Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/gTAAWmQHS3TCzrTvp6nfveDawdg.roa
File: gTAAWmQHS3TCzrTvp6nfveDawdg.roa (raw, json)
Hash identifier: aTGYjRT6PeYHXsEj7Bf0tMMwgWTEh0cCvb0nUnQyROI=
Subject key identifier: 81:30:00:5A:64:07:4B:74:C2:CE:B4:EF:A7:A9:DF:BD:E0:DA:C1:D8
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112465461D149122B7C09ABE8BFF4E18B
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/gTAAWmQHS3TCzrTvp6nfveDawdg.roa
Signing time: Fri 02 Aug 2024 08:48:04 +0000
ROA not before: Fri 02 Aug 2024 08:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214823
IP address blocks: 84.247.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:46:54:61:d1:49:12:2b:7c:09:ab:e8:bf:f4:e1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8130005a64074b74c2ceb4efa7a9dfbde0dac1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b2:c1:62:63:49:1d:ad:08:33:3e:71:cf:2f:
25:bb:93:b5:1c:ef:64:d5:d6:d1:47:88:85:f2:35:
f4:b2:40:aa:69:53:26:c6:2c:fe:90:7d:5b:b6:c0:
7b:52:dd:60:57:86:80:cf:36:0f:45:2f:54:0d:8d:
e9:a9:49:50:e6:2b:61:c8:39:c3:a4:cf:73:c4:9a:
9c:76:6c:e7:6a:c5:ac:6c:97:99:c4:38:95:9b:dc:
6a:fe:b2:85:70:5f:73:0c:f2:56:67:96:8c:98:61:
26:83:1f:eb:ce:c7:b8:cc:36:cb:43:01:f4:19:74:
33:c5:74:a5:a5:13:eb:5d:91:47:4b:92:44:77:74:
e1:f2:d6:ac:f5:03:f0:68:be:77:f5:1f:aa:2d:81:
72:e1:5a:a0:a0:3b:8c:9e:54:96:c0:da:79:9a:11:
01:cf:fb:8a:85:c3:ee:01:7c:3c:3e:3f:46:d7:1b:
84:18:f1:48:94:e8:bb:88:0b:14:88:cb:a8:14:64:
07:0d:c2:f2:04:04:18:12:91:fe:48:94:db:ae:3f:
1d:39:c2:eb:d5:90:38:af:27:d9:4e:26:de:48:35:
d0:5e:0e:d9:4d:a7:4d:79:69:cd:d5:85:79:da:2f:
2b:5f:24:a3:a2:3b:81:b5:df:f5:b7:4e:aa:d5:45:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:30:00:5A:64:07:4B:74:C2:CE:B4:EF:A7:A9:DF:BD:E0:DA:C1:D8
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/gTAAWmQHS3TCzrTvp6nfveDawdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.20.0/24
Signature Algorithm: sha256WithRSAEncryption
32:18:c4:75:9a:65:fb:8b:31:83:f8:7e:dc:3b:eb:62:df:8e:
5b:9d:78:77:fc:46:e6:51:88:97:15:65:e3:84:b8:17:7c:a0:
4b:8d:92:03:22:49:dd:2a:74:cc:df:01:91:8c:db:93:c0:05:
4c:59:e0:a1:94:14:03:64:84:8c:65:c3:b5:91:0a:e5:12:ef:
05:76:b5:39:66:c8:b6:9d:e0:ba:bb:4c:2d:a5:d2:29:f0:41:
f7:c6:97:ef:1b:cd:79:d5:f9:87:d6:44:51:f9:5c:55:5d:95:
fa:a4:f3:c7:f0:8b:a4:b1:ea:05:9f:45:62:c0:25:1e:b1:59:
e2:41:91:0c:e7:03:6c:fa:a7:93:28:06:51:db:17:7e:9a:8b:
aa:5d:f7:5b:ac:df:ed:ff:d4:5d:35:61:dc:25:0d:31:32:e5:
97:ee:eb:2a:2b:2d:16:d6:9f:b6:88:40:75:24:bb:07:13:d2:
a5:f4:28:83:97:19:7b:d9:4c:0b:73:08:7c:b5:81:e5:e3:d4:
9b:d4:c2:87:2c:84:99:08:28:9f:f3:4d:04:39:93:1f:08:a3:
28:ca:89:2f:a1:ec:4c:8f:07:ad:94:15:4c:a9:32:a9:03:af:
74:d8:95:0d:ac:11:71:77:47:8c:0d:bd:9f:76:87:3d:dc:68:
f3:99:2f:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESRlRh0UkSK3wJq+i/9OGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTMwMDA1YTY0MDc0Yjc0YzJjZWI0ZWZhN2E5ZGZiZGUwZGFjMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLLBYmNJHa0IMz5xzy8lu5O1HO9k
1dbRR4iF8jX0skCqaVMmxiz+kH1btsB7Ut1gV4aAzzYPRS9UDY3pqUlQ5ithyDnD
pM9zxJqcdmznasWsbJeZxDiVm9xq/rKFcF9zDPJWZ5aMmGEmgx/rzse4zDbLQwH0
GXQzxXSlpRPrXZFHS5JEd3Th8tas9QPwaL539R+qLYFy4VqgoDuMnlSWwNp5mhEB
z/uKhcPuAXw8Pj9G1xuEGPFIlOi7iAsUiMuoFGQHDcLyBAQYEpH+SJTbrj8dOcLr
1ZA4ryfZTibeSDXQXg7ZTadNeWnN1YV52i8rXySjojuBtd/1t06q1UVRAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEwAFpkB0t0ws6076ep373g2sHYMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvZ1RBQVdtUUhTM1RDenJUdnA2bmZ2ZURhd2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPcUMA0G
CSqGSIb3DQEBCwUAA4IBAQAyGMR1mmX7izGD+H7cO+ti345bnXh3/EbmUYiXFWXj
hLgXfKBLjZIDIkndKnTM3wGRjNuTwAVMWeChlBQDZISMZcO1kQrlEu8FdrU5Zsi2
neC6u0wtpdIp8EH3xpfvG8151fmH1kRR+VxVXZX6pPPH8IukseoFn0ViwCUesVni
QZEM5wNs+qeTKAZR2xd+mouqXfdbrN/t/9RdNWHcJQ0xMuWX7usqKy0W1p+2iEB1
JLsHE9Kl9CiDlxl72UwLcwh8tYHl49Sb1MKHLISZCCif800EOZMfCKMoyokvoexM
jwetlBVMqTKpA6902JUNrBFxd0eMDb2fdoc93GjzmS+F
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:56:01 2025 by rpki-client