Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/gKuZSUkOz5Z-n7z73dwTTrXE2LM.roa
File: gKuZSUkOz5Z-n7z73dwTTrXE2LM.roa (raw, json)
Hash identifier: hvK6RbyYyNMeJbrhugngayFC22btGvtt29sNB7bqQkA=
Subject key identifier: 80:AB:99:49:49:0E:CF:96:7E:9F:BC:FB:DD:DC:13:4E:B5:C4:D8:B3
Certificate issuer: /CN=b146010283a8202eeaa3fef32534e3e97e04079e
Certificate serial: 01857079779A2C925C7B363AF38940979BC9
Authority key identifier: B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/gKuZSUkOz5Z-n7z73dwTTrXE2LM.roa
Signing time: Mon 02 Jan 2023 03:14:46 +0000
ROA not before: Mon 02 Jan 2023 03:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41811
IP address blocks: 109.232.56.0/21 maxlen: 21
137.221.184.0/21 maxlen: 21
88.151.216.0/21 maxlen: 21
46.255.112.0/21 maxlen: 21
137.221.128.0/19 maxlen: 19
88.202.168.0/21 maxlen: 21
37.205.56.0/21 maxlen: 21
137.221.160.0/21 maxlen: 21
137.221.168.0/22 maxlen: 22
185.30.24.0/22 maxlen: 22
2a01:a200::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:77:9a:2c:92:5c:7b:36:3a:f3:89:40:97:9b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b146010283a8202eeaa3fef32534e3e97e04079e
Validity
Not Before: Jan 2 03:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ab9949490ecf967e9fbcfbdddc134eb5c4d8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:17:89:24:f9:de:54:ff:d6:28:15:5d:d6:cd:
46:23:1f:eb:ae:35:7a:a8:86:78:bd:c2:dd:64:a9:
4c:b8:34:3d:08:1a:f1:c7:9b:48:6b:af:e7:9e:fb:
09:95:e1:55:fe:78:e3:7b:54:ac:08:00:fc:19:6c:
40:f9:da:e6:9b:04:94:5c:19:56:e8:56:f6:ef:c0:
b8:25:f0:b3:67:28:ea:62:51:c6:50:80:a2:8b:48:
cb:96:d8:65:e5:0f:53:fd:2d:ff:a7:4f:c9:0b:9e:
f4:d4:fc:13:16:bc:36:2c:1e:dd:39:24:78:40:61:
14:7e:1d:4f:4a:4d:42:8b:3a:be:5a:9d:1e:44:b1:
81:7e:4f:64:00:aa:48:e9:2e:3b:15:55:12:a1:b0:
a0:07:04:0f:9d:25:27:a3:59:d8:8b:b9:44:da:b3:
1c:5d:c0:92:c3:59:cd:45:39:7d:24:95:56:bb:06:
9b:26:fa:ff:a3:cb:ca:9b:0a:fc:b6:6e:4a:48:da:
1c:c5:db:be:3d:be:cd:a4:fa:96:c0:d2:61:34:53:
b6:34:4f:40:79:4b:bd:83:ee:d1:1b:c3:78:00:a1:
cb:43:df:ab:95:89:3e:3a:fe:55:3d:96:22:73:11:
6c:db:80:b4:76:cf:5d:b7:98:02:de:d2:41:64:98:
34:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AB:99:49:49:0E:CF:96:7E:9F:BC:FB:DD:DC:13:4E:B5:C4:D8:B3
X509v3 Authority Key Identifier:
keyid:B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/gKuZSUkOz5Z-n7z73dwTTrXE2LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/sUYBAoOoIC7qo_7zJTTj6X4EB54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.56.0/21
46.255.112.0/21
88.151.216.0/21
88.202.168.0/21
109.232.56.0/21
137.221.128.0-137.221.171.255
137.221.184.0/21
185.30.24.0/22
IPv6:
2a01:a200::/32
Signature Algorithm: sha256WithRSAEncryption
62:20:b4:fb:a1:ea:fb:a5:03:2b:0f:af:19:2b:09:a5:f4:45:
bc:2b:d4:43:05:33:f5:85:0d:f3:ed:bd:1c:3a:53:41:e5:66:
52:cc:51:e4:75:9d:31:54:e6:11:7e:ab:44:67:77:b2:88:d4:
40:40:a9:34:f3:00:bb:c9:01:1a:93:ff:8b:bd:fe:a3:5e:60:
7c:79:69:dd:31:85:d5:80:d4:e9:66:9c:80:12:33:ba:7e:05:
17:99:db:48:48:27:e7:b7:b5:29:21:61:f9:75:f4:ef:6a:1e:
84:5a:6e:e1:ce:b4:7f:76:9a:b8:ac:99:86:a3:72:eb:a1:9d:
3e:01:ab:10:e6:26:37:75:b1:6b:9c:04:48:60:03:f0:fa:24:
33:76:dc:c3:93:a5:2c:f7:7f:ad:0d:7e:e8:ef:ef:ed:11:77:
d9:c9:d1:1e:d0:b5:2f:74:ca:c0:3c:5e:63:5c:3c:3d:65:1f:
d9:71:e9:d0:76:0e:2e:19:3b:04:9c:14:31:17:08:6b:fa:46:
fb:c5:cd:e1:b8:51:90:c9:3b:25:5f:97:fb:d8:cd:75:20:78:
48:3f:07:91:a6:d3:37:3e:e3:62:51:f9:97:4f:c6:99:0f:dc:
66:4d:62:fb:cb:76:0d:8d:48:5a:74:ad:72:9b:91:92:2e:de:
f4:a8:58:b2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVweXeaLJJcezY684lAl5vJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDYwMTAyODNhODIwMmVlYWEzZmVmMzI1MzRlM2U5N2Uw
NDA3OWUwHhcNMjMwMTAyMDMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGFiOTk0OTQ5MGVjZjk2N2U5ZmJjZmJkZGRjMTM0ZWI1YzRkOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqReJJPneVP/WKBVd1s1GIx/rrjV6
qIZ4vcLdZKlMuDQ9CBrxx5tIa6/nnvsJleFV/njje1SsCAD8GWxA+drmmwSUXBlW
6Fb278C4JfCzZyjqYlHGUICii0jLlthl5Q9T/S3/p0/JC5701PwTFrw2LB7dOSR4
QGEUfh1PSk1Cizq+Wp0eRLGBfk9kAKpI6S47FVUSobCgBwQPnSUno1nYi7lE2rMc
XcCSw1nNRTl9JJVWuwabJvr/o8vKmwr8tm5KSNocxdu+Pb7NpPqWwNJhNFO2NE9A
eUu9g+7RG8N4AKHLQ9+rlYk+Ov5VPZYicxFs24C0ds9dt5gC3tJBZJg0pQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFICrmUlJDs+Wfp+8+93cE061xNizMB8GA1UdIwQY
MBaAFLFGAQKDqCAu6qP+8yU04+l+BAeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWIt
YzAzMDdiMGY2MmRjLzEvZ0t1WlNVa096NVotbjd6NzNkd1RUclhFMkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWItYzAzMDdiMGY2MmRj
LzEvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDJc04AwQD
Lv9wAwQDWJfYAwQDWMqoAwQDbeg4MAwDBAeJ3YADBAKJ3agDBAOJ3bgDBAK5Hhgw
DQQCAAIwBwMFACoBogAwDQYJKoZIhvcNAQELBQADggEBAGIgtPuh6vulAysPrxkr
CaX0Rbwr1EMFM/WFDfPtvRw6U0HlZlLMUeR1nTFU5hF+q0Rnd7KI1EBAqTTzALvJ
ARqT/4u9/qNeYHx5ad0xhdWA1OlmnIASM7p+BReZ20hIJ+e3tSkhYfl19O9qHoRa
buHOtH92mrismYajcuuhnT4BqxDmJjd1sWucBEhgA/D6JDN23MOTpSz3f60Nfujv
7+0Rd9nJ0R7QtS90ysA8XmNcPD1lH9lx6dB2Di4ZOwScFDEXCGv6RvvFzeG4UZDJ
OyVfl/vYzXUgeEg/B5Gm0zc+42JR+ZdPxpkP3GZNYvvLdg2NSFp0rXKbkZIu3vSo
WLI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org