Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/G1KLZ0yyIlzLskbG2BOr4zqMzxQ.roa
File: G1KLZ0yyIlzLskbG2BOr4zqMzxQ.roa (raw, json)
Hash identifier: dZFXo9Fz4OwEcQlEc6z7tBtf+DiyqaWHOzhhLRb5E7A=
Subject key identifier: 1B:52:8B:67:4C:B2:22:5C:CB:B2:46:C6:D8:13:AB:E3:3A:8C:CF:14
Certificate issuer: /CN=01d02680691389402b3eb335e5c9c8be3e9930a0
Certificate serial: 01856CE637153FF3FD28355CCEE05CC50AE5
Authority key identifier: 01:D0:26:80:69:13:89:40:2B:3E:B3:35:E5:C9:C8:BE:3E:99:30:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdAmgGkTiUArPrM15cnIvj6ZMKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/G1KLZ0yyIlzLskbG2BOr4zqMzxQ.roa
Signing time: Sun 01 Jan 2023 10:35:04 +0000
ROA not before: Sun 01 Jan 2023 10:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209608
IP address blocks: 193.186.203.0/24 maxlen: 24
193.186.202.0/24 maxlen: 24
193.186.201.0/24 maxlen: 24
193.186.200.0/22 maxlen: 22
193.186.200.0/24 maxlen: 24
2a0d:76c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:37:15:3f:f3:fd:28:35:5c:ce:e0:5c:c5:0a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d02680691389402b3eb335e5c9c8be3e9930a0
Validity
Not Before: Jan 1 10:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b528b674cb2225ccbb246c6d813abe33a8ccf14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ae:e4:6e:c7:54:8e:c1:a8:e4:19:66:53:37:
3d:a5:6b:03:06:cb:c0:a5:cc:04:7a:23:dd:d6:0f:
44:a0:39:ac:09:d6:e9:63:cb:56:bb:9a:6b:67:4f:
44:45:60:37:b4:9c:35:7e:3e:1f:7f:71:ce:d1:77:
a7:f0:7e:b8:29:33:6e:0c:92:19:f0:25:74:81:e5:
23:a5:5b:1c:7a:56:06:21:3a:ef:30:6d:ba:72:8c:
c9:e7:2a:87:4d:38:4e:65:fb:e8:68:b7:28:f2:47:
33:cf:f0:b3:42:aa:b2:c3:c2:8e:c3:4f:7d:ec:fb:
78:fe:6e:b4:86:7b:60:70:2e:31:2b:18:94:d7:aa:
d1:c0:3f:d2:49:7c:e9:60:00:04:0a:9b:70:d9:e9:
9e:ff:56:23:9a:d1:15:de:00:4a:73:20:a4:be:98:
ad:3d:58:32:4d:6c:4f:95:0d:f2:4d:83:dc:a5:cd:
76:99:05:b0:5a:ca:36:92:09:52:72:d9:3b:cf:2b:
e6:22:ad:55:f1:a6:8e:4e:e9:0e:8e:24:2d:bd:d4:
4d:3c:21:5e:92:58:48:39:41:ad:14:b5:dc:35:6d:
77:7c:69:09:ed:f1:54:59:be:51:ea:e1:71:5a:8e:
64:7c:87:3b:20:cf:9d:20:d4:0d:8f:ef:00:71:d3:
15:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:52:8B:67:4C:B2:22:5C:CB:B2:46:C6:D8:13:AB:E3:3A:8C:CF:14
X509v3 Authority Key Identifier:
keyid:01:D0:26:80:69:13:89:40:2B:3E:B3:35:E5:C9:C8:BE:3E:99:30:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdAmgGkTiUArPrM15cnIvj6ZMKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/G1KLZ0yyIlzLskbG2BOr4zqMzxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/b9f905-cd6b-4c7e-9f4e-bc29b21d3ce7/1/AdAmgGkTiUArPrM15cnIvj6ZMKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.200.0/22
IPv6:
2a0d:76c0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:e3:b2:7a:20:c5:ff:7e:a8:d8:29:3f:87:96:8c:08:69:55:
8b:7b:da:8d:e2:7a:cc:ed:5e:95:d7:89:df:2c:32:e9:07:34:
af:ed:96:b3:6d:81:4d:64:0f:0b:c0:8a:5f:17:84:38:c9:37:
01:f5:83:1d:96:3d:11:57:95:c7:93:96:13:e7:a2:60:71:74:
13:e2:88:09:ed:6b:62:e4:a3:5a:74:06:4e:12:f4:4f:51:0c:
6a:f8:94:9a:7b:ab:1e:99:61:e3:cf:b4:64:c7:69:3e:ec:d3:
d3:df:66:6f:f6:6d:1c:3c:bc:e2:91:55:6a:da:73:7e:c8:41:
a1:22:f0:cd:c9:9c:b7:0f:7e:80:15:9e:8f:0a:dd:bd:1c:c4:
fa:66:84:f2:c6:d2:02:34:88:3c:03:7c:0e:c0:65:05:0a:7c:
a8:e6:bb:c2:d9:e8:e7:8c:f7:0b:9b:99:f3:98:0a:8f:6f:dd:
08:b8:5b:d5:f6:ae:b7:50:f1:44:10:96:84:7e:8f:00:3f:3b:
73:f6:ba:c1:2b:51:47:0f:9a:f5:06:cb:62:35:42:f3:6f:64:
6e:cf:61:03:ef:e2:ae:d9:bb:7c:84:ad:eb:92:4c:dc:a5:ad:
cd:91:80:ec:bc:46:5e:fb:cc:60:e7:ed:9f:89:15:02:61:a4:
44:8c:73:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs5jcVP/P9KDVczuBcxQrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDAyNjgwNjkxMzg5NDAyYjNlYjMzNWU1YzljOGJlM2U5
OTMwYTAwHhcNMjMwMTAxMTAzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjUyOGI2NzRjYjIyMjVjY2JiMjQ2YzZkODEzYWJlMzNhOGNjZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK7kbsdUjsGo5BlmUzc9pWsDBsvA
pcwEeiPd1g9EoDmsCdbpY8tWu5prZ09ERWA3tJw1fj4ff3HO0Xen8H64KTNuDJIZ
8CV0geUjpVscelYGITrvMG26cozJ5yqHTThOZfvoaLco8kczz/CzQqqyw8KOw099
7Pt4/m60hntgcC4xKxiU16rRwD/SSXzpYAAECptw2eme/1YjmtEV3gBKcyCkvpit
PVgyTWxPlQ3yTYPcpc12mQWwWso2kglSctk7zyvmIq1V8aaOTukOjiQtvdRNPCFe
klhIOUGtFLXcNW13fGkJ7fFUWb5R6uFxWo5kfIc7IM+dINQNj+8AcdMVawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtSi2dMsiJcy7JGxtgTq+M6jM8UMB8GA1UdIwQY
MBaAFAHQJoBpE4lAKz6zNeXJyL4+mTCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRBbWdHa1RpVUFyUHJNMTVjbkl2ajZaTUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iOWY5MDUtY2Q2Yi00YzdlLTlmNGUt
YmMyOWIyMWQzY2U3LzEvRzFLTFoweXlJbHpMc2tiRzJCT3I0enFNenhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iOWY5MDUtY2Q2Yi00YzdlLTlmNGUtYmMyOWIyMWQzY2U3
LzEvQWRBbWdHa1RpVUFyUHJNMTVjbkl2ajZaTUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwbrIMA8E
AgACMAkDBwAqDXbAAAAwDQYJKoZIhvcNAQELBQADggEBADzjsnogxf9+qNgpP4eW
jAhpVYt72o3iesztXpXXid8sMukHNK/tlrNtgU1kDwvAil8XhDjJNwH1gx2WPRFX
lceTlhPnomBxdBPiiAnta2Lko1p0Bk4S9E9RDGr4lJp7qx6ZYePPtGTHaT7s09Pf
Zm/2bRw8vOKRVWrac37IQaEi8M3JnLcPfoAVno8K3b0cxPpmhPLG0gI0iDwDfA7A
ZQUKfKjmu8LZ6OeM9wubmfOYCo9v3Qi4W9X2rrdQ8UQQloR+jwA/O3P2usErUUcP
mvUGy2I1QvNvZG7PYQPv4q7Zu3yEreuSTNylrc2RgOy8Rl77zGDn7Z+JFQJhpESM
c8I=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:07 2024 by rpki-client on console-fra.rpki-client.org