Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/_XEcOfUn6jDpT-oZy0tliFUVtYU.roa
File: _XEcOfUn6jDpT-oZy0tliFUVtYU.roa (raw, json)
Hash identifier: QAAPNMzMKmQevuFj96PsZ63pUXEC8CRfq5R+JJnmgbo=
Subject key identifier: FD:71:1C:39:F5:27:EA:30:E9:4F:EA:19:CB:4B:65:88:55:15:B5:85
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 0186D49003FEE82F87EA697833B557D1EBEA
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/_XEcOfUn6jDpT-oZy0tliFUVtYU.roa
Signing time: Sun 12 Mar 2023 06:44:13 +0000
ROA not before: Sun 12 Mar 2023 06:44:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41176
IP address blocks: 188.117.64.0/18 maxlen: 18
188.117.76.0/24 maxlen: 24
188.117.76.0/22 maxlen: 22
188.117.77.0/24 maxlen: 24
188.117.78.0/24 maxlen: 24
188.117.72.0/22 maxlen: 22
188.117.84.0/22 maxlen: 22
188.117.84.0/24 maxlen: 24
188.117.85.0/24 maxlen: 24
188.117.81.0/24 maxlen: 24
188.117.80.0/24 maxlen: 24
188.117.80.0/23 maxlen: 23
188.117.86.0/24 maxlen: 24
188.117.87.0/24 maxlen: 24
188.117.93.0/24 maxlen: 24
188.117.96.0/21 maxlen: 21
188.117.104.0/24 maxlen: 24
188.117.100.0/23 maxlen: 23
188.117.107.0/24 maxlen: 24
188.117.109.0/24 maxlen: 24
188.117.124.0/24 maxlen: 24
212.76.64.0/24 maxlen: 24
212.76.64.0/19 maxlen: 19
212.76.70.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
212.76.68.0/24 maxlen: 24
212.76.73.0/24 maxlen: 24
212.76.85.0/24 maxlen: 24
212.76.83.0/24 maxlen: 24
212.76.88.0/24 maxlen: 24
212.76.95.0/24 maxlen: 24
89.108.0.0/18 maxlen: 18
89.108.29.0/24 maxlen: 24
89.108.28.0/24 maxlen: 24
89.108.30.0/24 maxlen: 24
89.108.26.0/24 maxlen: 24
89.108.26.0/23 maxlen: 23
89.108.27.0/24 maxlen: 24
213.236.32.0/19 maxlen: 19
213.236.35.0/24 maxlen: 24
213.236.38.0/24 maxlen: 24
213.236.37.0/24 maxlen: 24
185.20.152.0/24 maxlen: 24
185.20.152.0/22 maxlen: 22
213.236.41.0/24 maxlen: 24
213.236.48.0/24 maxlen: 24
213.236.56.0/22 maxlen: 22
213.236.56.0/21 maxlen: 21
213.236.53.0/24 maxlen: 24
213.236.59.0/24 maxlen: 24
213.236.60.0/24 maxlen: 24
89.108.60.0/22 maxlen: 22
2a02:d70::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d4:90:03:fe:e8:2f:87:ea:69:78:33:b5:57:d1:eb:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Mar 12 06:44:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd711c39f527ea30e94fea19cb4b65885515b585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:32:83:de:d5:85:fa:4d:8c:be:a7:73:1f:
e7:1f:f6:95:4b:e3:ab:ae:ee:cf:81:4f:fc:c5:d9:
69:97:04:5e:b0:97:6b:49:56:9c:1b:66:31:c6:4b:
78:e3:cc:93:0a:68:3d:17:1a:4a:26:51:28:3d:0f:
f8:f6:20:de:d2:09:f5:6f:8d:60:c3:3c:d6:28:0d:
72:ca:07:8a:9c:f2:35:5a:18:6c:d7:7d:bf:12:11:
ee:19:18:0f:0e:41:97:be:d7:ef:ef:46:53:0d:e1:
cb:7b:6f:77:3c:ec:df:39:47:9c:a3:55:89:4f:2e:
40:30:a2:47:c5:6d:4b:e0:16:f7:97:c1:e4:69:90:
e4:ac:88:a9:45:6f:ab:1a:15:11:6a:85:c3:45:54:
03:30:2b:e6:89:c9:0d:1c:df:1c:42:a0:fc:17:4e:
53:10:21:23:9d:c1:dd:e7:55:d8:a2:6b:e4:82:69:
0c:c9:b3:3a:97:17:d7:50:a9:0a:18:d2:29:cd:4f:
d9:ae:1e:67:10:9b:1e:e7:ee:38:ea:25:5f:60:21:
f8:42:a7:6d:e7:f9:ee:1c:91:a0:ba:46:ba:9b:5a:
72:7b:ab:d6:9a:59:b2:d8:66:12:3e:0b:b9:5a:db:
d4:13:09:f8:d0:2c:ef:fb:48:cf:12:fe:28:2d:53:
a3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:71:1C:39:F5:27:EA:30:E9:4F:EA:19:CB:4B:65:88:55:15:B5:85
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/_XEcOfUn6jDpT-oZy0tliFUVtYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.0.0/18
185.20.152.0/22
188.117.64.0/18
212.76.64.0/19
213.236.32.0/19
IPv6:
2a02:d70::/32
Signature Algorithm: sha256WithRSAEncryption
8f:92:16:c6:a5:41:d5:32:30:c5:88:91:b5:c3:48:99:84:64:
c8:a0:09:c5:62:ec:f4:06:eb:cf:8a:bf:71:fa:1c:07:e0:11:
d8:fa:2e:d9:f0:64:12:37:7d:cc:a7:02:83:00:59:8f:54:69:
04:fc:31:cd:82:a7:3c:9c:3a:0b:c8:0f:c7:6b:34:38:11:35:
f6:f3:08:1a:f1:56:a9:09:c6:cf:d6:40:bc:f7:5b:05:ce:a8:
79:46:e2:83:2e:71:ca:e6:1d:5b:95:42:f2:69:f9:70:3d:7e:
29:88:45:6c:da:fd:ca:c9:0f:98:0e:e2:3d:df:29:bb:35:55:
0b:83:5e:27:c0:90:26:ea:c2:5c:da:fa:29:9c:cc:37:7f:9c:
51:7e:f1:2a:f2:f5:a7:46:f9:0d:1f:4e:4b:6e:1d:ea:df:f1:
b0:5d:be:47:7b:e1:39:b6:dd:f5:b5:c2:14:c2:d4:32:2a:d8:
a5:ce:5c:88:ed:6c:18:9e:fb:d2:11:5c:15:12:3a:1d:cf:b4:
81:52:88:5c:7a:a6:6a:46:ef:5a:dc:02:2a:42:78:f4:2d:7b:
fd:43:15:90:3a:50:56:1e:74:3f:9b:18:cc:8c:d6:28:0b:90:
76:c8:10:2e:bf:60:ad:d0:af:29:37:0f:72:90:80:49:6f:36:
10:68:d5:c8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYbUkAP+6C+H6ml4M7VX0evqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjMwMzEyMDY0NDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDcxMWMzOWY1MjdlYTMwZTk0ZmVhMTljYjRiNjU4ODU1MTViNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMQyg97VhfpNjL6ncx/nH/aVS+Or
ru7PgU/8xdlplwResJdrSVacG2Yxxkt448yTCmg9FxpKJlEoPQ/49iDe0gn1b41g
wzzWKA1yygeKnPI1Whhs132/EhHuGRgPDkGXvtfv70ZTDeHLe293POzfOUeco1WJ
Ty5AMKJHxW1L4Bb3l8HkaZDkrIipRW+rGhURaoXDRVQDMCvmickNHN8cQqD8F05T
ECEjncHd51XYomvkgmkMybM6lxfXUKkKGNIpzU/Zrh5nEJse5+446iVfYCH4Qqdt
5/nuHJGguka6m1pye6vWmlmy2GYSPgu5WtvUEwn40Czv+0jPEv4oLVOjswIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP1xHDn1J+ow6U/qGctLZYhVFbWFMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvX1hFY09mVW42akRwVC1vWnkwdGxpRlVWdFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGWWwAAwQC
uRSYAwQGvHVAAwQF1ExAAwQF1ewgMA0EAgACMAcDBQAqAg1wMA0GCSqGSIb3DQEB
CwUAA4IBAQCPkhbGpUHVMjDFiJG1w0iZhGTIoAnFYuz0BuvPir9x+hwH4BHY+i7Z
8GQSN33MpwKDAFmPVGkE/DHNgqc8nDoLyA/HazQ4ETX28wga8VapCcbP1kC891sF
zqh5RuKDLnHK5h1blULyaflwPX4piEVs2v3KyQ+YDuI93ym7NVULg14nwJAm6sJc
2vopnMw3f5xRfvEq8vWnRvkNH05Lbh3q3/GwXb5He+E5tt31tcIUwtQyKtilzlyI
7WwYnvvSEVwVEjodz7SBUohceqZqRu9a3AIqQnj0LXv9QxWQOlBWHnQ/mxjMjNYo
C5B2yBAuv2Ct0K8pNw9ykIBJbzYQaNXI
Generated at Sun Oct 22 07:58:06 2023 by rpki-client on console-ams.rpki-client.org