Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/GGL4Iz40oPbATli86JLt_QZtt0U.roa
File: GGL4Iz40oPbATli86JLt_QZtt0U.roa (raw, json)
Hash identifier: hywBkois3cWyGfR6ytoYNdleu7uAKuZAgCdbbxXaiUg=
Subject key identifier: 18:62:F8:23:3E:34:A0:F6:C0:4E:58:BC:E8:92:ED:FD:06:6D:B7:45
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018F52EF78909A348DBBD9E51195C40E728A
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/GGL4Iz40oPbATli86JLt_QZtt0U.roa
Signing time: Tue 07 May 2024 12:02:56 +0000
ROA not before: Tue 07 May 2024 12:02:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 89.49.0.0/21 maxlen: 24
89.50.0.0/16 maxlen: 24
194.97.192.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 09:28:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:ef:78:90:9a:34:8d:bb:d9:e5:11:95:c4:0e:72:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: May 7 12:02:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1862f8233e34a0f6c04e58bce892edfd066db745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:19:d0:d0:10:ea:bb:22:1d:a8:7b:ed:b2:5e:
c8:3a:f8:29:34:cf:82:d1:19:b0:ee:d1:df:cd:99:
1d:a4:1a:74:7e:24:96:d5:2c:3f:77:3e:a1:b3:71:
da:3c:a4:ab:8d:07:2b:23:2d:e7:b6:de:9a:70:96:
3f:1e:dd:b9:b8:49:cf:8a:ae:a6:77:94:e2:77:9c:
62:78:b9:7e:16:8e:08:8d:73:dd:86:ef:a2:ea:fc:
4e:c8:fc:bb:6e:d6:c8:a4:39:51:38:41:56:69:4b:
42:27:25:08:c2:d2:15:03:07:42:e1:09:22:45:2c:
f5:25:2a:ad:4f:ad:d2:49:73:c9:bb:46:7a:00:6e:
de:6f:c8:a9:4d:60:8e:95:22:39:cb:03:ee:8f:29:
66:80:73:52:58:d6:79:14:0d:ee:8f:d8:ae:c8:39:
b9:dd:e5:2a:c3:64:f8:d1:49:24:74:a7:a8:d8:85:
fa:eb:87:09:d7:cd:65:d6:54:e8:04:ad:15:84:60:
56:4f:78:cf:84:c5:25:b9:64:23:4f:a3:1c:1c:35:
d9:c9:7a:4b:99:dd:38:84:29:c8:02:44:22:97:bd:
76:d9:e9:27:5d:74:b9:d0:9d:5c:f6:28:41:0b:dc:
82:c9:ef:ed:3b:7a:83:7b:a1:b8:20:25:dd:29:ac:
21:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:62:F8:23:3E:34:A0:F6:C0:4E:58:BC:E8:92:ED:FD:06:6D:B7:45
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/GGL4Iz40oPbATli86JLt_QZtt0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.49.0.0/21
89.50.0.0/16
194.97.192.0/23
Signature Algorithm: sha256WithRSAEncryption
12:90:cc:dd:e7:82:1f:be:de:0f:f0:dd:52:67:3a:a1:80:9c:
9b:1f:c9:f2:e0:bf:ef:c0:67:b2:24:30:2e:82:0b:47:2b:ce:
12:2c:6d:d8:2a:09:50:dc:8a:cd:ac:5c:60:1e:44:0a:b1:6e:
7b:6b:10:73:b2:a5:b2:0a:f2:37:ec:f2:43:51:e4:3e:9d:2c:
1a:67:bd:39:90:b5:5f:c3:66:43:f0:11:37:0f:72:4e:2b:11:
2e:48:13:29:59:c7:9e:28:76:8e:10:34:56:06:65:41:14:40:
d5:49:58:6b:c1:b6:22:df:6e:66:55:41:d7:41:5a:63:2d:cd:
69:2b:77:a5:38:8b:e7:7c:60:e4:18:ce:58:4d:25:29:14:22:
f9:38:65:2f:cf:43:29:f2:70:20:05:29:df:80:a2:89:01:8d:
a6:67:28:01:94:56:9f:f0:25:f1:35:60:e1:8f:61:bb:22:7c:
a9:7c:8d:14:2a:9f:90:7b:ad:aa:4c:5a:43:b2:4e:b5:d4:d1:
f8:9c:1c:f3:11:1a:8a:ae:a9:a6:0c:57:8f:19:27:a8:4a:82:
cf:70:fe:0c:4d:4e:86:09:53:b3:bc:61:2e:43:ef:03:97:98:
d5:fa:cb:c7:71:84:ef:3c:86:d0:6a:ab:26:95:62:44:09:07:
50:b2:ab:b8
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY9S73iQmjSNu9nlEZXEDnKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNTA3MTIwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODYyZjgyMzNlMzRhMGY2YzA0ZTU4YmNlODkyZWRmZDA2NmRiNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRnQ0BDquyIdqHvtsl7IOvgpNM+C
0Rmw7tHfzZkdpBp0fiSW1Sw/dz6hs3HaPKSrjQcrIy3ntt6acJY/Ht25uEnPiq6m
d5Tid5xieLl+Fo4IjXPdhu+i6vxOyPy7btbIpDlROEFWaUtCJyUIwtIVAwdC4Qki
RSz1JSqtT63SSXPJu0Z6AG7eb8ipTWCOlSI5ywPujylmgHNSWNZ5FA3uj9iuyDm5
3eUqw2T40UkkdKeo2IX664cJ181l1lToBK0VhGBWT3jPhMUluWQjT6McHDXZyXpL
md04hCnIAkQil7122eknXXS50J1c9ihBC9yCye/tO3qDe6G4ICXdKawhSQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFBhi+CM+NKD2wE5YvOiS7f0GbbdFMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvR0dMNEl6NDBvUGJBVGxpODZKTHRfUVp0dDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQDWTEAAwMA
WTIDBAHCYcAwDQYJKoZIhvcNAQELBQADggEBABKQzN3ngh++3g/w3VJnOqGAnJsf
yfLgv+/AZ7IkMC6CC0crzhIsbdgqCVDcis2sXGAeRAqxbntrEHOypbIK8jfs8kNR
5D6dLBpnvTmQtV/DZkPwETcPck4rES5IEylZx54odo4QNFYGZUEUQNVJWGvBtiLf
bmZVQddBWmMtzWkrd6U4i+d8YOQYzlhNJSkUIvk4ZS/PQynycCAFKd+AookBjaZn
KAGUVp/wJfE1YOGPYbsifKl8jRQqn5B7rapMWkOyTrXU0ficHPMRGoquqaYMV48Z
J6hKgs9w/gxNToYJU7O8YS5D7wOXmNX6y8dxhO88htBqqyaVYkQJB1Cyq7g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org