Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/GdmrA-lxYjJwK6LlaSES1lNnTSY.roa
File: GdmrA-lxYjJwK6LlaSES1lNnTSY.roa (raw, json)
Hash identifier: 86eMQ9jSn0UTAEzVezibH69LbXoa3/BWyaZN26PCUdQ=
Subject key identifier: 19:D9:AB:03:E9:71:62:32:70:2B:A2:E5:69:21:12:D6:53:67:4D:26
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 018571BA07F9ED522D55D4D612FC010F725D
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/GdmrA-lxYjJwK6LlaSES1lNnTSY.roa
Signing time: Mon 02 Jan 2023 09:04:55 +0000
ROA not before: Mon 02 Jan 2023 09:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57664
IP address blocks: 37.16.96.0/20 maxlen: 23
178.213.232.0/21 maxlen: 21
37.16.112.0/20 maxlen: 20
2a00:4cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Jul 2023 12:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:07:f9:ed:52:2d:55:d4:d6:12:fc:01:0f:72:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Jan 2 09:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19d9ab03e9716232702ba2e5692112d653674d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:17:c1:2b:64:5b:8f:00:06:20:bb:d8:58:11:
99:4e:dd:45:ca:1d:12:76:7d:f0:75:3b:eb:c8:c0:
bb:7f:35:e8:01:88:5e:d9:e8:80:55:54:55:54:f6:
66:95:35:71:9d:5a:e6:f1:6a:cd:db:ff:61:f7:5c:
20:a5:fe:d8:1c:89:25:1f:c0:f2:0f:d6:6b:2e:4a:
50:1e:00:b1:ba:4a:31:de:bd:90:82:0f:b4:48:59:
59:3e:f5:ba:c6:68:63:ab:36:67:77:17:f9:b4:3a:
a3:c2:58:7f:63:11:d6:93:d1:bc:d6:80:0b:34:fe:
79:3a:b0:4b:9c:43:02:49:d3:ab:f3:12:e2:1b:0c:
62:19:fd:33:a0:9d:5a:29:ab:1d:14:07:39:db:f6:
e4:35:fc:35:d4:1c:2f:cc:ce:6f:f3:cd:97:b0:ec:
c7:f5:07:25:6b:80:ae:b8:c1:1d:08:5b:fe:c5:22:
68:72:a8:70:41:42:df:5a:97:27:ee:6f:99:7d:3a:
8f:1a:d5:6f:c5:07:4f:2a:5e:52:f3:16:63:60:5e:
f6:47:03:d7:2c:52:81:10:6f:17:9a:b5:ab:df:c9:
5e:7e:09:5f:77:f7:45:c6:8e:3c:17:46:11:ac:ad:
3d:06:c4:21:f9:90:2f:60:0c:15:65:60:a3:e2:e0:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D9:AB:03:E9:71:62:32:70:2B:A2:E5:69:21:12:D6:53:67:4D:26
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/GdmrA-lxYjJwK6LlaSES1lNnTSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc0::/32
Signature Algorithm: sha256WithRSAEncryption
b0:89:59:82:4f:e9:93:5b:c6:4c:a9:cb:74:4b:85:2d:9e:cf:
1c:c4:70:85:60:16:03:c0:71:49:0c:33:cb:ca:66:2d:5e:bd:
1f:1e:d5:eb:a1:dd:db:5f:57:05:36:5e:1b:7f:73:c0:6f:f5:
75:d9:8a:d2:2c:81:ed:81:0e:0f:6e:fb:09:6a:ad:d4:35:90:
f9:49:27:fe:56:0c:3c:c6:d8:d4:9f:41:07:bb:4e:fd:15:6b:
b3:dd:25:91:5e:33:ed:b4:36:d5:df:0a:9d:69:05:eb:1d:73:
18:08:17:fc:3c:f1:ff:1c:ce:d8:4d:3b:c5:29:9d:ba:3b:0e:
0f:ba:a1:30:8c:ee:c0:6a:23:5f:6f:66:68:fb:a9:42:87:dd:
61:98:ff:cb:20:7f:f2:ea:8c:aa:3e:49:8c:db:86:2d:3b:0f:
ad:db:c2:a7:d8:14:69:60:c0:69:28:fb:95:54:82:7c:74:de:
8c:f5:36:35:16:ae:1b:a3:39:04:ae:13:98:1f:8a:60:95:59:
8d:47:47:2b:8c:3d:47:99:f2:d6:fb:e8:6d:53:c4:f8:62:16:
69:08:21:14:08:bf:77:e1:8e:77:03:c7:e6:f7:2e:53:9b:15:
bb:09:38:a5:8c:52:e8:ab:48:ac:fa:b4:d8:17:d9:5c:de:c2:
1c:79:44:a5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxugf57VItVdTWEvwBD3JdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjMwMTAyMDkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ5YWIwM2U5NzE2MjMyNzAyYmEyZTU2OTIxMTJkNjUzNjc0ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBfBK2RbjwAGILvYWBGZTt1Fyh0S
dn3wdTvryMC7fzXoAYhe2eiAVVRVVPZmlTVxnVrm8WrN2/9h91wgpf7YHIklH8Dy
D9ZrLkpQHgCxukox3r2Qgg+0SFlZPvW6xmhjqzZndxf5tDqjwlh/YxHWk9G81oAL
NP55OrBLnEMCSdOr8xLiGwxiGf0zoJ1aKasdFAc52/bkNfw11BwvzM5v882XsOzH
9Qcla4CuuMEdCFv+xSJocqhwQULfWpcn7m+ZfTqPGtVvxQdPKl5S8xZjYF72RwPX
LFKBEG8XmrWr38lefglfd/dFxo48F0YRrK09BsQh+ZAvYAwVZWCj4uC4nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBnZqwPpcWIycCui5WkhEtZTZ00mMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvR2RtckEtbHhZakp3SzZMbGFTRVMxbE5uVFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFJRBgAwQD
stXoMA0EAgACMAcDBQAqAEzAMA0GCSqGSIb3DQEBCwUAA4IBAQCwiVmCT+mTW8ZM
qct0S4Utns8cxHCFYBYDwHFJDDPLymYtXr0fHtXrod3bX1cFNl4bf3PAb/V12YrS
LIHtgQ4PbvsJaq3UNZD5SSf+Vgw8xtjUn0EHu079FWuz3SWRXjPttDbV3wqdaQXr
HXMYCBf8PPH/HM7YTTvFKZ26Ow4PuqEwjO7AaiNfb2Zo+6lCh91hmP/LIH/y6oyq
PkmM24YtOw+t28Kn2BRpYMBpKPuVVIJ8dN6M9TY1Fq4bozkErhOYH4pglVmNR0cr
jD1HmfLW++htU8T4YhZpCCEUCL934Y53A8fm9y5TmxW7CTiljFLoq0is+rTYF9lc
3sIceUSl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org