Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/gR8lszxE97zkKhTMxuHWnN_GSAs.roa
File: gR8lszxE97zkKhTMxuHWnN_GSAs.roa (raw, json)
Hash identifier: QYy3TCamyWKwRYZ3W6tAH7URBmdG1mBP1xRq95Si/IE=
Subject key identifier: 81:1F:25:B3:3C:44:F7:BC:E4:2A:14:CC:C6:E1:D6:9C:DF:C6:48:0B
Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial: 01856EEFE4603808D45740CFE31B82A10D80
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/gR8lszxE97zkKhTMxuHWnN_GSAs.roa
Signing time: Sun 01 Jan 2023 20:04:53 +0000
ROA not before: Sun 01 Jan 2023 20:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57469
IP address blocks: 185.234.101.0/24 maxlen: 24
185.231.228.0/22 maxlen: 22
185.253.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 06 Sep 2023 22:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e4:60:38:08:d4:57:40:cf:e3:1b:82:a1:0d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Validity
Not Before: Jan 1 20:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=811f25b33c44f7bce42a14ccc6e1d69cdfc6480b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ec:bb:d9:d9:1d:1d:6b:20:b6:bd:f6:24:19:
a9:20:8b:ec:ea:99:dc:16:a3:09:69:b6:df:6d:43:
68:b2:10:e4:71:8f:4d:b5:8a:ee:d5:58:f9:71:96:
58:d6:b0:d5:00:cc:55:63:46:ac:f9:81:26:23:8b:
d9:e2:d0:25:88:61:64:fd:ba:3e:14:ed:7d:4f:ac:
f0:c3:5e:9c:7b:36:3b:a5:98:3b:8c:67:0d:97:e4:
7c:c9:90:91:de:90:6b:97:d2:c6:bd:8e:f6:65:7b:
97:b3:84:85:bd:15:a9:92:45:ce:b8:18:61:4c:44:
23:19:d3:c2:a7:99:4c:44:34:b9:21:a8:19:be:84:
a1:4e:e2:21:f8:99:bd:61:c8:9e:d6:e7:c9:02:6e:
6d:43:e8:49:41:53:63:5d:f9:34:c8:60:87:f5:77:
51:61:fc:75:f7:2e:1b:cf:f0:1d:ff:dc:c5:1b:a1:
df:c3:8e:3b:4d:b1:77:7f:50:78:c2:5b:6b:4a:a7:
7c:b3:de:6e:3e:ae:3e:59:64:1f:61:00:c3:43:36:
8d:20:8a:70:fd:1e:43:b9:a8:8a:a4:72:6e:a7:6d:
36:d9:f0:83:33:e0:35:c1:8c:c4:ab:16:0c:62:83:
b7:d5:0d:a7:57:5f:52:20:e8:30:99:7b:d5:3d:1b:
66:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1F:25:B3:3C:44:F7:BC:E4:2A:14:CC:C6:E1:D6:9C:DF:C6:48:0B
X509v3 Authority Key Identifier:
keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/gR8lszxE97zkKhTMxuHWnN_GSAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.228.0/22
185.234.101.0/24
185.253.62.0/23
Signature Algorithm: sha256WithRSAEncryption
51:28:ee:de:09:93:60:ee:b4:87:a2:92:3c:e3:35:88:e4:82:
bd:d0:2c:fa:c1:69:9a:bf:4c:05:47:0a:c9:db:db:14:4b:8e:
1b:91:0d:99:65:07:9b:69:64:3c:98:88:99:de:b4:a7:5f:32:
72:62:6b:6c:2b:e0:32:bb:20:9e:33:49:0a:e4:13:fa:3b:20:
9f:e0:a2:49:ca:51:c7:2e:e4:cd:f2:d0:03:57:0b:0c:20:f0:
49:de:d2:4e:38:0d:92:2e:89:5e:65:d6:4d:f0:87:7a:41:4e:
4e:22:c4:27:41:6f:4e:91:c0:ff:7d:02:4e:fe:55:97:63:0e:
81:ce:80:bc:0f:8d:5e:d8:b6:4c:56:ec:c0:c0:15:68:ed:26:
6b:fc:f5:e1:fd:f3:98:f4:55:e1:0d:5a:24:a4:41:9a:79:da:
0e:26:b5:d2:4c:29:8a:98:cf:d5:46:eb:aa:31:c8:69:ee:7c:
a0:65:04:e2:58:15:17:cd:bd:79:9b:9d:8e:07:2f:70:88:f6:
67:fc:7c:16:50:78:b2:c1:01:68:8f:31:30:37:6d:b0:19:9e:
b3:7d:7b:35:b2:e0:af:51:ca:f5:21:5c:96:51:5e:26:5a:bb:
b0:40:08:b2:41:6d:5d:86:d2:2a:91:2b:5d:9a:49:8f:e6:00:
31:ca:b9:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu7+RgOAjUV0DP4xuCoQ2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjMwMTAxMjAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFmMjViMzNjNDRmN2JjZTQyYTE0Y2NjNmUxZDY5Y2RmYzY0ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApey72dkdHWsgtr32JBmpIIvs6pnc
FqMJabbfbUNoshDkcY9NtYru1Vj5cZZY1rDVAMxVY0as+YEmI4vZ4tAliGFk/bo+
FO19T6zww16cezY7pZg7jGcNl+R8yZCR3pBrl9LGvY72ZXuXs4SFvRWpkkXOuBhh
TEQjGdPCp5lMRDS5IagZvoShTuIh+Jm9Ycie1ufJAm5tQ+hJQVNjXfk0yGCH9XdR
Yfx19y4bz/Ad/9zFG6Hfw447TbF3f1B4wltrSqd8s95uPq4+WWQfYQDDQzaNIIpw
/R5DuaiKpHJup2022fCDM+A1wYzEqxYMYoO31Q2nV19SIOgwmXvVPRtmPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIEfJbM8RPe85CoUzMbh1pzfxkgLMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEvZ1I4bHN6eEU5N3prS2hUTXh1SFduTl9HU0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuefkAwQA
ueplAwQBuf0+MA0GCSqGSIb3DQEBCwUAA4IBAQBRKO7eCZNg7rSHopI84zWI5IK9
0Cz6wWmav0wFRwrJ29sUS44bkQ2ZZQebaWQ8mIiZ3rSnXzJyYmtsK+AyuyCeM0kK
5BP6OyCf4KJJylHHLuTN8tADVwsMIPBJ3tJOOA2SLoleZdZN8Id6QU5OIsQnQW9O
kcD/fQJO/lWXYw6BzoC8D41e2LZMVuzAwBVo7SZr/PXh/fOY9FXhDVokpEGaedoO
JrXSTCmKmM/VRuuqMchp7nygZQTiWBUXzb15m52OBy9wiPZn/HwWUHiywQFojzEw
N22wGZ6zfXs1suCvUcr1IVyWUV4mWruwQAiyQW1dhtIqkStdmkmP5gAxyrn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:49 2024 by rpki-client on console-ams.rpki-client.org