Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/gbTbLawMZaTWnUHhrBfZKabfGpc.roa
File: gbTbLawMZaTWnUHhrBfZKabfGpc.roa (raw, json)
Hash identifier: 7EH9kv78Damb5GViOwzCpOh2UjxNdHkbENw121ATIV0=
Subject key identifier: 81:B4:DB:2D:AC:0C:65:A4:D6:9D:41:E1:AC:17:D9:29:A6:DF:1A:97
Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Certificate serial: 018BCE7D4308E5EF58778208D8CA02A5220C
Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/gbTbLawMZaTWnUHhrBfZKabfGpc.roa
Signing time: Tue 14 Nov 2023 15:39:57 +0000
ROA not before: Tue 14 Nov 2023 15:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50964
IP address blocks: 194.59.39.0/24 maxlen: 24
91.205.76.0/22 maxlen: 22
194.76.38.0/23 maxlen: 23
194.59.38.0/24 maxlen: 24
194.59.36.0/24 maxlen: 24
194.59.36.0/22 maxlen: 22
194.59.37.0/24 maxlen: 24
2001:67c:2dac::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:7d:43:08:e5:ef:58:77:82:08:d8:ca:02:a5:22:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Validity
Not Before: Nov 14 15:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81b4db2dac0c65a4d69d41e1ac17d929a6df1a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3d:24:53:70:ee:b2:f9:ee:13:61:d3:e4:13:
43:91:3d:f8:7f:fa:43:5d:70:ff:2e:74:f7:73:06:
62:0e:77:ad:b1:f9:89:bd:71:fe:bf:a9:a1:dd:6c:
0c:c4:46:9f:78:4d:01:07:fa:e1:f1:a4:03:57:b7:
10:f4:c1:cd:32:fd:ca:52:40:0b:24:a8:11:2d:9f:
73:d9:5a:c9:8d:fe:96:f9:d2:4c:c7:fd:b3:3b:24:
e0:58:33:b6:4c:5d:d7:d5:c9:02:4b:ae:88:30:5b:
42:06:94:f5:1a:d2:5e:14:02:20:14:e9:c8:44:be:
ca:26:e9:a9:34:5f:83:7b:0b:d2:3e:f5:ec:0e:06:
3f:d1:5f:8d:07:6f:d4:d6:01:fb:f0:ac:7d:8e:00:
e3:be:ad:f9:28:fc:c2:1d:6c:52:a7:e7:27:4c:5d:
24:04:e1:40:24:ba:72:4c:a5:ca:b9:ff:77:02:ed:
12:ae:85:02:2b:f8:ba:22:a1:38:a0:98:29:a8:42:
1e:af:bd:e5:96:ba:25:43:b3:91:23:b9:29:1b:1b:
7f:f5:9a:f6:60:a6:81:23:a6:7d:4f:30:40:65:d1:
37:73:e2:74:54:45:6b:84:ba:35:96:f1:51:20:bf:
66:ce:0b:73:d6:3b:d7:36:23:52:ec:17:95:fb:9d:
be:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B4:DB:2D:AC:0C:65:A4:D6:9D:41:E1:AC:17:D9:29:A6:DF:1A:97
X509v3 Authority Key Identifier:
keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/gbTbLawMZaTWnUHhrBfZKabfGpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.76.0/22
194.59.36.0/22
194.76.38.0/23
IPv6:
2001:67c:2dac::/48
Signature Algorithm: sha256WithRSAEncryption
49:4e:ef:0c:41:9e:61:dd:49:b9:4b:b6:07:f8:79:66:05:28:
d2:87:9c:fe:53:b1:bf:df:7a:13:8f:f4:83:43:ab:5e:4d:88:
a7:66:e1:9b:9d:40:07:c8:53:69:a8:e0:6e:c3:ba:be:a0:93:
2f:3f:16:b2:78:69:18:2b:f0:e3:6b:14:a9:ee:de:80:aa:8d:
f7:10:24:49:27:94:c9:a0:eb:be:cd:62:9b:5c:9d:b3:b8:13:
bd:b2:98:a7:20:f5:05:62:d5:ca:08:e8:64:b6:f5:27:3c:57:
12:3d:6a:80:ce:0a:46:58:51:80:dc:de:7c:0d:44:2c:f9:a8:
b6:1f:bf:c4:ef:cb:20:d4:e3:86:01:af:58:05:9a:d8:7f:6e:
37:b6:26:1a:c0:5f:d0:c0:e9:f0:0c:9b:da:0c:35:c1:72:c9:
a7:01:97:2e:bb:d2:69:27:97:aa:46:06:49:74:2b:12:61:80:
fa:a5:d9:19:cb:ed:12:9f:64:8b:43:79:33:64:fa:4c:0f:79:
e1:c6:da:3e:cb:c8:03:cf:b7:7e:fb:5a:f1:c5:3f:aa:d0:17:
a8:23:7b:7f:4f:02:16:9d:75:66:5c:11:54:03:b5:92:90:5b:
03:a8:e9:ee:0d:39:77:c9:f0:28:68:08:5d:1b:10:c7:5e:d1:
74:e5:81:38
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYvOfUMI5e9Yd4II2MoCpSIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0
YjYxYTgwHhcNMjMxMTE0MTUzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI0ZGIyZGFjMGM2NWE0ZDY5ZDQxZTFhYzE3ZDkyOWE2ZGYxYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz0kU3DusvnuE2HT5BNDkT34f/pD
XXD/LnT3cwZiDnetsfmJvXH+v6mh3WwMxEafeE0BB/rh8aQDV7cQ9MHNMv3KUkAL
JKgRLZ9z2VrJjf6W+dJMx/2zOyTgWDO2TF3X1ckCS66IMFtCBpT1GtJeFAIgFOnI
RL7KJumpNF+DewvSPvXsDgY/0V+NB2/U1gH78Kx9jgDjvq35KPzCHWxSp+cnTF0k
BOFAJLpyTKXKuf93Au0SroUCK/i6IqE4oJgpqEIer73llrolQ7ORI7kpGxt/9Zr2
YKaBI6Z9TzBAZdE3c+J0VEVrhLo1lvFRIL9mzgtz1jvXNiNS7BeV+52+tQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIG02y2sDGWk1p1B4awX2Smm3xqXMB8GA1UdIwQY
MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt
OGQzNGY1NTc4MjJhLzEvZ2JUYkxhd01aYVRXblVIaHJCZlpLYWJmR3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh
LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW81MAwQC
wjskAwQBwkwmMA8EAgACMAkDBwAgAQZ8LawwDQYJKoZIhvcNAQELBQADggEBAElO
7wxBnmHdSblLtgf4eWYFKNKHnP5Tsb/fehOP9INDq15NiKdm4ZudQAfIU2mo4G7D
ur6gky8/FrJ4aRgr8ONrFKnu3oCqjfcQJEknlMmg677NYptcnbO4E72ymKcg9QVi
1coI6GS29Sc8VxI9aoDOCkZYUYDc3nwNRCz5qLYfv8TvyyDU44YBr1gFmth/bje2
JhrAX9DA6fAMm9oMNcFyyacBly670mknl6pGBkl0KxJhgPql2RnL7RKfZItDeTNk
+kwPeeHG2j7LyAPPt377WvHFP6rQF6gje39PAhaddWZcEVQDtZKQWwOo6e4NOXfJ
8ChoCF0bEMde0XTlgTg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net