Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GTrxp6LI8JEFWR_lK7LD0FqAurU.roa
File: GTrxp6LI8JEFWR_lK7LD0FqAurU.roa (raw, json)
Hash identifier: 0E+tUDj8YmxLq5btExdmsNVQvnfdCha7TZA477/PXpA=
Subject key identifier: 19:3A:F1:A7:A2:C8:F0:91:05:59:1F:E5:2B:B2:C3:D0:5A:80:BA:B5
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0187252FAC027A276AC84E78306B8F459945
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GTrxp6LI8JEFWR_lK7LD0FqAurU.roa
Signing time: Mon 27 Mar 2023 22:28:13 +0000
ROA not before: Mon 27 Mar 2023 22:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31293
IP address blocks: 185.118.242.0/24 maxlen: 24
185.118.241.0/24 maxlen: 24
185.118.243.0/24 maxlen: 24
194.150.117.0/24 maxlen: 24
194.150.116.0/24 maxlen: 24
194.150.118.0/24 maxlen: 24
194.150.119.0/24 maxlen: 24
2a06:9680::/29 maxlen: 48
2a06:9682::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:25:2f:ac:02:7a:27:6a:c8:4e:78:30:6b:8f:45:99:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Mar 27 22:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=193af1a7a2c8f09105591fe52bb2c3d05a80bab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:32:6b:69:64:2e:16:0e:35:64:0c:c5:2c:5f:
40:f1:96:e2:51:57:53:59:98:82:39:6c:23:48:c4:
4a:22:2f:cd:3c:d1:06:06:4f:a9:37:96:17:cd:d3:
3c:f1:e3:25:86:90:2e:30:da:4d:db:2d:9c:2e:68:
2c:e2:d3:70:f9:a9:37:e5:47:85:70:c1:cc:f1:0c:
c4:dc:57:1d:43:5f:71:45:5c:3d:b3:83:1d:06:9b:
46:e6:b4:f2:98:a9:ee:12:be:5b:2d:33:1c:99:f4:
3a:c2:b8:ea:76:f4:f7:aa:dc:b6:8e:21:64:ac:78:
9b:0d:f8:a2:dd:17:7a:5d:1e:ab:49:00:38:85:a0:
83:86:c4:d2:5f:2c:da:92:da:f4:29:c5:44:fb:25:
b9:81:6d:a6:2f:1b:53:39:60:82:b1:87:ed:a0:11:
84:f5:44:66:30:7d:b8:6b:05:d2:df:8d:08:89:3e:
55:a2:53:4d:e2:b3:87:f3:a0:5f:aa:a1:c5:be:13:
b7:a6:83:04:41:18:83:a2:23:51:f3:ae:46:23:19:
89:a9:4b:c4:1e:bc:a8:b7:ec:45:c4:a7:8e:d4:52:
1c:0f:61:35:70:3a:70:54:05:dc:9d:3b:72:48:32:
8f:4f:a7:4c:07:09:8a:dc:f3:52:93:b1:6f:f1:88:
c8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3A:F1:A7:A2:C8:F0:91:05:59:1F:E5:2B:B2:C3:D0:5A:80:BA:B5
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/GTrxp6LI8JEFWR_lK7LD0FqAurU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.241.0-185.118.243.255
194.150.116.0/22
IPv6:
2a06:9680::/29
Signature Algorithm: sha256WithRSAEncryption
1a:4f:64:d1:af:b6:c0:be:ec:78:cb:68:75:a1:3e:24:b7:9a:
86:2a:76:f4:65:92:4e:68:30:c9:72:d3:79:15:7f:bd:cc:79:
9e:b7:c7:cb:de:ed:bd:ed:25:fa:d1:6e:1c:d7:63:f8:d9:5f:
6e:f1:45:dd:21:8b:4a:87:68:eb:12:2f:99:f8:71:f1:3a:96:
20:6f:83:40:ee:72:a8:a7:8c:23:e1:55:ca:84:1b:83:a2:40:
d6:33:f5:d4:02:ae:ae:e7:67:b6:82:2d:9c:84:6a:82:5c:44:
ed:12:45:29:ca:15:e2:12:46:3e:69:66:f2:67:83:ff:8e:d0:
5c:ac:ba:3d:38:cc:38:94:91:df:19:53:c0:69:8a:20:02:0c:
76:c4:2d:4b:ad:cc:57:ad:fd:04:2b:8c:89:b6:d1:6c:e3:03:
3f:b1:66:9a:3a:b1:36:aa:66:0e:1d:de:33:51:a6:4f:30:3f:
87:b1:19:79:74:8f:c1:d8:17:2b:aa:70:dc:70:06:e0:4f:40:
8c:97:f0:24:c1:45:e7:69:85:64:97:72:77:e4:62:c0:fd:95:
1b:39:f5:59:a0:60:da:b3:8b:99:d7:03:a1:6f:d4:f6:fb:8e:
40:b5:02:e6:5a:11:d5:be:fa:91:f6:d1:73:e3:39:01:d8:ba:
9c:1d:59:b5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYclL6wCeidqyE54MGuPRZlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjMwMzI3MjIyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTNhZjFhN2EyYzhmMDkxMDU1OTFmZTUyYmIyYzNkMDVhODBiYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTJraWQuFg41ZAzFLF9A8ZbiUVdT
WZiCOWwjSMRKIi/NPNEGBk+pN5YXzdM88eMlhpAuMNpN2y2cLmgs4tNw+ak35UeF
cMHM8QzE3FcdQ19xRVw9s4MdBptG5rTymKnuEr5bLTMcmfQ6wrjqdvT3qty2jiFk
rHibDfii3Rd6XR6rSQA4haCDhsTSXyzaktr0KcVE+yW5gW2mLxtTOWCCsYftoBGE
9URmMH24awXS340IiT5VolNN4rOH86BfqqHFvhO3poMEQRiDoiNR865GIxmJqUvE
Hryot+xFxKeO1FIcD2E1cDpwVAXcnTtySDKPT6dMBwmK3PNSk7Fv8YjIiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBk68aeiyPCRBVkf5Suyw9BagLq1MB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvR1RyeHA2TEk4SkVGV1JfbEs3TEQwRnFBdXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5dvED
BAK5dvADBALClnQwDQQCAAIwBwMFAyoGloAwDQYJKoZIhvcNAQELBQADggEBABpP
ZNGvtsC+7HjLaHWhPiS3moYqdvRlkk5oMMly03kVf73MeZ63x8ve7b3tJfrRbhzX
Y/jZX27xRd0hi0qHaOsSL5n4cfE6liBvg0DucqinjCPhVcqEG4OiQNYz9dQCrq7n
Z7aCLZyEaoJcRO0SRSnKFeISRj5pZvJng/+O0Fysuj04zDiUkd8ZU8BpiiACDHbE
LUutzFet/QQrjIm20WzjAz+xZpo6sTaqZg4d3jNRpk8wP4exGXl0j8HYFyuqcNxw
BuBPQIyX8CTBRedphWSXcnfkYsD9lRs59VmgYNqzi5nXA6Fv1Pb7jkC1AuZaEdW+
+pH20XPjOQHYupwdWbU=
Generated at Fri Dec 22 18:18:29 2023 by rpki-client on console-fra.rpki-client.org