Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/GvKWTKDzQ2s6mn3SI0hmqxch9-E.roa
File: GvKWTKDzQ2s6mn3SI0hmqxch9-E.roa (raw, json)
Hash identifier: 7vA/HVKZxjk2I9ferwvSh10du0+zIeFH74B5BnrndBQ=
Subject key identifier: 1A:F2:96:4C:A0:F3:43:6B:3A:9A:7D:D2:23:48:66:AB:17:21:F7:E1
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 01856CE6330A3FED60EB889A1FCC9E431793
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/GvKWTKDzQ2s6mn3SI0hmqxch9-E.roa
Signing time: Sun 01 Jan 2023 10:35:03 +0000
ROA not before: Sun 01 Jan 2023 10:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51411
IP address blocks: 178.236.32.0/22 maxlen: 22
31.25.93.0/24 maxlen: 24
31.25.94.0/24 maxlen: 24
31.25.92.0/24 maxlen: 24
31.25.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:33:0a:3f:ed:60:eb:88:9a:1f:cc:9e:43:17:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jan 1 10:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af2964ca0f3436b3a9a7dd2234866ab1721f7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:a4:63:aa:e6:22:8c:a3:9b:f8:b4:63:bd:
84:80:e6:74:1d:0f:8d:20:43:1b:43:cb:24:06:2a:
02:6b:ac:14:01:20:d2:c6:38:cd:32:63:66:66:8e:
85:f1:0f:3f:4d:8c:df:e3:4b:a8:24:c0:4f:56:c1:
7a:7f:27:c9:eb:4a:6c:c5:0b:72:88:ce:a8:5f:91:
da:2b:25:2a:18:bf:31:fd:06:aa:36:ac:8c:7e:a7:
b8:ac:f1:91:05:f4:60:38:72:e3:a0:4b:f8:f9:59:
d5:4f:a3:e2:5e:94:40:b2:cd:10:dc:ac:82:81:18:
d6:4c:ee:83:39:6d:e6:4a:13:d7:c1:d7:f4:15:6b:
0a:17:e6:7b:d0:0b:7a:18:87:04:bc:2c:87:2a:bc:
1a:4f:77:49:52:43:a0:00:a6:78:59:ba:66:6a:c3:
87:16:4f:4a:7b:d2:ad:01:32:25:d5:a3:98:99:61:
3f:fc:0d:80:72:5b:6d:87:d2:87:ef:97:ba:1c:07:
0f:74:8d:cc:24:11:13:c3:20:50:18:11:69:07:e3:
3f:74:22:7d:ae:43:b5:6f:08:54:59:39:97:19:f4:
4a:37:2b:18:0c:c3:a8:6c:1c:d8:08:65:30:ca:f1:
ce:8f:7c:d7:ce:f2:58:67:7c:dd:4c:08:11:11:bf:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F2:96:4C:A0:F3:43:6B:3A:9A:7D:D2:23:48:66:AB:17:21:F7:E1
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/GvKWTKDzQ2s6mn3SI0hmqxch9-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.92.0/22
178.236.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:45:d1:33:ec:40:4a:91:d8:12:c8:c0:4e:6b:f8:6c:7b:1e:
95:55:51:e4:c1:0d:d9:5a:91:1c:88:25:b1:dc:87:b6:f9:4a:
61:b2:d5:29:b2:7d:2d:ed:5b:dc:13:8b:19:82:96:94:36:3c:
fd:bd:1c:27:ab:82:bc:f2:6c:69:54:08:9e:ab:2b:4e:56:a7:
3d:02:31:8e:e6:db:79:d6:f9:ca:d4:63:0f:15:a7:55:70:20:
49:31:60:f3:90:e4:ef:11:eb:3e:2e:27:0b:38:0d:0a:81:11:
a1:e8:ee:04:a0:1f:b3:ef:bd:77:47:7e:4f:f0:9c:17:57:97:
73:f8:fe:d7:70:2c:8f:35:f4:76:93:7e:5f:db:76:da:ae:f1:
33:9f:20:6d:ec:71:3a:75:e5:45:25:46:a4:9b:fc:20:f2:7a:
46:5a:1f:33:ab:d1:6b:82:53:45:8e:02:cf:57:64:ae:84:85:
c1:2d:30:2d:13:e3:52:11:6a:e0:d9:01:b7:ea:9c:d2:34:9b:
c7:e6:05:72:a0:ad:d9:8e:24:25:be:73:ea:48:fc:b7:65:65:
b7:53:bc:78:85:30:ff:40:4d:e4:da:22:e8:2e:40:0a:06:45:
76:df:a5:dd:17:01:fd:16:2f:9c:f4:ce:c0:c8:d5:67:23:3b:
35:da:82:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVs5jMKP+1g64iaH8yeQxeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjMwMTAxMTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWYyOTY0Y2EwZjM0MzZiM2E5YTdkZDIyMzQ4NjZhYjE3MjFmN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFikY6rmIoyjm/i0Y72EgOZ0HQ+N
IEMbQ8skBioCa6wUASDSxjjNMmNmZo6F8Q8/TYzf40uoJMBPVsF6fyfJ60psxQty
iM6oX5HaKyUqGL8x/QaqNqyMfqe4rPGRBfRgOHLjoEv4+VnVT6PiXpRAss0Q3KyC
gRjWTO6DOW3mShPXwdf0FWsKF+Z70At6GIcEvCyHKrwaT3dJUkOgAKZ4WbpmasOH
Fk9Ke9KtATIl1aOYmWE//A2Acltth9KH75e6HAcPdI3MJBETwyBQGBFpB+M/dCJ9
rkO1bwhUWTmXGfRKNysYDMOobBzYCGUwyvHOj3zXzvJYZ3zdTAgREb80gwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBrylkyg80NrOpp90iNIZqsXIffhMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL0d2S1dUS0R6UTJzNm1uM1NJMGhtcXhjaDktRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAIfGVwD
BAKy7CAwDQYJKoZIhvcNAQELBQADggEBAH1F0TPsQEqR2BLIwE5r+Gx7HpVVUeTB
DdlakRyIJbHch7b5SmGy1SmyfS3tW9wTixmClpQ2PP29HCergrzybGlUCJ6rK05W
pz0CMY7m23nW+crUYw8Vp1VwIEkxYPOQ5O8R6z4uJws4DQqBEaHo7gSgH7PvvXdH
fk/wnBdXl3P4/tdwLI819HaTfl/bdtqu8TOfIG3scTp15UUlRqSb/CDyekZaHzOr
0WuCU0WOAs9XZK6EhcEtMC0T41IRauDZAbfqnNI0m8fmBXKgrdmOJCW+c+pI/Ldl
ZbdTvHiFMP9ATeTaIuguQAoGRXbfpd0XAf0WL5z0zsDI1WcjOzXagjQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:23 2023 by rpki-client on console-ams.rpki-client.org