Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/GMCfyf_-co9D3aTl6HXC1v0Q4OQ.roa
File: GMCfyf_-co9D3aTl6HXC1v0Q4OQ.roa (raw, json)
Hash identifier: OxzMY8n6NLvg0UVY+B6QzLN2tiStFFgN4tOpU5iWodE=
Subject key identifier: 18:C0:9F:C9:FF:FE:72:8F:43:DD:A4:E5:E8:75:C2:D6:FD:10:E0:E4
Certificate issuer: /CN=f32be982060a43734d0ad126ad46da2f395c9def
Certificate serial: 0196ED068819A58D7BB9D3AA240EA6D921EC
Authority key identifier: F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/GMCfyf_-co9D3aTl6HXC1v0Q4OQ.roa
Signing time: Tue 20 May 2025 09:29:10 +0000
ROA not before: Tue 20 May 2025 09:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.37.200.0/22 maxlen: 24
185.37.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 11:34:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:06:88:19:a5:8d:7b:b9:d3:aa:24:0e:a6:d9:21:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f32be982060a43734d0ad126ad46da2f395c9def
Validity
Not Before: May 20 09:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18c09fc9fffe728f43dda4e5e875c2d6fd10e0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:35:50:e8:0f:76:da:57:cf:a7:ed:81:83:63:
c3:0e:bf:14:eb:93:f0:a9:c7:21:88:05:52:79:9f:
0f:0f:09:01:e8:64:57:a4:64:dc:33:ed:9b:de:41:
21:8c:b7:23:42:48:a7:fd:94:42:3c:fd:23:db:5f:
46:61:e2:a6:01:5f:ca:56:5f:03:01:ea:35:6f:e3:
b7:d9:50:dc:71:01:eb:b7:69:45:03:5e:3e:de:3e:
5f:e4:76:b2:60:b1:5c:ff:fb:35:5f:c7:fd:93:47:
40:1f:89:73:25:85:27:50:b8:cb:65:0d:af:5e:2d:
b0:7b:ff:ca:06:2e:ab:46:93:aa:fe:ec:92:b8:ba:
1d:27:9a:5a:5b:66:1d:f2:d9:f1:3f:a9:65:01:be:
82:24:c1:34:98:1a:09:b3:3f:35:bd:8a:31:e4:7d:
69:13:77:2f:4a:0f:9d:c5:a7:51:87:a7:18:ef:b4:
b0:be:ae:61:39:e8:77:10:61:fd:36:0b:df:d3:27:
8e:96:b0:0f:12:5c:a6:fb:78:f9:c7:53:ba:81:0d:
c0:3f:dc:3e:6b:33:27:aa:d0:52:bb:87:63:d8:f5:
d3:e9:c6:ec:f8:0e:60:8a:a9:f6:92:84:a6:00:29:
b1:f8:f5:4a:a7:9a:81:08:ca:3c:97:ee:bd:5b:65:
38:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C0:9F:C9:FF:FE:72:8F:43:DD:A4:E5:E8:75:C2:D6:FD:10:E0:E4
X509v3 Authority Key Identifier:
keyid:F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/GMCfyf_-co9D3aTl6HXC1v0Q4OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.200.0/22
Signature Algorithm: sha256WithRSAEncryption
03:77:b8:a7:d9:9e:5b:49:cf:20:e7:f7:14:7f:00:84:a6:5f:
37:4a:ae:71:fa:10:81:1a:1c:77:98:03:4c:49:59:75:81:76:
b0:fd:39:3e:dc:2e:f6:20:f4:41:39:c8:9f:3d:07:7b:58:89:
c4:eb:41:dd:de:3a:5b:c0:96:6b:5f:49:79:ef:83:64:72:77:
bf:3d:96:60:67:70:d7:9f:c3:0d:d0:3e:ec:20:c0:60:37:2c:
35:a0:50:96:1f:7c:af:94:1e:e6:3b:0a:a6:4b:2c:3f:2d:14:
87:33:c8:be:c8:14:48:d4:d0:f6:5e:f7:37:3f:18:6f:87:c1:
dd:83:52:df:c4:26:89:d5:d1:20:33:f1:fb:45:b7:db:92:fa:
2e:e7:53:66:b7:1e:1d:27:51:04:93:9d:12:85:5a:11:b3:0d:
e9:30:3e:b1:1d:52:53:67:26:dd:bc:ea:3b:a0:95:98:c3:d9:
cc:e4:9d:54:24:43:1f:29:2f:23:ef:29:c9:0d:27:f8:fa:bf:
47:fe:93:6c:bf:f4:fe:e9:c6:49:11:08:ab:ff:18:3a:85:71:
9b:04:f4:ba:6f:9b:e8:40:91:37:3e:37:92:d7:f7:9b:ae:cd:
c8:ac:ab:11:f8:95:47:c7:2e:18:45:72:8f:d4:76:06:61:51:
10:c4:d8:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbtBogZpY17udOqJA6m2SHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMmJlOTgyMDYwYTQzNzM0ZDBhZDEyNmFkNDZkYTJmMzk1
YzlkZWYwHhcNMjUwNTIwMDkyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGMwOWZjOWZmZmU3MjhmNDNkZGE0ZTVlODc1YzJkNmZkMTBlMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTVQ6A922lfPp+2Bg2PDDr8U65Pw
qcchiAVSeZ8PDwkB6GRXpGTcM+2b3kEhjLcjQkin/ZRCPP0j219GYeKmAV/KVl8D
Aeo1b+O32VDccQHrt2lFA14+3j5f5HayYLFc//s1X8f9k0dAH4lzJYUnULjLZQ2v
Xi2we//KBi6rRpOq/uySuLodJ5paW2Yd8tnxP6llAb6CJME0mBoJsz81vYox5H1p
E3cvSg+dxadRh6cY77Swvq5hOeh3EGH9Ngvf0yeOlrAPElym+3j5x1O6gQ3AP9w+
azMnqtBSu4dj2PXT6cbs+A5giqn2koSmACmx+PVKp5qBCMo8l+69W2U47wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjAn8n//nKPQ92k5eh1wtb9EODkMB8GA1UdIwQY
MBaAFPMr6YIGCkNzTQrRJq1G2i85XJ3vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGIt
OTliY2JlNmQ3ZjYzLzEvR01DZnlmXy1jbzlEM2FUbDZIWEMxdjBRNE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGItOTliY2JlNmQ3ZjYz
LzEvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSXIMA0G
CSqGSIb3DQEBCwUAA4IBAQADd7in2Z5bSc8g5/cUfwCEpl83Sq5x+hCBGhx3mANM
SVl1gXaw/Tk+3C72IPRBOcifPQd7WInE60Hd3jpbwJZrX0l574Nkcne/PZZgZ3DX
n8MN0D7sIMBgNyw1oFCWH3yvlB7mOwqmSyw/LRSHM8i+yBRI1ND2Xvc3Pxhvh8Hd
g1LfxCaJ1dEgM/H7Rbfbkvou51Nmtx4dJ1EEk50ShVoRsw3pMD6xHVJTZybdvOo7
oJWYw9nM5J1UJEMfKS8j7ynJDSf4+r9H/pNsv/T+6cZJEQir/xg6hXGbBPS6b5vo
QJE3PjeS1/ebrs3IrKsR+JVHxy4YRXKP1HYGYVEQxNiA
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:18:16 2025 by rpki-client