Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/GErtzU9OIVCBrVdmrikUr3vcrGA.roa
File: GErtzU9OIVCBrVdmrikUr3vcrGA.roa (raw, json)
Hash identifier: txgKfiuZO3RrPwxjfWYtlCSD+uCrklG6nk/TxVVJrR0=
Subject key identifier: 18:4A:ED:CD:4F:4E:21:50:81:AD:57:66:AE:29:14:AF:7B:DC:AC:60
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01894DF1FA414F1833FCFC1CC48D7FD5081A
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/GErtzU9OIVCBrVdmrikUr3vcrGA.roa
Signing time: Thu 13 Jul 2023 06:30:51 +0000
ROA not before: Thu 13 Jul 2023 06:30:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.104.0/21 maxlen: 21
185.126.3.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.0.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.1.0/24 maxlen: 24
185.126.0.0/21 maxlen: 21
185.126.10.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.8.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.5.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4d:f1:fa:41:4f:18:33:fc:fc:1c:c4:8d:7f:d5:08:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jul 13 06:30:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=184aedcd4f4e215081ad5766ae2914af7bdcac60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:01:7f:c6:f1:fa:d7:dc:b7:f1:f9:af:0f:54:
36:15:51:93:6a:62:07:70:92:bf:c9:0b:4d:7b:c9:
39:d2:15:2b:0e:a7:fe:0f:5e:00:a9:fb:72:b8:cc:
d1:47:d9:5c:c3:cc:b0:25:60:42:f0:3e:ae:94:16:
b2:38:0f:3d:6e:19:65:89:ad:70:71:df:e5:05:9d:
46:cb:fd:59:9b:ea:0d:39:b3:5d:d0:2e:b2:cc:ce:
cb:1f:dd:96:01:12:44:d7:40:16:b0:63:4e:94:be:
f6:79:ca:ae:3b:5f:ba:2d:58:d7:2b:a5:82:df:e9:
b8:c1:ca:2a:3a:6f:1a:7d:e2:93:54:f5:29:5a:ef:
aa:5f:f9:52:1c:10:0d:2c:8b:4e:5d:51:25:27:6d:
51:5f:bc:ce:82:fd:e1:17:4f:fc:df:28:0a:52:cc:
2e:96:e4:9e:24:1a:14:f8:c8:71:14:af:32:5c:ed:
6c:67:c1:be:74:e2:db:48:c7:01:b9:4c:65:16:5f:
34:d6:3e:70:f2:40:d9:1d:d6:8d:5a:7e:2c:e7:a6:
4a:1f:40:19:1b:56:bf:d0:80:ba:04:a0:98:29:81:
15:30:5a:fa:6a:6f:ad:0f:78:5d:0c:d5:b2:67:37:
1e:a6:17:35:0e:fe:ac:9f:27:bb:a0:26:99:68:20:
3b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4A:ED:CD:4F:4E:21:50:81:AD:57:66:AE:29:14:AF:7B:DC:AC:60
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/GErtzU9OIVCBrVdmrikUr3vcrGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0/20
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
3b:5e:a8:fd:c4:99:3c:17:78:66:08:af:e7:1a:15:c1:5f:8e:
34:aa:db:aa:d1:b9:99:03:59:e4:f9:29:48:0f:10:9d:e1:63:
7b:ec:01:99:e7:23:fd:64:08:f8:54:a9:51:d4:75:ec:34:b8:
b8:88:4b:d4:6a:73:5a:0b:1f:6e:18:ed:db:75:ca:5a:13:44:
b5:90:3e:71:13:4e:9d:c1:e8:9b:6c:f0:a7:c2:cd:ad:5e:82:
83:88:b2:3f:21:cd:07:0b:1c:36:87:4a:ee:71:58:14:58:78:
7e:7f:5d:33:f6:59:e7:d2:25:dc:d3:a9:c9:9b:ab:11:e7:93:
11:e0:30:9f:a4:5f:ac:68:de:6b:c7:a4:a6:f9:a5:be:2a:6c:
73:f3:29:69:4d:bc:29:1b:fa:4d:95:4f:28:bc:42:84:39:dc:
21:8e:fb:26:69:aa:f3:f7:ab:d4:66:57:f2:4b:23:a7:b2:47:
81:c1:7a:f6:ba:26:72:cb:c3:2f:fa:6d:a0:39:6a:6c:0a:67:
ff:0d:74:0d:21:80:79:1e:2d:0a:4b:8e:3f:2a:6f:bd:1f:0e:
54:b1:d2:c2:07:f3:49:d2:02:9d:85:4b:f2:05:a5:75:6d:ce:
93:d2:9f:27:cc:71:52:a6:d4:a3:f9:31:c3:1d:84:9f:19:f0:
a4:e4:e7:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlN8fpBTxgz/PwcxI1/1QgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwNzEzMDYzMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRhZWRjZDRmNGUyMTUwODFhZDU3NjZhZTI5MTRhZjdiZGNhYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAF/xvH619y38fmvD1Q2FVGTamIH
cJK/yQtNe8k50hUrDqf+D14AqftyuMzRR9lcw8ywJWBC8D6ulBayOA89bhllia1w
cd/lBZ1Gy/1Zm+oNObNd0C6yzM7LH92WARJE10AWsGNOlL72ecquO1+6LVjXK6WC
3+m4wcoqOm8afeKTVPUpWu+qX/lSHBANLItOXVElJ21RX7zOgv3hF0/83ygKUswu
luSeJBoU+MhxFK8yXO1sZ8G+dOLbSMcBuUxlFl801j5w8kDZHdaNWn4s56ZKH0AZ
G1a/0IC6BKCYKYEVMFr6am+tD3hdDNWyZzcephc1Dv6snye7oCaZaCA7mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBhK7c1PTiFQga1XZq4pFK973KxgMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvR0VydHpVOU9JVkNCclZkbXJpa1VyM3ZjckdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVQlgAwQE
uX4AMA0GCSqGSIb3DQEBCwUAA4IBAQA7Xqj9xJk8F3hmCK/nGhXBX440qtuq0bmZ
A1nk+SlIDxCd4WN77AGZ5yP9ZAj4VKlR1HXsNLi4iEvUanNaCx9uGO3bdcpaE0S1
kD5xE06dweibbPCnws2tXoKDiLI/Ic0HCxw2h0rucVgUWHh+f10z9lnn0iXc06nJ
m6sR55MR4DCfpF+saN5rx6Sm+aW+Kmxz8ylpTbwpG/pNlU8ovEKEOdwhjvsmaarz
96vUZlfySyOnskeBwXr2uiZyy8Mv+m2gOWpsCmf/DXQNIYB5Hi0KS44/Km+9Hw5U
sdLCB/NJ0gKdhUvyBaV1bc6T0p8nzHFSptSj+THDHYSfGfCk5OcA
Generated at Mon Jul 24 13:42:59 2023 by rpki-client on console-ams.rpki-client.org