEBCwUAA4IBAQCQKF1T7mEOzx8E/rOZGBELlxqFHe81VoTi1zFdcP2PSQSbnMu+
h4EvzVe10XJJEvNhPVLuawiDZ/OwiC9id6itVepEGM3HD/MfLPYbdo7Bg3iEcOfq
OGA8O96vj5Jyowqmwkht3Z9DFAlUGFDSOXVx57dpXG8yhfRI+hpbODUCHgtj5MRr
VEv/Rr54OeqwathucDRVOj8tYvkAnSf2pFsODLC2E6wJIlv1lQRumeGfrl/OnOEr
L1zFxjU6euCqegCLBAr3qcaVh4jRErPMOzutX24fu34D6wBubdWU/W4F5JlzXQZf
qSfIlHSDxHWeH5HtB7HhHXagTcQn+7bcXI1j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:41 2024 by rpki-client on console-ams.rpki-client.org