Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/GA-HYHtZMtXv92tIA3hNh5XKomo.roa
File: GA-HYHtZMtXv92tIA3hNh5XKomo.roa (raw, json)
Hash identifier: xWhcdYVNm37q6JV1WzDwysW0aFvD3pQWsxJmOJfiUQw=
Subject key identifier: 18:0F:87:60:7B:59:32:D5:EF:F7:6B:48:03:78:4D:87:95:CA:A2:6A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0188A6773C1B112F4B04CF072A9D32C430E8
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/GA-HYHtZMtXv92tIA3hNh5XKomo.roa
Signing time: Sat 10 Jun 2023 18:00:11 +0000
ROA not before: Sat 10 Jun 2023 18:00:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201703
IP address blocks: 85.133.174.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a6:77:3c:1b:11:2f:4b:04:cf:07:2a:9d:32:c4:30:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 10 18:00:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=180f87607b5932d5eff76b4803784d8795caa26a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:96:4d:8d:f6:68:aa:6e:53:0f:b0:86:15:b4:
53:f1:e9:da:b6:c0:7a:79:2a:fd:70:ec:0c:21:67:
6f:c8:4e:d4:77:3e:fb:cd:3d:37:70:de:72:af:d9:
d1:37:a6:c5:a0:60:10:3d:b3:11:47:14:42:79:77:
03:bb:98:28:6b:c5:df:21:03:a7:d1:76:9f:cd:3c:
d3:48:fa:ac:63:09:a9:e2:c0:5d:72:9a:6b:ec:60:
87:b0:34:5c:63:dd:88:6f:65:87:8b:25:df:e4:ff:
ad:f8:40:52:b4:e1:2d:d3:b4:96:54:36:73:59:e1:
87:9a:70:d5:7c:35:70:75:d3:10:b0:9c:63:10:8d:
10:26:56:27:e5:b6:b6:d4:52:95:4d:61:8c:94:aa:
79:6b:68:2b:7d:c2:14:ab:2f:45:2d:9d:bc:17:74:
b2:d9:19:15:7a:8f:88:e7:ad:d4:da:93:75:a6:a3:
24:81:02:e0:f6:d7:e3:36:5c:89:91:3f:58:da:b0:
82:5c:72:ad:0f:c0:6e:ea:da:e2:3c:2d:82:ea:4f:
0b:e4:d6:c0:a5:8d:40:5e:c4:7d:e8:51:ee:c2:b8:
8c:69:1d:a1:22:66:fe:4a:fd:25:1e:7a:dd:d3:93:
9d:ff:98:27:75:70:04:d3:59:05:35:30:99:74:ef:
4a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0F:87:60:7B:59:32:D5:EF:F7:6B:48:03:78:4D:87:95:CA:A2:6A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/GA-HYHtZMtXv92tIA3hNh5XKomo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.174.0/24
85.133.227.0/24
85.133.234.0/24
185.41.1.0-185.41.3.255
Signature Algorithm: sha256WithRSAEncryption
a7:51:16:4a:dd:52:47:49:c7:d9:1e:28:af:88:e7:ff:8c:02:
a5:84:96:e3:8c:f6:3a:39:24:0f:b4:e7:e4:ac:9c:eb:8e:6b:
7b:81:77:36:1c:4d:61:b7:27:e5:8c:71:f7:60:eb:4f:d0:39:
e8:6e:cf:66:67:28:a2:6e:8c:34:38:0d:c0:84:f0:d8:99:64:
c3:09:9d:4c:49:24:b1:08:70:2b:f8:cb:eb:1c:be:d9:96:d2:
28:de:97:96:01:c0:eb:2a:82:1a:b6:9b:b1:f7:e6:3d:ec:71:
f2:ba:9b:09:91:e8:87:06:58:8b:25:ce:85:ba:6f:ae:d8:e8:
24:5d:f3:be:8f:85:da:ca:5c:5a:5b:d8:20:c1:b0:2d:1a:af:
b6:59:0a:4b:18:f2:26:c2:6d:3e:38:a6:f9:11:2b:b8:29:2b:
d6:70:ff:96:f8:75:14:e5:9a:a1:6c:7f:66:b0:2a:fb:5c:d3:
63:d3:ae:1c:fa:4c:14:ee:cb:ae:51:f9:aa:30:32:12:28:9d:
2e:c0:5e:6d:59:98:5e:77:f4:0b:3e:6c:31:ef:55:45:5b:f2:
7f:15:7f:6d:5c:ef:e8:0c:06:31:92:94:fb:85:b8:03:3d:45:
47:79:bc:fe:61:89:69:1f:a9:b3:8b:cb:66:4c:98:34:e4:e9:
4f:93:95:2e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYimdzwbES9LBM8HKp0yxDDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNjEwMTgwMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODBmODc2MDdiNTkzMmQ1ZWZmNzZiNDgwMzc4NGQ4Nzk1Y2FhMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ZNjfZoqm5TD7CGFbRT8enatsB6
eSr9cOwMIWdvyE7Udz77zT03cN5yr9nRN6bFoGAQPbMRRxRCeXcDu5goa8XfIQOn
0XafzTzTSPqsYwmp4sBdcppr7GCHsDRcY92Ib2WHiyXf5P+t+EBStOEt07SWVDZz
WeGHmnDVfDVwddMQsJxjEI0QJlYn5ba21FKVTWGMlKp5a2grfcIUqy9FLZ28F3Sy
2RkVeo+I563U2pN1pqMkgQLg9tfjNlyJkT9Y2rCCXHKtD8Bu6triPC2C6k8L5NbA
pY1AXsR96FHuwriMaR2hImb+Sv0lHnrd05Od/5gndXAE01kFNTCZdO9K5QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBgPh2B7WTLV7/drSAN4TYeVyqJqMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvR0EtSFlIdFpNdFh2OTJ0SUEzaE5oNVhLb21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVYWuAwQA
VYXjAwQAVYXqMAwDBAC5KQEDBAK5KQAwDQYJKoZIhvcNAQELBQADggEBAKdRFkrd
UkdJx9keKK+I5/+MAqWEluOM9jo5JA+05+SsnOuOa3uBdzYcTWG3J+WMcfdg60/Q
Oehuz2ZnKKJujDQ4DcCE8NiZZMMJnUxJJLEIcCv4y+scvtmW0ijel5YBwOsqghq2
m7H35j3scfK6mwmR6IcGWIslzoW6b67Y6CRd876PhdrKXFpb2CDBsC0ar7ZZCksY
8ibCbT44pvkRK7gpK9Zw/5b4dRTlmqFsf2awKvtc02PTrhz6TBTuy65R+aowMhIo
nS7AXm1ZmF539As+bDHvVUVb8n8Vf21c7+gMBjGSlPuFuAM9RUd5vP5hiWkfqbOL
y2ZMmDTk6U+TlS4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-fra.rpki-client.org