Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/_GNvGl8IILa8pTkRa5_Ieg4yDhM.roa
File: _GNvGl8IILa8pTkRa5_Ieg4yDhM.roa (raw, json)
Hash identifier: YHecsAa7htHpPlwsCgS/VIBk78BshIyQnsBwQ3izEHY=
Subject key identifier: FC:63:6F:1A:5F:08:20:B6:BC:A5:39:11:6B:9F:C8:7A:0E:32:0E:13
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019422FB690401BF1E8109B413CDF80F2B6B
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/_GNvGl8IILa8pTkRa5_Ieg4yDhM.roa
Signing time: Wed 01 Jan 2025 17:48:09 +0000
ROA not before: Wed 01 Jan 2025 17:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215402
IP address blocks: 45.150.66.0/24 maxlen: 24
138.124.181.0/24 maxlen: 24
2a0e:4005:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 Jan 2025 14:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:69:04:01:bf:1e:81:09:b4:13:cd:f8:0f:2b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 17:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc636f1a5f0820b6bca539116b9fc87a0e320e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:24:d4:9a:a4:3a:aa:55:6d:5f:41:69:a4:
20:e9:48:3a:c7:68:bf:11:c7:ff:61:5f:a4:60:7e:
e2:12:d8:3a:35:72:56:79:cb:2a:ef:55:48:d8:55:
e1:94:67:27:cf:fd:3f:f9:b6:65:54:04:cc:47:61:
9c:9a:ca:0a:7b:47:a3:84:5c:cb:d7:1c:cb:81:9d:
12:0c:c1:b7:62:5a:30:30:89:f0:8f:36:97:fe:f1:
80:cc:fb:88:37:99:b9:06:43:f8:93:88:1c:0d:c5:
29:7e:5d:f5:21:99:12:bf:fc:1b:8c:bc:0f:85:21:
f4:28:26:56:38:7d:a0:0d:40:7e:b4:57:9e:6f:83:
ee:85:1a:a6:64:d4:46:20:f5:2f:89:e8:05:a0:c8:
35:d4:31:7a:39:45:c1:dd:49:5f:20:7a:8a:7b:b0:
d4:ce:1c:23:66:01:b5:9d:61:ba:96:86:ea:04:5b:
46:a7:d1:22:64:71:b0:54:d3:9f:a9:2e:af:0d:8e:
f5:e1:77:7c:30:9e:26:52:81:68:f1:49:b3:56:ac:
2e:fe:c6:04:56:4b:2b:6d:9b:a3:27:57:77:c4:93:
4f:fa:d5:3d:1b:de:ca:33:c8:56:91:d1:8e:22:b6:
8e:fe:c1:93:fd:c5:45:58:3b:34:2e:5f:7d:69:c2:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:63:6F:1A:5F:08:20:B6:BC:A5:39:11:6B:9F:C8:7A:0E:32:0E:13
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/_GNvGl8IILa8pTkRa5_Ieg4yDhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.66.0/24
138.124.181.0/24
IPv6:
2a0e:4005:1000::/48
Signature Algorithm: sha256WithRSAEncryption
d2:45:06:12:69:6c:20:df:67:3e:d3:49:67:91:26:e8:c6:98:
61:fe:be:70:62:bf:02:42:7f:bb:39:cc:5e:f3:e9:b9:6d:f0:
ce:f6:46:db:ff:c2:ab:0b:55:1f:50:7d:43:08:8b:cd:47:6d:
3f:c6:bd:3c:82:63:45:f2:1b:11:23:87:33:9a:98:d6:24:51:
5a:9d:f7:a7:bd:c6:00:44:38:bc:26:01:15:74:c6:97:57:ba:
66:78:74:e0:1a:ea:3e:60:89:67:ad:6c:8b:82:80:94:d7:22:
1c:9f:4a:7e:9f:e7:d9:21:4a:4b:16:44:65:ee:9c:50:39:a8:
05:62:cc:46:05:e6:43:6a:19:5d:95:82:f2:48:be:a1:0b:a3:
6f:68:23:a3:c3:75:97:35:e8:b2:34:5c:67:0b:87:17:50:a1:
ed:c5:1f:b5:75:e2:47:85:c0:ad:62:14:78:b7:78:19:79:93:
0c:d5:e0:39:6a:05:be:94:bb:4c:ba:74:49:0b:73:8e:13:8b:
5f:cb:9b:48:bb:b9:71:12:bd:21:e8:d9:bc:dc:56:5e:1c:ef:
73:6e:be:5f:f8:b0:fc:6c:d0:da:42:04:02:a1:4b:cb:84:45:
84:15:34:5f:f5:49:75:a0:58:8c:73:ca:a4:c4:c9:19:f4:24:
94:e7:2b:5b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQi+2kEAb8egQm0E834DytrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTAxMTc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzYzNmYxYTVmMDgyMGI2YmNhNTM5MTE2YjlmYzg3YTBlMzIwZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSwk1JqkOqpVbV9BaaQg6Ug6x2i/
Ecf/YV+kYH7iEtg6NXJWecsq71VI2FXhlGcnz/0/+bZlVATMR2GcmsoKe0ejhFzL
1xzLgZ0SDMG3YlowMInwjzaX/vGAzPuIN5m5BkP4k4gcDcUpfl31IZkSv/wbjLwP
hSH0KCZWOH2gDUB+tFeeb4PuhRqmZNRGIPUviegFoMg11DF6OUXB3UlfIHqKe7DU
zhwjZgG1nWG6lobqBFtGp9EiZHGwVNOfqS6vDY714Xd8MJ4mUoFo8UmzVqwu/sYE
VksrbZujJ1d3xJNP+tU9G97KM8hWkdGOIraO/sGT/cVFWDs0Ll99acLjzwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPxjbxpfCCC2vKU5EWufyHoOMg4TMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvX0dOdkdsOElJTGE4cFRrUmE1X0llZzR5RGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALZZCAwQA
iny1MA8EAgACMAkDBwAqDkAFEAAwDQYJKoZIhvcNAQELBQADggEBANJFBhJpbCDf
Zz7TSWeRJujGmGH+vnBivwJCf7s5zF7z6blt8M72Rtv/wqsLVR9QfUMIi81HbT/G
vTyCY0XyGxEjhzOamNYkUVqd96e9xgBEOLwmARV0xpdXumZ4dOAa6j5giWetbIuC
gJTXIhyfSn6f59khSksWRGXunFA5qAVizEYF5kNqGV2VgvJIvqELo29oI6PDdZc1
6LI0XGcLhxdQoe3FH7V14keFwK1iFHi3eBl5kwzV4DlqBb6Uu0y6dEkLc44Ti1/L
m0i7uXESvSHo2bzcVl4c73Nuvl/4sPxs0NpCBAKhS8uERYQVNF/1SXWgWIxzyqTE
yRn0JJTnK1s=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:27:38 2025 by rpki-client