Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/cGMNJpehPSzV1xwUWXTP1qfAyNs.roa
File: cGMNJpehPSzV1xwUWXTP1qfAyNs.roa (raw, json)
Hash identifier: lg1oBkH5S9HYFoky12hQRNXyk2J6UUK+VjaLaSsaRt4=
Subject key identifier: 70:63:0D:26:97:A1:3D:2C:D5:D7:1C:14:59:74:CF:D6:A7:C0:C8:DB
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 018B8ED26908DB0BFAE39897E46DC5DDB165
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/cGMNJpehPSzV1xwUWXTP1qfAyNs.roa
Signing time: Thu 02 Nov 2023 06:57:16 +0000
ROA not before: Thu 02 Nov 2023 06:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210001
IP address blocks: 185.52.116.0/24 maxlen: 24
185.52.116.0/22 maxlen: 22
93.187.32.0/21 maxlen: 21
2a00:dd00:5::/48 maxlen: 48
2a00:dd00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8e:d2:69:08:db:0b:fa:e3:98:97:e4:6d:c5:dd:b1:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Nov 2 06:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70630d2697a13d2cd5d71c145974cfd6a7c0c8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b9:9c:ea:f2:94:a0:15:e9:c0:90:83:3f:86:
6a:99:67:07:49:2a:78:56:74:66:9a:6d:18:76:72:
c6:f0:52:55:22:c1:de:af:14:ee:e5:06:32:54:c7:
4c:a5:87:69:38:b4:4f:22:f6:92:61:b6:b7:35:70:
6a:c2:9d:c2:c3:88:7e:2c:e9:d2:a3:b3:f4:98:e5:
d7:c3:4e:d9:23:01:f7:9c:d8:a8:9f:51:74:c7:40:
0f:4c:c7:06:07:b9:02:48:34:67:8b:c6:26:1a:4b:
81:7e:99:18:54:de:df:63:9d:d5:e0:3b:69:96:2d:
14:91:8e:34:4b:4e:8f:b4:d3:f6:01:1e:3f:b6:ed:
c5:46:dd:dc:1a:3c:b6:43:33:a6:05:5a:8d:94:0f:
f9:df:a8:55:31:9f:6c:c0:3a:ba:b8:74:9c:29:60:
7d:33:a6:de:95:09:fd:a9:b8:21:ae:c4:ae:75:8a:
1a:3e:7f:30:66:f9:e0:c4:3c:e1:f0:2c:29:6c:04:
44:ef:e2:b8:68:87:54:c5:73:b1:82:d7:6e:17:27:
95:8c:4c:18:f9:28:bb:1d:e0:c7:b9:dd:1e:ea:17:
87:ab:89:0f:21:9c:22:3b:e0:45:b2:1b:1e:e6:1c:
cc:2c:3e:a7:87:14:99:70:a7:7e:68:bb:32:75:5d:
ee:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:63:0D:26:97:A1:3D:2C:D5:D7:1C:14:59:74:CF:D6:A7:C0:C8:DB
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/cGMNJpehPSzV1xwUWXTP1qfAyNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/21
185.52.116.0/22
IPv6:
2a00:dd00::/32
Signature Algorithm: sha256WithRSAEncryption
0d:58:89:af:ac:cf:d1:97:29:61:22:b6:ad:dc:ae:66:d8:63:
33:37:ef:ae:d9:b1:51:c2:e1:f0:14:05:99:8a:8b:7c:0d:5d:
bf:6c:64:38:48:44:e5:8b:c4:58:aa:74:20:0d:9e:5a:4b:ab:
c5:a4:1d:fa:b3:b3:c8:72:a7:e9:6e:34:a0:0d:aa:91:39:97:
fd:a6:b9:cf:10:92:66:f6:c8:03:df:6e:db:b1:3e:20:fb:81:
c2:95:74:aa:04:8e:58:c8:24:a0:4c:6b:9b:03:19:f1:3b:b2:
da:56:1c:aa:6e:65:7a:21:79:0b:41:7f:f7:9a:1b:6a:88:4f:
5e:88:8c:cc:b6:91:cf:dd:b2:a5:f3:de:b8:48:e4:64:ad:8b:
e7:18:cd:ed:04:f6:57:e6:37:b9:fc:d3:0a:8d:b6:c7:c3:59:
e9:6b:2f:01:b0:38:e7:c9:6c:bc:91:28:68:35:1b:9d:ef:e9:
d5:27:1b:62:e3:89:89:95:3d:b0:7e:7f:60:eb:6b:79:c0:c0:
d1:24:8e:cd:76:88:f1:66:e1:18:f1:07:d7:3b:e5:25:86:9e:
e8:2a:f9:0f:e6:2b:81:83:97:23:ae:c9:51:82:f9:f4:70:63:
c4:53:22:b8:c9:96:e7:4b:7c:60:70:6f:d2:5b:ea:65:2c:f0:
92:b6:b9:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuO0mkI2wv645iX5G3F3bFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjMxMTAyMDY1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDYzMGQyNjk3YTEzZDJjZDVkNzFjMTQ1OTc0Y2ZkNmE3YzBjOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07mc6vKUoBXpwJCDP4ZqmWcHSSp4
VnRmmm0YdnLG8FJVIsHerxTu5QYyVMdMpYdpOLRPIvaSYba3NXBqwp3Cw4h+LOnS
o7P0mOXXw07ZIwH3nNion1F0x0APTMcGB7kCSDRni8YmGkuBfpkYVN7fY53V4Dtp
li0UkY40S06PtNP2AR4/tu3FRt3cGjy2QzOmBVqNlA/536hVMZ9swDq6uHScKWB9
M6belQn9qbghrsSudYoaPn8wZvngxDzh8CwpbARE7+K4aIdUxXOxgtduFyeVjEwY
+Si7HeDHud0e6heHq4kPIZwiO+BFshse5hzMLD6nhxSZcKd+aLsydV3uYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHBjDSaXoT0s1dccFFl0z9anwMjbMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvY0dNTkpwZWhQU3pWMXh3VVdYVFAxcWZBeU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXbsgAwQC
uTR0MA0EAgACMAcDBQAqAN0AMA0GCSqGSIb3DQEBCwUAA4IBAQANWImvrM/Rlylh
Irat3K5m2GMzN++u2bFRwuHwFAWZiot8DV2/bGQ4SETli8RYqnQgDZ5aS6vFpB36
s7PIcqfpbjSgDaqROZf9prnPEJJm9sgD327bsT4g+4HClXSqBI5YyCSgTGubAxnx
O7LaVhyqbmV6IXkLQX/3mhtqiE9eiIzMtpHP3bKl8964SORkrYvnGM3tBPZX5je5
/NMKjbbHw1npay8BsDjnyWy8kShoNRud7+nVJxti44mJlT2wfn9g62t5wMDRJI7N
dojxZuEY8QfXO+Ulhp7oKvkP5iuBg5cjrslRgvn0cGPEUyK4yZbnS3xgcG/SW+pl
LPCStrn8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:42 2024 by rpki-client on console-ams.rpki-client.org