Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/GxvupScpkhxNHFsK4HJah3Mgt8M.roa
File: GxvupScpkhxNHFsK4HJah3Mgt8M.roa (raw, json)
Hash identifier: L7zbGsMv4zOGCNsSayz6IrOB3h4Svf/AIllEtczsEpw=
Subject key identifier: 1B:1B:EE:A5:27:29:92:1C:4D:1C:5B:0A:E0:72:5A:87:73:20:B7:C3
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018AEA4E13A18BD673D4AB18D82389911A1C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/GxvupScpkhxNHFsK4HJah3Mgt8M.roa
Signing time: Sun 01 Oct 2023 08:14:59 +0000
ROA not before: Sun 01 Oct 2023 08:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
84.234.24.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 05:54:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:4e:13:a1:8b:d6:73:d4:ab:18:d8:23:89:91:1a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 1 08:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b1beea52729921c4d1c5b0ae0725a877320b7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8a:f7:76:ab:78:c3:3d:64:e8:b7:41:3f:54:
ba:41:ed:50:2c:b6:9a:b7:90:b6:59:1a:12:95:11:
3c:af:47:c5:06:92:96:5c:29:58:b4:6f:9c:2d:9d:
4f:98:ff:d2:89:2d:bc:fa:46:53:3a:ad:81:ca:2d:
3a:88:ce:24:8a:51:1f:59:e6:11:1e:96:bd:29:43:
31:3a:4e:42:d5:24:58:fb:32:cd:49:65:8c:e4:a0:
d4:97:8e:8b:aa:10:a8:98:2b:25:03:3d:7e:33:f7:
0e:8a:8a:39:27:4b:8e:46:57:6c:2b:b2:e2:65:52:
54:b7:0c:57:60:db:b7:8e:b3:a0:42:64:eb:f9:8b:
9f:a0:e9:b6:39:99:50:a6:1a:45:08:d1:7a:18:7b:
1e:75:d4:d1:84:a5:79:04:96:41:58:c3:87:6a:d6:
df:24:a0:77:94:87:4b:97:a2:98:52:09:bf:be:0a:
19:e3:4f:92:07:ab:4e:5f:00:76:15:bc:57:65:b6:
72:a4:a4:54:dc:fe:d9:d8:e4:33:91:61:e1:30:be:
1b:f7:62:4e:d9:bc:3e:2d:8f:75:61:d4:a8:ea:a4:
49:95:64:8d:dc:3b:21:ec:af:40:8e:96:da:16:d7:
40:39:cc:7e:37:e0:58:8a:68:9e:da:e9:c9:52:fe:
90:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1B:EE:A5:27:29:92:1C:4D:1C:5B:0A:E0:72:5A:87:73:20:B7:C3
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/GxvupScpkhxNHFsK4HJah3Mgt8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.24.0/22
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
195.133.208.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:b1:d8:38:23:13:fb:c9:68:18:7e:5f:8d:da:34:d2:34:0f:
ac:79:0b:11:22:65:7a:3d:27:d9:d4:5a:7c:02:ae:05:23:9c:
4a:48:49:e2:2c:05:c7:e4:70:e0:3d:ec:f9:bf:77:b2:42:12:
01:bd:38:48:be:36:1e:65:26:13:22:ac:d2:8b:1d:1f:3e:7f:
cf:03:c9:e1:3c:de:5d:29:38:fa:8c:6a:b7:76:53:6d:e4:0c:
5b:2c:67:c0:34:a7:3b:13:6b:93:c4:a3:51:1b:50:3b:03:d4:
f1:e8:55:a1:cb:2e:d8:21:2e:98:73:a1:6d:45:96:d2:f4:90:
42:ea:65:2e:67:64:e0:17:5c:b5:b6:47:88:7e:63:10:2c:9f:
e7:68:77:8e:fc:98:53:00:39:4f:be:a0:b0:e4:cb:5c:9f:1d:
3e:45:5e:9c:1b:f6:c0:25:f3:32:79:3e:c0:47:40:70:51:a5:
31:2f:69:a1:a2:61:8e:c7:ea:94:a8:cd:09:d7:d3:c7:41:a9:
1f:2f:1a:eb:e6:6c:a6:a1:00:c8:68:67:6e:be:6b:e0:bd:09:
b8:53:1d:93:f8:e0:0c:42:c1:42:e6:61:24:40:f1:24:a3:33:
b5:fa:34:42:a3:3e:b5:74:17:53:ee:b3:a4:04:1f:6f:33:7d:
cd:07:0b:20
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrqThOhi9Zz1KsY2COJkRocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDAxMDgxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjFiZWVhNTI3Mjk5MjFjNGQxYzViMGFlMDcyNWE4NzczMjBiN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIr3dqt4wz1k6LdBP1S6Qe1QLLaa
t5C2WRoSlRE8r0fFBpKWXClYtG+cLZ1PmP/SiS28+kZTOq2Byi06iM4kilEfWeYR
Hpa9KUMxOk5C1SRY+zLNSWWM5KDUl46LqhComCslAz1+M/cOioo5J0uORldsK7Li
ZVJUtwxXYNu3jrOgQmTr+YufoOm2OZlQphpFCNF6GHseddTRhKV5BJZBWMOHatbf
JKB3lIdLl6KYUgm/vgoZ40+SB6tOXwB2FbxXZbZypKRU3P7Z2OQzkWHhML4b92JO
2bw+LY91YdSo6qRJlWSN3Dsh7K9AjpbaFtdAOcx+N+BYimie2unJUv6QpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBsb7qUnKZIcTRxbCuByWodzILfDMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvR3h2dXBTY3BraHhOSEZzSzRISmFoM01ndDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVOoYAwQB
wjpAAwQDwlhgAwQBw4XKAwQBw4XQMA0GCSqGSIb3DQEBCwUAA4IBAQArsdg4IxP7
yWgYfl+N2jTSNA+seQsRImV6PSfZ1Fp8Aq4FI5xKSEniLAXH5HDgPez5v3eyQhIB
vThIvjYeZSYTIqzSix0fPn/PA8nhPN5dKTj6jGq3dlNt5AxbLGfANKc7E2uTxKNR
G1A7A9Tx6FWhyy7YIS6Yc6FtRZbS9JBC6mUuZ2TgF1y1tkeIfmMQLJ/naHeO/JhT
ADlPvqCw5Mtcnx0+RV6cG/bAJfMyeT7AR0BwUaUxL2mhomGOx+qUqM0J19PHQakf
Lxrr5mymoQDIaGduvmvgvQm4Ux2T+OAMQsFC5mEkQPEkozO1+jRCoz61dBdT7rOk
BB9vM33NBwsg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org