Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/gLove0kHEYAJus_0TB9QQmck9VI.roa
File: gLove0kHEYAJus_0TB9QQmck9VI.roa (raw, json)
Hash identifier: 0X4zTgI1xpNNX/pjvntNcPpdodi7V70NCi4rV67xnzo=
Subject key identifier: 80:BA:2F:7B:49:07:11:80:09:BA:CF:F4:4C:1F:50:42:67:24:F5:52
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01944A6017749BD9A277CF631BE9CDA6EB3C
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/gLove0kHEYAJus_0TB9QQmck9VI.roa
Signing time: Thu 09 Jan 2025 09:23:18 +0000
ROA not before: Thu 09 Jan 2025 09:23:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Jan 2025 19:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:60:17:74:9b:d9:a2:77:cf:63:1b:e9:cd:a6:eb:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 9 09:23:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80ba2f7b4907118009bacff44c1f50426724f552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6c:0c:71:73:1f:6f:74:5a:9d:5a:20:7e:60:
f4:3b:32:dd:7a:18:ae:03:c3:19:d9:a0:e0:9c:ae:
f6:10:f5:1d:c4:3f:a5:3e:8c:f8:3a:68:07:24:a2:
30:d6:eb:d9:ce:bd:6a:bb:68:5d:8d:09:a4:01:05:
51:6f:4f:b0:b1:3a:84:12:8b:9c:a8:ef:f9:19:7b:
79:e3:b3:3d:41:15:9f:f5:08:f7:27:b6:86:05:7e:
f3:34:8d:47:a4:a2:38:07:36:62:4f:96:93:67:87:
cc:6d:2e:85:17:c3:ec:df:fc:a0:cb:f8:42:e7:d3:
fe:1b:92:ab:0d:74:e1:62:02:7f:00:c5:ea:c2:25:
06:ff:e8:8a:df:94:e3:4f:90:e6:bb:2f:e7:ac:09:
fe:81:e7:df:19:80:df:c3:09:9f:83:d7:58:69:51:
27:5c:9f:c4:68:34:b6:99:44:e4:b2:16:04:42:24:
d5:fa:3f:e1:85:d1:28:c2:6d:03:7f:26:12:3f:39:
06:13:74:dc:24:3e:6d:0f:e9:6e:01:07:3d:70:2f:
03:f4:15:1b:75:6f:da:f4:5f:00:10:4b:33:1b:e5:
ef:f2:04:02:fd:b4:fe:8f:ca:69:0a:7a:41:20:ee:
f1:98:22:f9:03:04:ec:b3:9b:3d:dd:21:4b:25:7a:
18:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BA:2F:7B:49:07:11:80:09:BA:CF:F4:4C:1F:50:42:67:24:F5:52
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/gLove0kHEYAJus_0TB9QQmck9VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.141.0/24
IPv6:
2a01:e943::/48
2a01:e945::/48
Signature Algorithm: sha256WithRSAEncryption
bd:1b:73:38:cc:54:05:77:32:55:1a:86:fe:c7:db:65:2e:1a:
74:b9:03:28:0a:94:55:f9:20:33:e1:ba:0f:6b:44:13:1a:c2:
11:29:f7:aa:1d:6b:39:77:70:e7:26:6d:06:74:85:d7:3f:22:
40:f5:ab:39:e7:d6:af:08:fc:6c:a2:19:f7:bb:31:0d:ba:e1:
30:cd:bf:8f:81:61:c6:82:ee:62:bc:1e:0f:42:ee:3d:b2:9b:
67:4b:be:b1:9c:7b:5c:3d:01:ee:9e:c4:b3:ae:a9:90:32:f3:
d7:24:66:28:a0:00:ee:f2:2c:e0:8a:a1:e2:b8:2e:64:1c:9b:
48:fd:86:7d:d6:c3:08:68:06:cf:d6:54:69:62:de:93:2f:6e:
9f:8b:18:39:c2:15:57:45:2c:82:c3:14:d5:7a:9e:78:19:06:
d0:4f:dc:81:09:5d:73:63:fe:30:e6:b2:f0:bb:a9:b7:a7:40:
e3:9f:a5:eb:93:a2:f8:f2:ce:bd:de:7a:de:ff:b3:8d:94:15:
81:5f:0e:d1:19:2a:e1:32:28:53:e5:d3:9a:2f:45:b2:0b:c5:
bc:ce:1a:7a:8f:d2:ad:99:be:18:bc:ad:0f:b2:15:f8:fb:17:
ef:73:32:02:06:65:cc:67:4f:84:41:16:82:ae:ff:d8:7f:41:
23:ed:d4:4d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRKYBd0m9mid89jG+nNpus8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTA5MDkyMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJhMmY3YjQ5MDcxMTgwMDliYWNmZjQ0YzFmNTA0MjY3MjRmNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2wMcXMfb3RanVogfmD0OzLdehiu
A8MZ2aDgnK72EPUdxD+lPoz4OmgHJKIw1uvZzr1qu2hdjQmkAQVRb0+wsTqEEouc
qO/5GXt547M9QRWf9Qj3J7aGBX7zNI1HpKI4BzZiT5aTZ4fMbS6FF8Ps3/ygy/hC
59P+G5KrDXThYgJ/AMXqwiUG/+iK35TjT5Dmuy/nrAn+geffGYDfwwmfg9dYaVEn
XJ/EaDS2mUTkshYEQiTV+j/hhdEowm0DfyYSPzkGE3TcJD5tD+luAQc9cC8D9BUb
dW/a9F8AEEszG+Xv8gQC/bT+j8ppCnpBIO7xmCL5AwTss5s93SFLJXoYqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIC6L3tJBxGACbrP9EwfUEJnJPVSMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvZ0xvdmUwa0hFWUFKdXNfMFRCOVFRbWNrOVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAAjsWAwQA
1GiNMBgEAgACMBIDBwAqAelDAAADBwAqAelFAAAwDQYJKoZIhvcNAQELBQADggEB
AL0bczjMVAV3MlUahv7H22UuGnS5AygKlFX5IDPhug9rRBMawhEp96odazl3cOcm
bQZ0hdc/IkD1qznn1q8I/GyiGfe7MQ264TDNv4+BYcaC7mK8Hg9C7j2ym2dLvrGc
e1w9Ae6exLOuqZAy89ckZiigAO7yLOCKoeK4LmQcm0j9hn3WwwhoBs/WVGli3pMv
bp+LGDnCFVdFLILDFNV6nngZBtBP3IEJXXNj/jDmsvC7qbenQOOfpeuTovjyzr3e
et7/s42UFYFfDtEZKuEyKFPl05ovRbILxbzOGnqP0q2Zvhi8rQ+yFfj7F+9zMgIG
ZcxnT4RBFoKu/9h/QSPt1E0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:45:26 2025 by rpki-client