Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/GQ4ZNL_PJCZyxzqbqg4UOqK4jPM.roa
File: GQ4ZNL_PJCZyxzqbqg4UOqK4jPM.roa (raw, json)
Hash identifier: EVu/9jmyT7O/OfZIMp/Yx4pzq8lpeGXj4cCPERMq4U8=
Subject key identifier: 19:0E:19:34:BF:CF:24:26:72:C7:3A:9B:AA:0E:14:3A:A2:B8:8C:F3
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0187BD10B4AC463A733685E3E094EF7DD06B
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/GQ4ZNL_PJCZyxzqbqg4UOqK4jPM.roa
Signing time: Wed 26 Apr 2023 10:16:41 +0000
ROA not before: Wed 26 Apr 2023 10:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 195.177.230.0/24 maxlen: 24
195.177.231.0/24 maxlen: 24
195.178.104.0/24 maxlen: 24
195.178.104.0/23 maxlen: 23
195.178.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Apr 2023 10:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:10:b4:ac:46:3a:73:36:85:e3:e0:94:ef:7d:d0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Apr 26 10:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=190e1934bfcf242672c73a9baa0e143aa2b88cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:43:9f:df:8e:e9:53:a6:9a:f4:08:59:dc:3e:
58:81:c6:1e:14:1f:2d:fe:b5:fd:3a:98:a4:bb:27:
a7:54:f9:7f:97:8d:bc:5d:5e:89:06:7e:ca:90:b3:
64:3d:fa:53:50:9d:eb:fd:ad:d3:5d:51:d9:f4:f4:
18:4a:5d:fa:cf:a7:4d:73:2d:c6:c8:7c:fa:1b:80:
2c:29:01:cc:8d:f1:35:d5:11:1e:45:40:72:ab:8c:
6c:75:e2:c1:e5:09:28:48:30:74:17:4a:43:fe:da:
25:31:65:66:a2:28:ce:01:b1:d3:49:fb:12:40:1b:
7f:3c:82:df:5c:2e:e6:de:a4:60:12:46:95:39:fe:
94:25:4d:a2:4f:70:60:47:64:0c:f0:83:2a:ee:4d:
ab:e2:29:fe:b3:de:9e:41:75:67:bf:3b:c6:19:2e:
34:a9:f6:79:1c:e2:14:92:b9:e8:76:b0:15:72:cd:
9c:de:08:6f:9d:37:3d:dc:a9:8a:34:73:a4:4d:1d:
b0:0a:e0:bb:e9:df:ce:b2:96:73:d7:83:ee:7f:bd:
5a:c2:36:4c:36:7d:7d:b4:f6:25:53:3b:b9:4e:f3:
71:de:7d:fe:a1:17:63:ff:74:44:ff:59:ae:3c:9c:
f0:dd:76:ef:10:06:24:5e:b6:45:ab:e5:0b:7e:5b:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0E:19:34:BF:CF:24:26:72:C7:3A:9B:AA:0E:14:3A:A2:B8:8C:F3
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/GQ4ZNL_PJCZyxzqbqg4UOqK4jPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.230.0/23
195.178.104.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:cc:a1:bc:e5:81:79:2c:a6:61:82:a5:e2:c8:bc:20:9c:a9:
27:0c:8b:b8:bc:07:00:d2:55:be:a2:a4:d6:7f:b3:35:0e:c2:
2f:e8:bc:e6:67:35:6d:9d:6c:d2:7a:a2:a1:4d:20:b9:9f:89:
c5:5a:cf:40:2d:88:a7:87:f6:72:e3:69:d1:7d:ac:b1:8d:53:
9d:ef:79:7b:b9:b0:de:34:ae:8e:9c:93:a4:60:79:07:55:15:
b2:08:cd:fa:96:7b:ca:ee:e2:e7:5f:3a:c0:f7:06:73:d6:ae:
e9:0a:fd:83:65:80:0d:af:b9:02:cc:75:11:b9:1c:30:3b:9b:
32:a3:e9:9c:16:a6:79:4e:7a:19:11:db:f8:16:7f:49:a1:b6:
52:20:ce:b7:d3:2d:86:2a:2c:0b:f4:77:d9:92:4d:a3:ba:6e:
bf:b3:ef:32:2e:e5:5a:ce:75:2b:58:d3:dc:21:7e:c2:9d:d0:
25:1d:aa:49:fd:38:f6:54:74:a7:99:f7:f3:ca:27:c7:0c:df:
2e:88:2b:9e:2b:a5:b6:bc:df:0a:ef:26:bc:c5:f9:2a:6b:7c:
db:5d:94:1c:fb:68:e7:44:5a:f6:8f:f7:1a:17:af:b4:54:de:
76:3f:e6:e1:52:34:bb:18:95:97:4c:31:10:77:0c:74:23:6d:
da:cd:20:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe9ELSsRjpzNoXj4JTvfdBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwNDI2MTAxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBlMTkzNGJmY2YyNDI2NzJjNzNhOWJhYTBlMTQzYWEyYjg4Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEOf347pU6aa9AhZ3D5YgcYeFB8t
/rX9OpikuyenVPl/l428XV6JBn7KkLNkPfpTUJ3r/a3TXVHZ9PQYSl36z6dNcy3G
yHz6G4AsKQHMjfE11REeRUByq4xsdeLB5QkoSDB0F0pD/tolMWVmoijOAbHTSfsS
QBt/PILfXC7m3qRgEkaVOf6UJU2iT3BgR2QM8IMq7k2r4in+s96eQXVnvzvGGS40
qfZ5HOIUkrnodrAVcs2c3ghvnTc93KmKNHOkTR2wCuC76d/OspZz14Puf71awjZM
Nn19tPYlUzu5TvNx3n3+oRdj/3RE/1muPJzw3XbvEAYkXrZFq+ULflvycwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBkOGTS/zyQmcsc6m6oOFDqiuIzzMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvR1E0Wk5MX1BKQ1p5eHpxYnFnNFVPcUs0alBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQC6zKG85YF5LKZhgqXiyLwgnKknDIu4vAcA
0lW+oqTWf7M1DsIv6LzmZzVtnWzSeqKhTSC5n4nFWs9ALYinh/Zy42nRfayxjVOd
73l7ubDeNK6OnJOkYHkHVRWyCM36lnvK7uLnXzrA9wZz1q7pCv2DZYANr7kCzHUR
uRwwO5syo+mcFqZ5TnoZEdv4Fn9JobZSIM630y2GKiwL9HfZkk2jum6/s+8yLuVa
znUrWNPcIX7CndAlHapJ/Tj2VHSnmffzyifHDN8uiCueK6W2vN8K7ya8xfkqa3zb
XZQc+2jnRFr2j/caF6+0VN52P+bhUjS7GJWXTDEQdwx0I23azSAn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org