Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/GzbaUJ-QeXUet8dSrH-OO_-vTQg.roa
File: GzbaUJ-QeXUet8dSrH-OO_-vTQg.roa (raw, json)
Hash identifier: paT9ruOEnxQviDEG2Or95et3sLRIPP+ae9gR4tkwyAw=
Subject key identifier: 1B:36:DA:50:9F:90:79:75:1E:B7:C7:52:AC:7F:8E:3B:FF:AF:4D:08
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 01856F94B9EEA88D5E85B1D7FF67ED82EAE0
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/GzbaUJ-QeXUet8dSrH-OO_-vTQg.roa
Signing time: Sun 01 Jan 2023 23:04:55 +0000
ROA not before: Sun 01 Jan 2023 23:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21069
IP address blocks: 46.231.200.0/21 maxlen: 24
81.173.82.0/23 maxlen: 24
81.173.84.0/22 maxlen: 24
81.173.88.0/21 maxlen: 24
185.46.56.0/22 maxlen: 24
80.74.128.0/20 maxlen: 24
80.74.144.0/20 maxlen: 24
94.126.16.0/21 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:b9:ee:a8:8d:5e:85:b1:d7:ff:67:ed:82:ea:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Jan 1 23:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b36da509f9079751eb7c752ac7f8e3bffaf4d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:82:20:40:70:3f:34:d5:5a:08:8d:ce:03:c5:
ce:19:07:49:f9:5f:b8:69:e9:7b:7f:3b:d7:52:db:
9d:0f:e5:49:92:4c:86:87:84:dd:e2:c4:bd:73:b6:
d3:cf:cf:5e:66:23:f8:8e:48:ad:71:ae:a6:95:df:
6c:e2:68:80:eb:22:f8:77:f1:70:e0:28:ba:6e:e7:
c1:e9:25:51:d6:31:fe:f0:fa:23:e6:f2:20:27:90:
5e:7c:59:99:c5:65:8a:f0:09:97:31:cb:aa:1e:3f:
07:28:5d:64:38:3e:b3:8c:f8:d0:ed:13:a0:46:29:
2c:1a:a3:99:0a:9a:6b:b1:c7:a3:7c:76:6e:89:49:
90:9e:c4:47:e1:28:ff:64:93:43:e1:a4:7d:01:4c:
d8:ec:73:02:47:db:07:d6:d4:66:04:bc:94:53:18:
8e:9e:bc:91:60:b8:38:00:7c:ce:ea:95:a7:a6:0d:
44:9d:12:d9:a8:35:ef:f5:05:0d:7c:a5:25:0e:af:
d9:b9:57:74:7a:63:72:3f:be:21:06:23:de:26:35:
d2:77:7b:91:52:d1:16:7d:4a:b2:00:9c:b3:c3:2a:
22:72:59:eb:b0:f0:a5:67:b2:1f:41:46:c9:b6:35:
d2:f6:a1:2a:77:c0:58:c2:20:5e:bc:57:fa:3b:95:
21:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:36:DA:50:9F:90:79:75:1E:B7:C7:52:AC:7F:8E:3B:FF:AF:4D:08
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/GzbaUJ-QeXUet8dSrH-OO_-vTQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.200.0/21
80.74.128.0/19
81.173.82.0-81.173.95.255
94.126.16.0/21
185.46.56.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
1c:21:7b:57:a1:87:25:eb:07:4f:5e:15:fd:16:fa:e7:a9:28:
dd:16:5d:3f:8b:dc:d9:74:7e:70:1c:22:3e:7f:23:bd:94:21:
e0:c7:bb:cd:ac:ce:98:d8:15:85:bf:f3:06:13:57:9a:31:67:
82:b1:cb:5f:58:05:3f:b2:61:05:68:aa:d4:6a:9f:3f:01:b4:
3e:63:11:54:e2:9d:6b:0e:c2:09:76:15:bc:6a:26:be:b3:dc:
8b:08:f9:b1:63:1f:fc:7f:6f:58:f9:3e:b6:46:9e:8b:19:ce:
b1:23:4b:ad:0e:dc:ea:d6:0c:71:a4:b0:21:90:2c:4d:7b:b2:
e0:e2:f1:4c:89:18:66:13:8f:4c:9c:1e:03:75:18:1f:83:7b:
f2:e9:a0:3f:19:2d:a6:f5:54:2a:8c:4c:71:df:bb:81:a8:1a:
7a:c5:0d:11:11:71:49:52:60:c2:fa:4d:2b:11:fb:ab:92:73:
47:1b:93:ac:ea:f7:6b:75:d0:82:20:92:32:97:ad:22:08:b6:
23:c3:50:92:5c:51:9e:a2:72:76:1b:90:48:cf:95:28:b8:22:
3f:5e:53:ea:29:4a:68:82:66:e9:d8:75:c1:21:8c:42:71:6f:
5d:46:b1:7d:d7:01:54:31:73:f4:84:b6:ab:71:7f:c4:a8:b2:
34:1e:12:70
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVvlLnuqI1ehbHX/2ftgurgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjMwMTAxMjMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM2ZGE1MDlmOTA3OTc1MWViN2M3NTJhYzdmOGUzYmZmYWY0ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloIgQHA/NNVaCI3OA8XOGQdJ+V+4
ael7fzvXUtudD+VJkkyGh4Td4sS9c7bTz89eZiP4jkitca6mld9s4miA6yL4d/Fw
4Ci6bufB6SVR1jH+8Poj5vIgJ5BefFmZxWWK8AmXMcuqHj8HKF1kOD6zjPjQ7ROg
RiksGqOZCpprscejfHZuiUmQnsRH4Sj/ZJND4aR9AUzY7HMCR9sH1tRmBLyUUxiO
nryRYLg4AHzO6pWnpg1EnRLZqDXv9QUNfKUlDq/ZuVd0emNyP74hBiPeJjXSd3uR
UtEWfUqyAJyzwyoiclnrsPClZ7IfQUbJtjXS9qEqd8BYwiBevFf6O5UhpQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBs22lCfkHl1HrfHUqx/jjv/r00IMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvR3piYVVKLVFlWFVldDhkU3JILU9PXy12VFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDLufIAwQF
UEqAMAwDBAFRrVIDBAVRrUADBANefhADBAK5LjgwDQQCAAIwBwMFACoAESgwDQYJ
KoZIhvcNAQELBQADggEBABwhe1ehhyXrB09eFf0W+uepKN0WXT+L3Nl0fnAcIj5/
I72UIeDHu82szpjYFYW/8wYTV5oxZ4Kxy19YBT+yYQVoqtRqnz8BtD5jEVTinWsO
wgl2FbxqJr6z3IsI+bFjH/x/b1j5PrZGnosZzrEjS60O3OrWDHGksCGQLE17suDi
8UyJGGYTj0ycHgN1GB+De/LpoD8ZLab1VCqMTHHfu4GoGnrFDRERcUlSYML6TSsR
+6uSc0cbk6zq92t10IIgkjKXrSIItiPDUJJcUZ6icnYbkEjPlSi4Ij9eU+opSmiC
ZunYdcEhjEJxb11GsX3XAVQxc/SEtqtxf8SosjQeEnA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:48 2024 by rpki-client on console-ams.rpki-client.org