Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gfV2_GYjKk4KHdbXKfRklNhN5w4.roa
File: gfV2_GYjKk4KHdbXKfRklNhN5w4.roa (raw, json)
Hash identifier: PpZG4DMFUIMYQuwiX6ax40zlWAhzaJJbrmHYLkmqlYc=
Subject key identifier: 81:F5:76:FC:66:23:2A:4E:0A:1D:D6:D7:29:F4:64:94:D8:4D:E7:0E
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018871D73FFBB930247E3656A4F1866EAEC2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gfV2_GYjKk4KHdbXKfRklNhN5w4.roa
Signing time: Wed 31 May 2023 12:45:11 +0000
ROA not before: Wed 31 May 2023 12:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 85.133.199.0/24 maxlen: 24
185.41.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 08:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:d7:3f:fb:b9:30:24:7e:36:56:a4:f1:86:6e:ae:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 31 12:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81f576fc66232a4e0a1dd6d729f46494d84de70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:31:b0:75:a2:5b:40:f0:a8:97:e6:6f:bd:
17:9c:70:b7:4d:a2:12:84:71:42:8e:7c:1d:ba:cf:
e2:b4:c1:7f:9c:9d:9e:4a:40:2e:d5:7a:43:df:23:
ba:bc:99:48:fb:b9:2d:d1:97:8a:f4:e4:08:ee:03:
3d:1b:e8:a8:4a:88:3a:b5:33:8d:10:cb:79:50:a0:
a7:38:2b:7c:c0:79:c2:99:8e:69:11:5e:b1:7e:33:
dc:61:f9:ac:61:ce:f6:6f:f4:2e:9c:13:31:5b:cc:
db:2b:69:06:5c:0c:e4:d1:df:3f:d5:13:9b:c0:18:
9b:c0:0b:b5:60:fb:86:4a:cf:c9:d2:da:16:6d:f1:
1a:d2:26:9d:19:90:88:76:02:25:b4:bb:10:5b:7b:
8c:26:2c:24:47:cd:a2:33:6e:d1:fc:43:3f:a3:69:
d3:2f:ae:d7:51:6e:eb:0d:a7:fe:4e:6e:cb:db:62:
70:de:55:b7:02:cb:d8:54:9a:e9:10:63:51:66:65:
e4:53:e0:55:93:fd:d1:61:12:f2:75:b0:83:2d:c3:
40:d2:a3:d0:f5:b6:94:28:1e:fc:7a:49:31:cf:02:
94:b9:1a:a3:f5:38:84:06:c0:62:49:e2:94:0d:19:
62:d6:ea:aa:d3:57:6e:20:5b:fa:a5:fa:08:7b:72:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F5:76:FC:66:23:2A:4E:0A:1D:D6:D7:29:F4:64:94:D8:4D:E7:0E
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gfV2_GYjKk4KHdbXKfRklNhN5w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
185.41.0.0/24
Signature Algorithm: sha256WithRSAEncryption
37:9f:ae:8d:0e:62:82:8c:23:9c:09:94:b9:1d:ba:ff:05:1b:
3b:aa:64:69:25:0a:4b:7e:52:31:79:a5:67:3d:38:26:06:7c:
d6:77:20:f3:d9:51:af:3f:c7:aa:cc:27:ef:37:d3:0a:8c:8f:
d8:b5:2e:86:d3:d3:70:c5:b0:86:fe:6b:15:07:76:9f:79:b6:
47:e5:7d:b5:8e:7e:9a:65:5b:db:3e:dd:a0:ca:54:89:fa:70:
8a:7b:27:50:43:64:9b:2b:a6:54:ec:f8:00:de:6e:5d:61:7d:
51:f0:2e:38:0d:e4:05:18:94:14:68:d4:58:af:a4:06:b3:b1:
14:c7:f6:a3:a2:d1:1a:91:0a:e0:f4:1f:5e:a3:7e:53:35:04:
d0:8b:d5:17:47:b0:d0:d1:89:c4:4d:60:00:8e:d6:a1:98:27:
5a:07:13:7a:f8:c3:7b:c9:c8:46:a7:19:15:b0:86:8c:0e:4b:
81:1d:cb:d8:bc:7e:e7:8d:15:01:f1:d6:f8:0b:79:78:03:0a:
0c:14:3a:c1:4b:ec:2b:7c:e8:f8:b8:3e:ba:9c:52:26:cc:c4:
d6:e6:df:9b:74:06:f3:a9:5f:26:c4:06:80:88:6f:1b:6b:22:
98:84:9c:d4:37:b9:ce:0e:aa:5e:9c:a3:4f:96:0d:6e:39:d8:
69:6d:03:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhx1z/7uTAkfjZWpPGGbq7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTMxMTI0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWY1NzZmYzY2MjMyYTRlMGExZGQ2ZDcyOWY0NjQ5NGQ4NGRlNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLQxsHWiW0DwqJfmb70XnHC3TaIS
hHFCjnwdus/itMF/nJ2eSkAu1XpD3yO6vJlI+7kt0ZeK9OQI7gM9G+ioSog6tTON
EMt5UKCnOCt8wHnCmY5pEV6xfjPcYfmsYc72b/QunBMxW8zbK2kGXAzk0d8/1ROb
wBibwAu1YPuGSs/J0toWbfEa0iadGZCIdgIltLsQW3uMJiwkR82iM27R/EM/o2nT
L67XUW7rDaf+Tm7L22Jw3lW3AsvYVJrpEGNRZmXkU+BVk/3RYRLydbCDLcNA0qPQ
9baUKB78ekkxzwKUuRqj9TiEBsBiSeKUDRli1uqq01duIFv6pfoIe3KT/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIH1dvxmIypOCh3W1yn0ZJTYTecOMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZ2ZWMl9HWWpLazRLSGRiWEtmUmtsTmhONXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXHAwQA
uSkAMA0GCSqGSIb3DQEBCwUAA4IBAQA3n66NDmKCjCOcCZS5Hbr/BRs7qmRpJQpL
flIxeaVnPTgmBnzWdyDz2VGvP8eqzCfvN9MKjI/YtS6G09NwxbCG/msVB3afebZH
5X21jn6aZVvbPt2gylSJ+nCKeydQQ2SbK6ZU7PgA3m5dYX1R8C44DeQFGJQUaNRY
r6QGs7EUx/ajotEakQrg9B9eo35TNQTQi9UXR7DQ0YnETWAAjtahmCdaBxN6+MN7
ychGpxkVsIaMDkuBHcvYvH7njRUB8db4C3l4AwoMFDrBS+wrfOj4uD66nFImzMTW
5t+bdAbzqV8mxAaAiG8bayKYhJzUN7nODqpenKNPlg1uOdhpbQON
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org