Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gq3XOk4HycXEAMfB-cfvEnwMeI0.roa
File: gq3XOk4HycXEAMfB-cfvEnwMeI0.roa (raw, json)
Hash identifier: EQVD46UZ/nW8qVZQTS3eWD+piIjBqN5pqtyuz0EOnw8=
Subject key identifier: 82:AD:D7:3A:4E:07:C9:C5:C4:00:C7:C1:F9:C7:EF:12:7C:0C:78:8D
Certificate issuer: /CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Certificate serial: 018E23DE3B530FE419909C060D61D7BFDE6C
Authority key identifier: C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gq3XOk4HycXEAMfB-cfvEnwMeI0.roa
Signing time: Sat 09 Mar 2024 15:39:10 +0000
ROA not before: Sat 09 Mar 2024 15:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59655
IP address blocks: 176.97.156.0/23 maxlen: 23
176.97.156.0/24 maxlen: 24
176.97.157.0/24 maxlen: 24
178.255.202.0/23 maxlen: 23
178.255.202.0/24 maxlen: 24
178.255.203.0/24 maxlen: 24
178.255.204.0/24 maxlen: 24
185.199.12.0/24 maxlen: 24
185.199.13.0/24 maxlen: 24
185.199.14.0/24 maxlen: 24
185.199.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 07:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:23:de:3b:53:0f:e4:19:90:9c:06:0d:61:d7:bf:de:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Validity
Not Before: Mar 9 15:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82add73a4e07c9c5c400c7c1f9c7ef127c0c788d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bb:80:47:35:a4:ac:6c:6e:4a:b9:2c:8f:99:
8a:30:0d:bd:dc:59:44:1b:61:af:81:01:52:bb:2b:
56:95:5f:a7:b6:b5:46:d0:b0:2c:06:e5:ea:01:3c:
4c:1a:2d:7f:af:d3:a6:35:cf:e8:a2:d2:7a:c2:a2:
ef:be:bc:6d:fe:32:5e:6d:18:8a:e0:2f:c4:d6:dd:
cb:f9:b1:f7:dd:50:97:42:cf:24:f2:4c:62:99:a7:
a5:ad:07:08:d3:af:bb:6c:ca:f1:3d:df:4b:ff:5e:
d5:79:a9:20:3c:ec:fb:0a:5e:ee:f8:ab:04:2c:9e:
29:43:c5:7e:52:0e:36:79:30:13:d3:ae:0b:f7:1e:
51:e1:1d:54:92:bf:cf:22:43:84:bb:f4:87:2a:4f:
cf:19:38:71:3c:cd:04:2f:9b:46:0e:40:bc:9a:e6:
1e:7d:02:b3:5e:01:9c:48:43:86:d8:60:9f:2a:c7:
3b:dd:22:f6:37:3f:f4:3d:3b:20:ba:0f:07:69:2c:
7e:a4:80:35:d5:b7:52:76:c3:2d:e5:d6:ef:04:0f:
35:3d:96:67:92:11:d5:43:0e:ff:ba:4a:a6:38:04:
53:6b:ca:ec:cd:46:e8:54:b0:57:e4:b9:60:89:0d:
48:39:e7:1a:aa:d5:20:78:d4:de:33:2a:25:26:51:
d6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AD:D7:3A:4E:07:C9:C5:C4:00:C7:C1:F9:C7:EF:12:7C:0C:78:8D
X509v3 Authority Key Identifier:
keyid:C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gq3XOk4HycXEAMfB-cfvEnwMeI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.156.0/23
178.255.202.0-178.255.204.255
185.199.12.0/22
Signature Algorithm: sha256WithRSAEncryption
63:5f:19:7d:a4:ea:5c:ff:a8:a8:44:8c:63:d2:b8:57:a9:85:
16:30:88:8b:0a:39:5c:73:25:04:78:d2:94:e2:0d:e5:98:a6:
e6:3f:66:01:0e:15:fa:c4:43:44:10:72:90:cb:db:38:64:c4:
01:1b:e9:92:76:e4:12:5b:fa:ae:5a:07:24:86:dc:cc:58:97:
1e:4c:36:28:70:72:d4:57:50:b8:b1:80:3c:51:64:8b:27:15:
53:63:61:41:27:57:72:d6:85:be:5b:bf:ca:6a:cb:84:3a:c0:
7e:2d:ba:80:0e:bd:47:d3:c4:2c:9e:bf:d3:dd:d5:c0:42:c2:
58:be:f9:83:45:90:84:f8:59:c1:ec:7c:14:55:fe:c3:c8:4f:
dd:a8:f5:80:55:33:d5:04:e0:54:c3:be:1f:0e:a6:d7:ff:af:
e0:26:1d:48:d7:d7:7b:98:e8:f9:76:ca:ac:f3:26:95:76:25:
38:dc:4a:94:e4:1c:7e:94:a4:dc:ec:a8:4c:6a:92:60:97:9c:
c5:89:33:70:a5:75:51:a3:e3:c9:39:17:ad:81:d5:a9:df:21:
78:bb:8b:f3:92:33:cd:5e:3a:d1:2c:5a:6b:81:09:cf:e8:c7:
c8:d3:bf:55:fa:62:af:84:31:c4:ae:d7:91:94:da:9c:96:d4:
d8:5e:6f:42
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY4j3jtTD+QZkJwGDWHXv95sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjRiNjllZDRhMjNiN2IzZTA2NzRhM2Y5OTQ2MDFkNzNi
N2JhZmYwHhcNMjQwMzA5MTUzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmFkZDczYTRlMDdjOWM1YzQwMGM3YzFmOWM3ZWYxMjdjMGM3ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbuARzWkrGxuSrksj5mKMA293FlE
G2GvgQFSuytWlV+ntrVG0LAsBuXqATxMGi1/r9OmNc/ootJ6wqLvvrxt/jJebRiK
4C/E1t3L+bH33VCXQs8k8kximaelrQcI06+7bMrxPd9L/17VeakgPOz7Cl7u+KsE
LJ4pQ8V+Ug42eTAT064L9x5R4R1Ukr/PIkOEu/SHKk/PGThxPM0EL5tGDkC8muYe
fQKzXgGcSEOG2GCfKsc73SL2Nz/0PTsgug8HaSx+pIA11bdSdsMt5dbvBA81PZZn
khHVQw7/ukqmOARTa8rszUboVLBX5LlgiQ1IOecaqtUgeNTeMyolJlHWbwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIKt1zpOB8nFxADHwfnH7xJ8DHiNMB8GA1UdIwQY
MBaAFMIktp7Uojt7PgZ0o/mUYB1zt7r/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgt
MTViOTQ0NTc3Yzg2LzEvZ3EzWE9rNEh5Y1hFQU1mQi1jZnZFbndNZUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgtMTViOTQ0NTc3Yzg2
LzEvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBsGGcMAwD
BAGy/8oDBACy/8wDBAK5xwwwDQYJKoZIhvcNAQELBQADggEBAGNfGX2k6lz/qKhE
jGPSuFephRYwiIsKOVxzJQR40pTiDeWYpuY/ZgEOFfrEQ0QQcpDL2zhkxAEb6ZJ2
5BJb+q5aBySG3MxYlx5MNihwctRXULixgDxRZIsnFVNjYUEnV3LWhb5bv8pqy4Q6
wH4tuoAOvUfTxCyev9Pd1cBCwli++YNFkIT4WcHsfBRV/sPIT92o9YBVM9UE4FTD
vh8Optf/r+AmHUjX13uY6Pl2yqzzJpV2JTjcSpTkHH6UpNzsqExqkmCXnMWJM3Cl
dVGj48k5F62B1anfIXi7i/OSM81eOtEsWmuBCc/ox8jTv1X6Yq+EMcSu15GU2pyW
1Nheb0I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:37 2024 by rpki-client on console-fra.rpki-client.org