Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GBF3qcUZJRa73z2580TiuCKzLAw.roa
File: GBF3qcUZJRa73z2580TiuCKzLAw.roa (raw, json)
Hash identifier: kUbGdN9+AK+wFTqMbCUbloi016V5g5UHrqyHZYOQHXE=
Subject key identifier: 18:11:77:A9:C5:19:25:16:BB:DF:3D:B9:F3:44:E2:B8:22:B3:2C:0C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C79AC07B80D9651A3DAFBB4CE8C95B957
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GBF3qcUZJRa73z2580TiuCKzLAw.roa
Signing time: Sun 17 Dec 2023 21:26:06 +0000
ROA not before: Sun 17 Dec 2023 21:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 13:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:ac:07:b8:0d:96:51:a3:da:fb:b4:ce:8c:95:b9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 17 21:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=181177a9c5192516bbdf3db9f344e2b822b32c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2f:7f:ae:85:72:d8:a8:db:a9:27:b0:bc:4a:
87:d7:8e:ce:07:bb:64:2f:bd:8a:36:5e:98:50:1d:
59:d3:e5:06:f5:26:87:c6:67:24:40:91:4e:7c:95:
69:3d:05:87:da:17:7e:6f:3a:5f:b9:98:75:c8:1b:
be:c6:0f:69:01:96:23:7a:32:91:d0:95:0a:97:e7:
db:2f:fd:bd:67:94:59:7a:7c:8f:1c:73:43:47:a2:
9f:fa:8e:e5:a6:60:9b:87:83:d3:bd:77:75:0d:5c:
6f:18:60:1d:02:e3:b2:c8:03:4e:0b:c2:ee:ac:16:
83:1f:83:75:4d:78:d5:99:db:c2:40:2c:44:96:8c:
f5:a5:c5:4f:32:ef:22:2b:02:07:0a:e5:bd:ac:5b:
0a:38:32:d9:b0:03:76:36:4b:bb:03:92:bb:3c:cd:
a9:be:be:cd:5b:cf:59:14:21:d5:29:5a:95:30:ec:
ef:95:1d:e4:2c:88:81:4c:96:e3:48:d6:69:e1:8e:
83:63:cf:61:1a:13:ba:22:9d:2b:ca:51:1c:25:6b:
0a:f8:98:99:f7:f9:9b:36:5c:71:db:6b:f2:47:92:
69:7e:81:80:cd:78:f1:60:63:e4:9f:2f:7c:9b:6d:
22:b6:73:06:15:0c:a7:5e:2e:62:ca:98:47:62:c9:
d2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:11:77:A9:C5:19:25:16:BB:DF:3D:B9:F3:44:E2:B8:22:B3:2C:0C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GBF3qcUZJRa73z2580TiuCKzLAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.232.0/24
185.214.102.0/24
185.223.80.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:1f:be:59:f6:c8:31:30:f2:22:8a:ac:0d:10:c3:d2:fa:cf:
b3:af:bc:45:d3:e5:77:21:5b:2b:e1:d0:4e:a2:cb:0f:c3:8a:
7f:d1:7e:82:48:be:4a:8f:a7:14:64:8c:b7:be:35:01:1f:31:
fb:c5:53:4f:1a:bb:1b:fd:16:35:93:3b:86:6d:86:3d:2a:cc:
18:30:1e:6a:36:73:60:db:be:ef:41:0f:c1:4f:6d:f3:3c:78:
14:84:48:55:86:04:71:60:08:46:15:2d:92:b3:16:c4:05:56:
c4:d3:6c:fa:cb:a0:d1:1c:bf:c6:67:28:21:5a:85:91:72:64:
4b:74:3d:3f:8d:5e:e5:0f:23:85:e0:c2:5d:65:4d:1f:eb:07:
17:1b:3f:de:25:c9:8e:6e:36:50:f7:1b:d7:c8:0f:4b:68:fa:
82:1b:53:39:81:b5:8b:46:49:d0:de:45:e1:3c:7e:1d:b5:b5:
b1:4e:38:bc:70:71:e5:60:f9:14:60:2d:06:f3:a0:d7:a9:a3:
c1:2a:74:fc:25:0e:d2:2d:8f:3a:19:e2:d2:06:97:c8:aa:9f:
27:39:14:f8:ba:40:40:46:47:e6:24:e9:f1:89:10:04:b5:fb:
9e:90:36:aa:a6:63:d9:aa:1f:18:c7:af:c4:6f:07:4e:68:e4:
8e:67:ce:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYx5rAe4DZZRo9r7tM6MlblXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE3MjEyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODExNzdhOWM1MTkyNTE2YmJkZjNkYjlmMzQ0ZTJiODIyYjMyYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgy9/roVy2KjbqSewvEqH147OB7tk
L72KNl6YUB1Z0+UG9SaHxmckQJFOfJVpPQWH2hd+bzpfuZh1yBu+xg9pAZYjejKR
0JUKl+fbL/29Z5RZenyPHHNDR6Kf+o7lpmCbh4PTvXd1DVxvGGAdAuOyyANOC8Lu
rBaDH4N1TXjVmdvCQCxEloz1pcVPMu8iKwIHCuW9rFsKODLZsAN2Nku7A5K7PM2p
vr7NW89ZFCHVKVqVMOzvlR3kLIiBTJbjSNZp4Y6DY89hGhO6Ip0rylEcJWsK+JiZ
9/mbNlxx22vyR5JpfoGAzXjxYGPkny98m20itnMGFQynXi5iyphHYsnSAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBgRd6nFGSUWu989ufNE4rgisywMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR0JGM3FjVVpKUmE3M3oyNTgwVGl1Q0t6TEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAudLoAwQA
udZmAwQAud9QAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQB6H75Z9sgx
MPIiiqwNEMPS+s+zr7xF0+V3IVsr4dBOossPw4p/0X6CSL5Kj6cUZIy3vjUBHzH7
xVNPGrsb/RY1kzuGbYY9KswYMB5qNnNg277vQQ/BT23zPHgUhEhVhgRxYAhGFS2S
sxbEBVbE02z6y6DRHL/GZyghWoWRcmRLdD0/jV7lDyOF4MJdZU0f6wcXGz/eJcmO
bjZQ9xvXyA9LaPqCG1M5gbWLRknQ3kXhPH4dtbWxTji8cHHlYPkUYC0G86DXqaPB
KnT8JQ7SLY86GeLSBpfIqp8nORT4ukBARkfmJOnxiRAEtfuekDaqpmPZqh8Yx6/E
bwdOaOSOZ85H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org