Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/GpiwE8aAlM5jTXyBpm7_ZGA71vw.roa
File: GpiwE8aAlM5jTXyBpm7_ZGA71vw.roa (raw, json)
Hash identifier: QXfedyzJL6DV8KYvxU8jss+Lzi49wBmY+bdObkK/90w=
Subject key identifier: 1A:98:B0:13:C6:80:94:CE:63:4D:7C:81:A6:6E:FF:64:60:3B:D6:FC
Certificate issuer: /CN=4cb932bc60e9fd1186f8fa6bd713c20729ae73ee
Certificate serial: 01856ECB86BEFFF87AE40219C6C3E9D23657
Authority key identifier: 4C:B9:32:BC:60:E9:FD:11:86:F8:FA:6B:D7:13:C2:07:29:AE:73:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TLkyvGDp_RGG-Ppr1xPCBymuc-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/GpiwE8aAlM5jTXyBpm7_ZGA71vw.roa
Signing time: Sun 01 Jan 2023 19:25:10 +0000
ROA not before: Sun 01 Jan 2023 19:25:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48966
IP address blocks: 95.130.91.0/24 maxlen: 24
95.130.89.0/24 maxlen: 24
95.130.88.0/23 maxlen: 23
95.130.88.0/24 maxlen: 24
95.130.90.0/23 maxlen: 23
95.130.92.0/24 maxlen: 24
95.130.92.0/23 maxlen: 23
95.130.94.0/24 maxlen: 24
95.130.93.0/24 maxlen: 24
185.88.81.0/24 maxlen: 24
185.88.80.0/24 maxlen: 24
185.88.80.0/23 maxlen: 23
185.88.82.0/24 maxlen: 24
185.88.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 09 Jul 2023 05:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:86:be:ff:f8:7a:e4:02:19:c6:c3:e9:d2:36:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cb932bc60e9fd1186f8fa6bd713c20729ae73ee
Validity
Not Before: Jan 1 19:25:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a98b013c68094ce634d7c81a66eff64603bd6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:88:87:da:9c:b2:b0:5a:ff:73:79:59:23:
a1:94:89:3e:21:f0:aa:e5:4c:d4:d4:df:3b:8c:38:
3f:9d:e6:3a:5f:c5:fc:de:98:30:04:ce:d7:4e:56:
e8:27:d0:36:29:2b:d3:ae:5e:10:5a:6f:5a:a0:6b:
65:84:c8:a2:d3:55:99:42:4f:f3:c4:b9:01:37:6e:
3c:6b:d2:ae:42:3b:1a:38:3c:b8:bf:24:0e:5f:df:
81:4f:f2:18:19:2f:9e:20:89:b2:80:27:b4:1d:0a:
a8:01:a2:d2:e4:ca:03:53:77:e9:8d:b9:7d:25:57:
f6:71:62:09:44:f5:49:11:bd:68:58:a4:d3:37:7c:
99:81:c9:96:66:f1:d2:4c:08:fb:b6:c6:b5:48:e0:
db:30:92:ae:d2:fb:56:d4:c1:6b:c2:87:d5:8b:e8:
2c:58:db:3a:f2:3c:ef:c0:99:ad:6a:15:8e:47:46:
08:a8:50:86:3b:e4:c7:5b:14:44:83:27:4e:62:50:
f2:c4:20:3e:4b:4a:09:6a:51:7f:d1:37:32:d2:dd:
37:c5:e6:c6:b8:90:aa:c0:21:ed:29:59:23:0c:b7:
31:18:85:a4:dd:da:2c:00:75:4e:29:89:36:7d:92:
b4:94:cb:7a:54:64:c6:ea:1a:3d:cc:8b:1d:ad:9e:
06:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:98:B0:13:C6:80:94:CE:63:4D:7C:81:A6:6E:FF:64:60:3B:D6:FC
X509v3 Authority Key Identifier:
keyid:4C:B9:32:BC:60:E9:FD:11:86:F8:FA:6B:D7:13:C2:07:29:AE:73:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TLkyvGDp_RGG-Ppr1xPCBymuc-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/GpiwE8aAlM5jTXyBpm7_ZGA71vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/TLkyvGDp_RGG-Ppr1xPCBymuc-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.88.0-95.130.94.255
185.88.80.0/22
Signature Algorithm: sha256WithRSAEncryption
af:da:cb:1e:69:bb:23:cd:f8:8e:da:9b:b1:c8:54:8e:0d:21:
56:b9:d4:69:99:0b:c5:3d:32:8a:21:9d:02:d7:c9:02:89:8c:
3b:52:b6:9a:7c:e4:40:4f:c0:4c:5e:2f:c7:b3:80:16:31:4a:
80:96:9b:df:4c:75:b5:b0:37:39:62:7a:c6:b8:1f:b0:51:91:
19:e0:f5:fc:4f:7e:51:ca:6e:0d:14:2c:9a:52:d2:d5:c7:cd:
4b:2b:d9:df:cb:8a:16:9a:79:39:93:5f:35:a4:28:a4:35:e8:
7f:a3:b3:74:7f:8d:2a:f8:41:0f:0f:b2:f7:cc:20:33:20:0e:
da:c3:2d:6e:2a:2b:db:f1:6f:70:fc:f5:32:ac:87:59:4b:67:
da:92:3c:9a:fc:58:ab:57:b5:c9:c1:c6:44:1f:e4:da:22:f9:
0a:32:16:2a:58:81:8d:1a:e0:c0:ec:6d:eb:40:3a:fb:4b:c1:
9b:03:c4:a2:42:77:48:6f:70:8f:a3:b2:62:8a:78:e1:78:b2:
72:78:05:cc:7a:ca:0b:17:20:8f:a6:79:c7:fd:e5:da:fa:66:
b9:e6:a0:f9:30:04:53:b1:77:3c:ac:bf:98:63:a6:cf:c1:d6:
1f:63:f0:e8:bb:8a:b7:f1:40:4b:a2:9c:da:c3:69:02:ba:60:
1c:23:a8:ad
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVuy4a+//h65AIZxsPp0jZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYjkzMmJjNjBlOWZkMTE4NmY4ZmE2YmQ3MTNjMjA3Mjlh
ZTczZWUwHhcNMjMwMTAxMTkyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTk4YjAxM2M2ODA5NGNlNjM0ZDdjODFhNjZlZmY2NDYwM2JkNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRSIh9qcsrBa/3N5WSOhlIk+IfCq
5UzU1N87jDg/neY6X8X83pgwBM7XTlboJ9A2KSvTrl4QWm9aoGtlhMii01WZQk/z
xLkBN248a9KuQjsaODy4vyQOX9+BT/IYGS+eIImygCe0HQqoAaLS5MoDU3fpjbl9
JVf2cWIJRPVJEb1oWKTTN3yZgcmWZvHSTAj7tsa1SODbMJKu0vtW1MFrwofVi+gs
WNs68jzvwJmtahWOR0YIqFCGO+THWxREgydOYlDyxCA+S0oJalF/0Tcy0t03xebG
uJCqwCHtKVkjDLcxGIWk3dosAHVOKYk2fZK0lMt6VGTG6ho9zIsdrZ4GWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBqYsBPGgJTOY018gaZu/2RgO9b8MB8GA1UdIwQY
MBaAFEy5Mrxg6f0Rhvj6a9cTwgcprnPuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExreXZHRHBfUkdHLVBwcjF4UENCeW11Yy00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNDM4OTItNzgwYy00MzJhLTg4MmYt
MWUwZDdjNDJkYTc2LzEvR3Bpd0U4YUFsTTVqVFh5QnBtN19aR0E3MXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zNDM4OTItNzgwYy00MzJhLTg4MmYtMWUwZDdjNDJkYTc2
LzEvVExreXZHRHBfUkdHLVBwcjF4UENCeW11Yy00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANfglgD
BABfgl4DBAK5WFAwDQYJKoZIhvcNAQELBQADggEBAK/ayx5puyPN+I7am7HIVI4N
IVa51GmZC8U9MoohnQLXyQKJjDtStpp85EBPwExeL8ezgBYxSoCWm99MdbWwNzli
esa4H7BRkRng9fxPflHKbg0ULJpS0tXHzUsr2d/LihaaeTmTXzWkKKQ16H+js3R/
jSr4QQ8PsvfMIDMgDtrDLW4qK9vxb3D89TKsh1lLZ9qSPJr8WKtXtcnBxkQf5Noi
+QoyFipYgY0a4MDsbetAOvtLwZsDxKJCd0hvcI+jsmKKeOF4snJ4Bcx6ygsXII+m
ecf95dr6ZrnmoPkwBFOxdzysv5hjps/B1h9j8Oi7irfxQEuinNrDaQK6YBwjqK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:03 2024 by rpki-client on console-ams.rpki-client.org