Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/gbVhOP-X8ALLJ-OazTs7MZnN7do.roa
File: gbVhOP-X8ALLJ-OazTs7MZnN7do.roa (raw, json)
Hash identifier: 9ozuGCXl7IpJgaRDTimJTEH79y3QwHbkuoMZHy35mLc=
Subject key identifier: 81:B5:61:38:FF:97:F0:02:CB:27:E3:9A:CD:3B:3B:31:99:CD:ED:DA
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018CBF58352F2961AB8F116AC17AF4188F7F
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/gbVhOP-X8ALLJ-OazTs7MZnN7do.roa
Signing time: Sun 31 Dec 2023 10:07:58 +0000
ROA not before: Sun 31 Dec 2023 10:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211970
IP address blocks: 188.72.56.0/24 maxlen: 24
185.234.245.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bf:58:35:2f:29:61:ab:8f:11:6a:c1:7a:f4:18:8f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Dec 31 10:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81b56138ff97f002cb27e39acd3b3b3199cdedda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d4:62:17:56:74:2c:65:98:36:5b:e0:82:d8:
28:3a:15:1e:0d:7c:c0:5e:cb:f3:ce:50:54:47:d2:
ab:23:e2:f2:23:6f:d2:ac:c4:2b:02:99:11:d7:0d:
e3:de:56:d0:66:94:82:4d:e9:4b:ca:50:a5:4f:0b:
de:47:60:d8:82:10:2c:80:46:f3:ca:f8:b9:44:f7:
e0:bc:d6:03:24:10:9d:ba:0f:2a:91:ee:ef:d2:83:
83:1d:2e:54:57:f0:c0:a6:11:2e:93:85:4d:2c:61:
26:97:2d:81:8f:5f:1a:2e:4f:f4:b6:9b:8a:ae:05:
2a:48:6f:47:11:02:e9:0d:75:b1:93:20:07:33:c6:
2e:9f:c9:eb:f0:6a:71:8d:11:6f:57:b2:4d:d2:e5:
cc:6c:cb:2f:49:c8:97:41:14:d7:1d:81:12:3a:b2:
c1:81:a8:58:32:3b:57:a2:bb:dc:22:14:c5:ba:1f:
49:17:8b:38:25:da:df:88:93:cc:6e:98:5b:cf:c9:
fa:41:a3:1c:0e:e7:4f:3f:ab:c3:ce:70:73:0c:24:
36:87:01:99:db:a4:04:da:a4:1d:2f:31:a2:54:fd:
c1:6f:fd:92:48:78:5c:01:55:a1:0f:09:1b:cb:a5:
02:93:4c:1d:fc:7a:09:9e:99:ef:02:1d:b6:16:2c:
f7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B5:61:38:FF:97:F0:02:CB:27:E3:9A:CD:3B:3B:31:99:CD:ED:DA
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/gbVhOP-X8ALLJ-OazTs7MZnN7do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.245.0/24
188.72.0.0/24
188.72.3.0/24
188.72.56.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:f6:a3:d8:0e:07:46:2c:2b:98:44:e7:9b:e0:14:6f:f8:08:
5a:20:0e:46:78:8d:72:ac:1a:f0:68:f0:ea:c0:58:6d:bc:6e:
96:7a:b4:59:06:b8:5a:a7:8b:52:89:26:94:1a:38:7c:e3:25:
51:42:88:90:ab:6b:9a:10:12:0e:03:d3:6d:e8:ea:ad:6d:ad:
fb:a8:ac:e2:48:0b:6c:4d:8d:18:c1:08:5f:06:88:48:e1:37:
69:29:db:b5:e6:ba:6c:8e:e4:50:22:c8:e2:49:de:35:55:5c:
7e:54:79:fc:e9:43:bb:eb:38:69:7c:d0:12:ca:19:9d:c9:9b:
a1:ae:68:8c:c8:b9:f5:9a:db:26:df:c0:f1:e4:81:1b:f4:31:
9b:93:6b:db:60:37:b2:0a:ae:1c:0e:24:b2:95:b5:b0:8f:b1:
61:82:80:73:6a:8c:04:36:a9:34:05:e0:2d:c3:0c:c8:52:b5:
e1:8b:9d:c3:91:95:e2:74:0c:9a:b4:77:e1:2e:d8:74:99:01:
f7:ae:5a:11:06:5f:d3:54:53:0a:48:8e:fc:b8:54:68:30:b9:
2e:fe:8a:75:7a:ce:75:27:7c:c2:7e:0e:50:e0:fd:ca:fe:02:
0f:e1:89:b4:55:2e:a9:d1:b9:8b:8b:3a:4c:d3:ed:df:fb:d8:
cb:85:62:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYy/WDUvKWGrjxFqwXr0GI9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMxMjMxMTAwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI1NjEzOGZmOTdmMDAyY2IyN2UzOWFjZDNiM2IzMTk5Y2RlZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNRiF1Z0LGWYNlvggtgoOhUeDXzA
XsvzzlBUR9KrI+LyI2/SrMQrApkR1w3j3lbQZpSCTelLylClTwveR2DYghAsgEbz
yvi5RPfgvNYDJBCdug8qke7v0oODHS5UV/DAphEuk4VNLGEmly2Bj18aLk/0tpuK
rgUqSG9HEQLpDXWxkyAHM8Yun8nr8GpxjRFvV7JN0uXMbMsvSciXQRTXHYESOrLB
gahYMjtXorvcIhTFuh9JF4s4JdrfiJPMbphbz8n6QaMcDudPP6vDznBzDCQ2hwGZ
26QE2qQdLzGiVP3Bb/2SSHhcAVWhDwkby6UCk0wd/HoJnpnvAh22Fiz3DwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIG1YTj/l/ACyyfjms07OzGZze3aMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvZ2JWaE9QLVg4QUxMSi1PYXpUczdNWm5ON2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuer1AwQA
vEgAAwQAvEgDAwQAvEg4MA0GCSqGSIb3DQEBCwUAA4IBAQC/9qPYDgdGLCuYROeb
4BRv+AhaIA5GeI1yrBrwaPDqwFhtvG6WerRZBrhap4tSiSaUGjh84yVRQoiQq2ua
EBIOA9Nt6Oqtba37qKziSAtsTY0YwQhfBohI4TdpKdu15rpsjuRQIsjiSd41VVx+
VHn86UO76zhpfNASyhmdyZuhrmiMyLn1mtsm38Dx5IEb9DGbk2vbYDeyCq4cDiSy
lbWwj7FhgoBzaowENqk0BeAtwwzIUrXhi53DkZXidAyatHfhLth0mQH3rloRBl/T
VFMKSI78uFRoMLku/op1es51J3zCfg5Q4P3K/gIP4Ym0VS6p0bmLizpM0+3f+9jL
hWKs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:32 2024 by rpki-client on console-ams.rpki-client.org