Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ga_ZUGdOpmUBk8V7RF_AAMfME-4.roa
File: ga_ZUGdOpmUBk8V7RF_AAMfME-4.roa (raw, json)
Hash identifier: qEfHDQ87tOqdxY7GiXLETIdFQFVMBMDy/MSx2R4z+6Q=
Subject key identifier: 81:AF:D9:50:67:4E:A6:65:01:93:C5:7B:44:5F:C0:00:C7:CC:13:EE
Certificate issuer: /CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Certificate serial: 01856D4ACB86598E9ABACFB15F487944FE00
Authority key identifier: 6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ga_ZUGdOpmUBk8V7RF_AAMfME-4.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57479
IP address blocks: 176.124.228.0/24 maxlen: 24
176.124.230.0/24 maxlen: 24
176.124.229.0/24 maxlen: 24
194.60.252.0/24 maxlen: 24
2001:67c:11a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Nov 2023 15:37:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:cb:86:59:8e:9a:ba:cf:b1:5f:48:79:44:fe:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81afd950674ea6650193c57b445fc000c7cc13ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ad:b1:0a:73:e7:05:8c:9a:02:98:1d:8a:22:
1d:f0:bb:a5:d4:2e:1d:61:29:e9:9b:43:ed:ab:05:
2b:b7:6a:cf:e7:1f:3d:f8:39:b3:ef:e7:21:7b:4f:
cb:50:ef:f0:4e:c5:c4:27:a3:a7:7d:e9:7b:cd:9b:
e4:95:6d:cf:48:d2:10:89:5a:1b:cb:0b:c4:16:f6:
3f:72:26:e9:f9:f5:98:23:c4:b5:ff:ed:80:56:ab:
b6:94:32:e8:cd:a3:d7:45:12:38:72:73:ef:55:d1:
a9:de:fc:b6:39:bd:93:3b:02:42:a1:77:2e:ad:e8:
17:24:39:6b:3c:d2:a1:9c:a7:1e:82:f8:aa:37:d8:
29:96:30:f0:f5:39:3a:6c:fd:b6:f8:09:5d:31:77:
9f:ff:34:fc:d7:3a:99:26:bd:cc:44:34:6f:cd:5d:
09:72:27:7f:cd:6b:bd:37:7b:da:9e:c9:40:b5:9b:
9c:fa:83:e6:a9:16:3d:82:55:09:bb:c2:44:19:81:
91:26:21:b6:5c:d4:49:7f:5b:6d:2c:64:46:28:4f:
06:12:fe:6a:e1:92:72:04:18:1a:d7:30:cf:f6:22:
d2:7a:e3:0a:2c:0a:1c:ce:70:19:6d:14:63:06:03:
3d:a6:b7:c3:26:6a:1b:33:20:8a:e6:57:8f:1f:b9:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AF:D9:50:67:4E:A6:65:01:93:C5:7B:44:5F:C0:00:C7:CC:13:EE
X509v3 Authority Key Identifier:
keyid:6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ga_ZUGdOpmUBk8V7RF_AAMfME-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.228.0-176.124.230.255
194.60.252.0/24
IPv6:
2001:67c:11a0::/48
Signature Algorithm: sha256WithRSAEncryption
63:f3:b0:e3:d9:1a:47:ca:52:44:c3:61:69:d2:f2:db:ef:ff:
6f:6b:bf:aa:97:4b:1a:c0:85:90:09:b3:10:2a:1a:4a:8d:48:
a9:ef:11:7c:ce:94:f7:41:7d:e9:b6:a5:fa:3d:7b:a1:8e:c0:
aa:3a:98:a7:6e:4b:97:39:f5:7e:50:b9:40:9d:c1:fd:c7:a2:
8f:c1:65:50:f0:6f:fe:39:09:55:a9:e2:05:6b:27:7a:06:e4:
7f:51:56:93:83:12:83:4f:f9:97:2d:91:a5:58:9e:1c:4d:f4:
9e:9a:68:94:53:1d:73:f5:9f:ef:17:6a:64:98:82:fa:58:3b:
b2:52:e4:09:79:51:ce:c9:ab:83:38:3d:08:1c:5b:bf:3a:a7:
d4:8a:50:4a:80:cc:00:5e:6b:25:46:7d:fc:13:8c:74:fa:33:
22:67:44:13:78:51:e3:1a:80:7b:31:d4:27:1c:71:d9:f2:68:
4a:7d:9a:ba:f2:0a:dd:a3:9c:90:7e:8f:cb:3e:ea:05:16:6a:
6b:e8:19:37:0a:a1:b5:32:67:3e:fd:b6:cf:b4:56:0c:9c:b2:
61:aa:11:ca:35:3c:4f:a6:ea:db:29:97:46:72:5e:3f:5e:a6:
2a:fd:23:56:63:79:81:da:b9:92:e5:ea:83:b0:e5:37:31:52:
c0:64:75:56
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVtSsuGWY6aus+xX0h5RP4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMzY2ZmRmY2FhMjBlODBlOGJmYzMzMGE0ZDhiMWJlN2Rl
NmExZDAwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFmZDk1MDY3NGVhNjY1MDE5M2M1N2I0NDVmYzAwMGM3Y2MxM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga2xCnPnBYyaApgdiiId8Lul1C4d
YSnpm0PtqwUrt2rP5x89+Dmz7+che0/LUO/wTsXEJ6Onfel7zZvklW3PSNIQiVob
ywvEFvY/cibp+fWYI8S1/+2AVqu2lDLozaPXRRI4cnPvVdGp3vy2Ob2TOwJCoXcu
regXJDlrPNKhnKcegviqN9gpljDw9Tk6bP22+AldMXef/zT81zqZJr3MRDRvzV0J
cid/zWu9N3vanslAtZuc+oPmqRY9glUJu8JEGYGRJiG2XNRJf1ttLGRGKE8GEv5q
4ZJyBBga1zDP9iLSeuMKLAocznAZbRRjBgM9prfDJmobMyCK5lePH7mvRwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFIGv2VBnTqZlAZPFe0RfwADHzBPuMB8GA1UdIwQY
MBaAFGo2b9/Kog6A6L/DMKTYsb595qHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgt
MDU1NTljMWY1OTE1LzEvZ2FfWlVHZE9wbVVCazhWN1JGX0FBTWZNRS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgtMDU1NTljMWY1OTE1
LzEvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAKwfOQD
BACwfOYDBADCPPwwDwQCAAIwCQMHACABBnwRoDANBgkqhkiG9w0BAQsFAAOCAQEA
Y/Ow49kaR8pSRMNhadLy2+//b2u/qpdLGsCFkAmzECoaSo1Iqe8RfM6U90F96bal
+j17oY7AqjqYp25Llzn1flC5QJ3B/ceij8FlUPBv/jkJVaniBWsnegbkf1FWk4MS
g0/5ly2RpVieHE30nppolFMdc/Wf7xdqZJiC+lg7slLkCXlRzsmrgzg9CBxbvzqn
1IpQSoDMAF5rJUZ9/BOMdPozImdEE3hR4xqAezHUJxxx2fJoSn2auvIK3aOckH6P
yz7qBRZqa+gZNwqhtTJnPv22z7RWDJyyYaoRyjU8T6bq2ymXRnJeP16mKv0jVmN5
gdq5kuXqg7DlNzFSwGR1Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org