Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b58d51-1ace-490e-8c2e-59208babeb13/1/GWrUWLYt3qGlQcDnQIQ2nstwDZA.roa
File: GWrUWLYt3qGlQcDnQIQ2nstwDZA.roa (raw, json)
Hash identifier: PZ9PMjhKaglI9+YR6h/1BCH2NdGf2CYbkXwrFoRQzZw=
Subject key identifier: 19:6A:D4:58:B6:2D:DE:A1:A5:41:C0:E7:40:84:36:9E:CB:70:0D:90
Certificate issuer: /CN=69d492be3fcf8cc5a859c9048c50fd40bfdb7787
Certificate serial: 0192A0C3268630BD7A4658458BDCC76F5CEB
Authority key identifier: 69:D4:92:BE:3F:CF:8C:C5:A8:59:C9:04:8C:50:FD:40:BF:DB:77:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/adSSvj_PjMWoWckEjFD9QL_bd4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b58d51-1ace-490e-8c2e-59208babeb13/1/GWrUWLYt3qGlQcDnQIQ2nstwDZA.roa
Signing time: Fri 18 Oct 2024 17:53:16 +0000
ROA not before: Fri 18 Oct 2024 17:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49761
IP address blocks: 95.215.76.0/22 maxlen: 22
109.197.39.0/24 maxlen: 24
193.28.226.0/24 maxlen: 24
193.37.140.0/24 maxlen: 24
195.211.8.0/22 maxlen: 22
2001:67c:c90::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a0:c3:26:86:30:bd:7a:46:58:45:8b:dc:c7:6f:5c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69d492be3fcf8cc5a859c9048c50fd40bfdb7787
Validity
Not Before: Oct 18 17:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=196ad458b62ddea1a541c0e74084369ecb700d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:28:0e:64:c8:0f:4c:9e:c8:a1:ff:73:a9:b5:
56:ed:17:98:a3:58:78:16:b9:37:93:72:62:6c:62:
b8:86:7f:95:2a:a8:34:8b:b7:04:14:05:41:6e:1a:
3d:ee:85:78:19:8a:df:29:47:bd:0c:63:66:61:69:
dd:8e:7c:f3:a7:0e:c9:44:6c:b6:4d:4c:3e:0b:cf:
75:25:0c:20:b3:eb:1a:5c:7e:6d:2b:4d:e8:83:db:
14:52:05:c4:59:1b:ad:82:b5:5d:cd:27:37:64:1d:
d4:86:2f:07:3e:62:0a:9c:05:2b:d7:74:cc:b8:d5:
b6:83:96:20:71:31:04:ec:cb:72:06:b4:62:52:05:
21:cf:31:fd:8c:b6:76:30:7d:1d:af:9c:71:66:74:
7c:7f:68:8e:65:c4:8f:c2:db:29:64:ca:c9:80:b6:
be:bb:05:ac:90:8c:0b:a2:cc:cd:ff:c6:c6:f2:f1:
bb:23:7b:80:f9:68:90:28:81:7e:fe:e4:d4:e1:97:
24:2d:ff:5a:2c:3f:13:e0:eb:1e:cc:db:fc:39:c6:
0a:c8:9b:78:49:fe:cc:cd:0d:95:c8:4a:2c:ae:d7:
25:c8:59:4a:ef:e5:42:84:ef:a7:b7:40:05:f0:21:
28:d4:2f:cc:80:dd:da:81:3a:e8:85:60:82:39:6b:
7e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6A:D4:58:B6:2D:DE:A1:A5:41:C0:E7:40:84:36:9E:CB:70:0D:90
X509v3 Authority Key Identifier:
keyid:69:D4:92:BE:3F:CF:8C:C5:A8:59:C9:04:8C:50:FD:40:BF:DB:77:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adSSvj_PjMWoWckEjFD9QL_bd4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b58d51-1ace-490e-8c2e-59208babeb13/1/GWrUWLYt3qGlQcDnQIQ2nstwDZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b58d51-1ace-490e-8c2e-59208babeb13/1/adSSvj_PjMWoWckEjFD9QL_bd4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.76.0/22
109.197.39.0/24
193.28.226.0/24
193.37.140.0/24
195.211.8.0/22
IPv6:
2001:67c:c90::/48
Signature Algorithm: sha256WithRSAEncryption
19:1d:dc:87:71:ca:4e:60:f5:5f:5a:33:92:88:db:98:5a:c8:
61:a5:31:38:64:d9:87:e9:89:80:c9:21:4a:d7:96:fe:50:0f:
10:61:9d:4f:df:ba:44:35:73:8b:1e:01:2a:23:bd:80:0a:b1:
e7:a2:e5:a3:c6:b8:e6:6b:69:ac:8b:ce:7c:13:da:a1:d9:05:
a2:74:cd:cb:27:b5:58:56:cf:4b:7d:a4:5c:d7:d4:f4:50:d7:
be:5b:7c:86:08:77:24:d2:ad:90:0c:74:47:78:7c:2d:a4:2d:
fa:31:53:b2:bf:b6:29:07:48:e9:ce:ba:8d:f0:85:b6:e4:d2:
74:f6:d7:d1:10:5e:90:cb:36:55:6c:2f:56:52:d0:d9:a8:63:
42:5d:d3:90:fe:7f:e8:bb:c9:32:ab:05:a3:a5:5e:10:84:33:
be:b7:6b:46:44:e4:27:6d:de:ea:04:21:bf:cd:a8:76:01:44:
62:57:db:03:f2:f9:c1:89:59:a6:c1:f3:3f:65:34:ec:ec:14:
bf:9d:39:f4:69:db:5d:66:ac:c4:cf:a2:1d:d6:23:a0:1a:7e:
97:6f:03:18:16:1b:02:5c:52:04:73:46:9b:e9:5b:0e:49:3b:
8d:ec:bd:17:43:10:e6:67:6a:a6:0f:a9:55:55:a0:83:4a:c5:
2e:28:0c:f9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZKgwyaGML16RlhFi9zHb1zrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDQ5MmJlM2ZjZjhjYzVhODU5YzkwNDhjNTBmZDQwYmZk
Yjc3ODcwHhcNMjQxMDE4MTc1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZhZDQ1OGI2MmRkZWExYTU0MWMwZTc0MDg0MzY5ZWNiNzAwZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjygOZMgPTJ7Iof9zqbVW7ReYo1h4
Frk3k3JibGK4hn+VKqg0i7cEFAVBbho97oV4GYrfKUe9DGNmYWndjnzzpw7JRGy2
TUw+C891JQwgs+saXH5tK03og9sUUgXEWRutgrVdzSc3ZB3Uhi8HPmIKnAUr13TM
uNW2g5YgcTEE7MtyBrRiUgUhzzH9jLZ2MH0dr5xxZnR8f2iOZcSPwtspZMrJgLa+
uwWskIwLoszN/8bG8vG7I3uA+WiQKIF+/uTU4ZckLf9aLD8T4OsezNv8OcYKyJt4
Sf7MzQ2VyEosrtclyFlK7+VChO+nt0AF8CEo1C/MgN3agTrohWCCOWt+YwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBlq1Fi2Ld6hpUHA50CENp7LcA2QMB8GA1UdIwQY
MBaAFGnUkr4/z4zFqFnJBIxQ/UC/23eHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRTU3ZqX1BqTVdvV2NrRWpGRDlRTF9iZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNThkNTEtMWFjZS00OTBlLThjMmUt
NTkyMDhiYWJlYjEzLzEvR1dyVVdMWXQzcUdsUWNEblFJUTJuc3R3RFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iNThkNTEtMWFjZS00OTBlLThjMmUtNTkyMDhiYWJlYjEz
LzEvYWRTU3ZqX1BqTVdvV2NrRWpGRDlRTF9iZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCX9dMAwQA
bcUnAwQAwRziAwQAwSWMAwQCw9MIMA8EAgACMAkDBwAgAQZ8DJAwDQYJKoZIhvcN
AQELBQADggEBABkd3Idxyk5g9V9aM5KI25hayGGlMThk2YfpiYDJIUrXlv5QDxBh
nU/fukQ1c4seASojvYAKseei5aPGuOZraayLznwT2qHZBaJ0zcsntVhWz0t9pFzX
1PRQ175bfIYIdyTSrZAMdEd4fC2kLfoxU7K/tikHSOnOuo3whbbk0nT219EQXpDL
NlVsL1ZS0NmoY0Jd05D+f+i7yTKrBaOlXhCEM763a0ZE5Cdt3uoEIb/NqHYBRGJX
2wPy+cGJWabB8z9lNOzsFL+dOfRp211mrMTPoh3WI6AafpdvAxgWGwJcUgRzRpvp
Ww5JO43svRdDEOZnaqYPqVVVoINKxS4oDPk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:10 2025 by rpki-client