Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/GG9v-HfcTIIEI4Ylx1bQt1g14UM.roa
File: GG9v-HfcTIIEI4Ylx1bQt1g14UM.roa (raw, json)
Hash identifier: uVZwqvaXhncGAAWHInqUIgAwL07n1ul0AKF3GCBQy2g=
Subject key identifier: 18:6F:6F:F8:77:DC:4C:82:04:23:86:25:C7:56:D0:B7:58:35:E1:43
Certificate issuer: /CN=fd53c3aff31e27d2a1bc4d9b3ee75bb8a9b57838
Certificate serial: 01856F94D0D44D570A80EFB1B18088A35C99
Authority key identifier: FD:53:C3:AF:F3:1E:27:D2:A1:BC:4D:9B:3E:E7:5B:B8:A9:B5:78:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/GG9v-HfcTIIEI4Ylx1bQt1g14UM.roa
Signing time: Sun 01 Jan 2023 23:05:01 +0000
ROA not before: Sun 01 Jan 2023 23:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196810
IP address blocks: 185.15.200.0/22 maxlen: 22
185.213.204.0/22 maxlen: 22
89.207.232.0/21 maxlen: 25
194.104.86.0/23 maxlen: 23
185.170.16.0/22 maxlen: 22
194.104.2.0/23 maxlen: 23
178.23.168.0/21 maxlen: 25
185.224.40.0/22 maxlen: 22
2a02:ab40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d0:d4:4d:57:0a:80:ef:b1:b1:80:88:a3:5c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd53c3aff31e27d2a1bc4d9b3ee75bb8a9b57838
Validity
Not Before: Jan 1 23:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=186f6ff877dc4c8204238625c756d0b75835e143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9c:43:fa:01:05:d8:8c:ba:e7:7c:30:a9:0c:
8d:54:57:ac:62:e7:0e:33:73:48:01:17:4d:2d:a9:
5e:33:19:a1:e6:b9:96:01:59:10:24:73:43:a4:9a:
5a:a4:ea:e5:43:9a:ce:80:53:d3:f7:e1:76:8a:ee:
69:a6:18:03:eb:c8:5a:1f:e3:ac:53:37:e1:1c:16:
8a:1b:fc:7f:00:85:bc:6f:31:0b:85:91:86:04:ee:
e9:b8:cf:1c:f1:63:cd:fc:02:bf:7d:db:9d:0e:4b:
f5:64:fe:ce:66:33:55:26:f4:bb:76:ae:ab:b6:dd:
8f:64:6d:81:6f:98:10:24:9c:56:17:b9:ee:13:d3:
de:05:39:8a:32:bd:bc:92:91:e8:f2:e0:12:d6:7a:
87:7c:d9:a2:b0:74:27:04:b6:b8:bf:39:60:b3:12:
cf:02:18:e5:ac:25:7a:2e:06:dd:53:88:4b:21:f9:
d8:c2:72:1c:4c:ee:87:73:5a:f4:0e:16:73:02:27:
d2:4d:97:f8:c9:3b:a3:a6:03:8b:2c:8c:98:c0:70:
74:a7:5c:bc:0b:00:85:fa:ce:93:8b:2c:8d:99:c7:
68:75:e3:97:59:74:30:33:6b:7c:97:42:d4:9c:17:
ec:78:00:8a:8a:83:ea:06:9f:b7:6a:f4:dd:95:d5:
85:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6F:6F:F8:77:DC:4C:82:04:23:86:25:C7:56:D0:B7:58:35:E1:43
X509v3 Authority Key Identifier:
keyid:FD:53:C3:AF:F3:1E:27:D2:A1:BC:4D:9B:3E:E7:5B:B8:A9:B5:78:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/GG9v-HfcTIIEI4Ylx1bQt1g14UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/_VPDr_MeJ9KhvE2bPudbuKm1eDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.232.0/21
178.23.168.0/21
185.15.200.0/22
185.170.16.0/22
185.213.204.0/22
185.224.40.0/22
194.104.2.0/23
194.104.86.0/23
IPv6:
2a02:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
8e:c4:e3:5c:e1:1b:37:c2:c9:a3:09:94:5b:01:b3:37:23:02:
e5:fc:15:ec:43:1b:81:9e:a1:f4:b9:96:d5:dc:d4:9f:c6:3d:
b8:67:05:1e:d8:53:84:9f:25:dd:4b:4f:cf:f9:a6:c1:49:f3:
c4:36:df:f9:ec:99:0f:b8:ed:5b:9f:41:10:d6:8e:6a:30:c1:
72:a6:30:4c:61:54:cb:2a:99:fb:e7:cd:79:49:e7:06:da:04:
78:56:2c:fc:ea:51:1a:d2:9d:4b:cb:0a:c7:1e:2c:5a:45:e0:
88:06:ed:6d:4d:1b:36:69:f8:71:06:1f:fa:7e:f6:3a:82:b0:
a7:ad:24:50:c1:9f:05:7f:54:b6:d7:de:5a:72:f7:ca:bf:1f:
34:3e:1d:16:f0:82:31:7e:5e:0f:39:d6:b0:ed:7c:7f:24:60:
79:3d:88:28:80:6b:0a:bb:bf:6a:39:93:c9:aa:88:63:b9:95:
3e:9a:57:bc:8e:c5:a2:c2:0e:03:58:af:77:24:aa:09:77:d6:
10:45:51:8d:d7:11:64:15:d3:67:d2:2a:95:5f:31:d0:d1:78:
82:ce:d3:66:28:20:4a:3c:a9:5e:43:28:65:06:4a:66:18:f4:
e2:3a:5d:b8:70:e3:f5:9f:ce:40:70:16:52:49:9c:6b:19:ce:
b1:10:cf:87
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvlNDUTVcKgO+xsYCIo1yZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNTNjM2FmZjMxZTI3ZDJhMWJjNGQ5YjNlZTc1YmI4YTli
NTc4MzgwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODZmNmZmODc3ZGM0YzgyMDQyMzg2MjVjNzU2ZDBiNzU4MzVlMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZxD+gEF2Iy653wwqQyNVFesYucO
M3NIARdNLaleMxmh5rmWAVkQJHNDpJpapOrlQ5rOgFPT9+F2iu5pphgD68haH+Os
UzfhHBaKG/x/AIW8bzELhZGGBO7puM8c8WPN/AK/fdudDkv1ZP7OZjNVJvS7dq6r
tt2PZG2Bb5gQJJxWF7nuE9PeBTmKMr28kpHo8uAS1nqHfNmisHQnBLa4vzlgsxLP
AhjlrCV6LgbdU4hLIfnYwnIcTO6Hc1r0DhZzAifSTZf4yTujpgOLLIyYwHB0p1y8
CwCF+s6TiyyNmcdodeOXWXQwM2t8l0LUnBfseACKioPqBp+3avTdldWFvwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBhvb/h33EyCBCOGJcdW0LdYNeFDMB8GA1UdIwQY
MBaAFP1Tw6/zHifSobxNmz7nW7iptXg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ZQRHJfTWVKOUtodkUyYlB1ZGJ1S20xZURnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9kMWU2OGEtMWM4Ny00ODNkLWE4OWQt
NTZkYmZmMTRlZTA1LzEvR0c5di1IZmNUSUlFSTRZbHgxYlF0MWcxNFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9kMWU2OGEtMWM4Ny00ODNkLWE4OWQtNTZkYmZmMTRlZTA1
LzEvX1ZQRHJfTWVKOUtodkUyYlB1ZGJ1S20xZURnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDWc/oAwQD
sheoAwQCuQ/IAwQCuaoQAwQCudXMAwQCueAoAwQBwmgCAwQBwmhWMA0EAgACMAcD
BQMqAqtAMA0GCSqGSIb3DQEBCwUAA4IBAQCOxONc4Rs3wsmjCZRbAbM3IwLl/BXs
QxuBnqH0uZbV3NSfxj24ZwUe2FOEnyXdS0/P+abBSfPENt/57JkPuO1bn0EQ1o5q
MMFypjBMYVTLKpn75815SecG2gR4Viz86lEa0p1LywrHHixaReCIBu1tTRs2afhx
Bh/6fvY6grCnrSRQwZ8Ff1S2195acvfKvx80Ph0W8IIxfl4POdaw7Xx/JGB5PYgo
gGsKu79qOZPJqohjuZU+mle8jsWiwg4DWK93JKoJd9YQRVGN1xFkFdNn0iqVXzHQ
0XiCztNmKCBKPKleQyhlBkpmGPTiOl24cOP1n85AcBZSSZxrGc6xEM+H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:13 2024 by rpki-client on console-ams.rpki-client.org