Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/GOryEugWkb-xCSt8KK9zDJAhwIM.roa
File: GOryEugWkb-xCSt8KK9zDJAhwIM.roa (raw, json)
Hash identifier: apN8NyDIL6tEST20eLXoPsSU5KChItBcXmelqfG4VwI=
Subject key identifier: 18:EA:F2:12:E8:16:91:BF:B1:09:2B:7C:28:AF:73:0C:90:21:C0:83
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194F11F30600CD2A0E327C9692E1F7B0916
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/GOryEugWkb-xCSt8KK9zDJAhwIM.roa
Signing time: Mon 10 Feb 2025 18:29:00 +0000
ROA not before: Mon 10 Feb 2025 18:29:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 64.188.80.0/22 maxlen: 24
64.188.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 17:03:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:1f:30:60:0c:d2:a0:e3:27:c9:69:2e:1f:7b:09:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 10 18:29:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18eaf212e81691bfb1092b7c28af730c9021c083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:33:17:22:e2:bd:95:62:27:89:10:ab:a3:cf:
a2:02:f6:79:22:6c:30:d5:a1:5f:e4:f1:41:0a:7c:
67:a7:65:00:4c:88:ee:85:21:af:cd:08:f8:46:1a:
73:a0:32:55:19:78:e9:94:14:57:93:9e:5a:55:e6:
8b:2f:a1:32:7c:b7:81:83:19:fb:96:34:1e:4d:09:
4d:66:16:cb:e7:56:0e:f8:6b:87:4e:5e:2e:f9:ac:
53:a0:a2:84:67:7d:de:50:4b:e5:d7:10:d2:01:eb:
bb:75:6e:59:8a:95:b2:2f:13:68:7f:78:cd:7f:c5:
60:1e:6a:3f:05:fa:e6:20:4b:c4:8b:13:6a:74:42:
45:e8:6c:f0:c6:da:03:1a:a4:12:d6:41:b7:96:07:
89:98:c0:dc:69:73:61:fa:1d:5d:2f:f5:02:95:31:
ae:a5:b6:19:ab:1b:cd:3b:b8:d7:28:2a:8c:25:da:
f9:26:6d:70:b5:b6:e9:39:19:8c:23:39:09:09:1c:
08:4b:ae:32:e4:c4:89:7e:e8:b2:e5:9a:b6:e0:b4:
b4:57:01:5a:6e:cc:d0:d7:17:1d:79:3c:8b:48:9f:
f4:1d:f3:5d:e6:c6:46:49:10:77:81:98:e9:77:17:
37:1e:83:10:80:b6:d7:81:6b:4a:47:e1:91:e2:40:
86:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:EA:F2:12:E8:16:91:BF:B1:09:2B:7C:28:AF:73:0C:90:21:C0:83
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/GOryEugWkb-xCSt8KK9zDJAhwIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.80.0/22
64.188.92.0/22
Signature Algorithm: sha256WithRSAEncryption
66:95:d3:a1:f6:c1:bb:9b:32:97:1f:54:41:ee:b8:aa:51:d2:
0c:d9:6b:6e:02:3e:f3:ac:6d:e9:2f:45:ac:aa:86:68:4c:19:
9b:82:e9:ec:10:49:46:06:76:d0:c8:72:8c:54:40:a2:37:32:
60:02:4f:03:60:ba:74:3a:54:6d:50:ab:82:4c:ca:51:b4:0b:
fa:7d:26:94:c1:82:cf:98:6d:1c:18:b5:a4:43:ae:46:ac:8f:
4b:b0:6c:e8:1a:9f:37:4d:79:ec:07:8a:40:8a:7e:bb:fb:71:
dd:a8:1e:90:c3:dd:c2:d0:e5:52:76:b7:a5:d0:93:f1:eb:0e:
f1:ea:e0:fd:30:40:b2:b7:70:95:b8:4c:11:19:18:1b:91:d7:
f0:b7:0e:9f:39:cd:47:2c:12:b1:f3:1f:4d:38:0b:63:74:ad:
66:c4:f9:91:06:66:85:f1:70:3e:57:93:28:9f:8c:eb:d7:fc:
e6:74:01:bf:12:a5:46:4e:0e:73:27:f4:2e:4e:4a:f4:9a:0a:
95:fa:28:93:25:46:7a:e6:34:0b:ac:0b:fa:8a:b5:f6:ff:50:
3f:f5:ba:72:ec:71:33:85:b3:cd:05:29:86:e7:16:c1:0e:fd:
ec:df:0a:a1:fe:3f:57:e2:af:9f:d3:38:b3:9d:d7:32:cc:e4:
1a:18:ed:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTxHzBgDNKg4yfJaS4fewkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjEwMTgyOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGVhZjIxMmU4MTY5MWJmYjEwOTJiN2MyOGFmNzMwYzkwMjFjMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozMXIuK9lWIniRCro8+iAvZ5Imww
1aFf5PFBCnxnp2UATIjuhSGvzQj4RhpzoDJVGXjplBRXk55aVeaLL6EyfLeBgxn7
ljQeTQlNZhbL51YO+GuHTl4u+axToKKEZ33eUEvl1xDSAeu7dW5ZipWyLxNof3jN
f8VgHmo/BfrmIEvEixNqdEJF6GzwxtoDGqQS1kG3lgeJmMDcaXNh+h1dL/UClTGu
pbYZqxvNO7jXKCqMJdr5Jm1wtbbpORmMIzkJCRwIS64y5MSJfuiy5Zq24LS0VwFa
bszQ1xcdeTyLSJ/0HfNd5sZGSRB3gZjpdxc3HoMQgLbXgWtKR+GR4kCGQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBjq8hLoFpG/sQkrfCivcwyQIcCDMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvR09yeUV1Z1drYi14Q1N0OEtLOXpESkFod0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQLxQAwQC
QLxcMA0GCSqGSIb3DQEBCwUAA4IBAQBmldOh9sG7mzKXH1RB7riqUdIM2WtuAj7z
rG3pL0WsqoZoTBmbgunsEElGBnbQyHKMVECiNzJgAk8DYLp0OlRtUKuCTMpRtAv6
fSaUwYLPmG0cGLWkQ65GrI9LsGzoGp83TXnsB4pAin67+3HdqB6Qw93C0OVSdrel
0JPx6w7x6uD9MECyt3CVuEwRGRgbkdfwtw6fOc1HLBKx8x9NOAtjdK1mxPmRBmaF
8XA+V5Mon4zr1/zmdAG/EqVGTg5zJ/QuTkr0mgqV+iiTJUZ65jQLrAv6irX2/1A/
9bpy7HEzhbPNBSmG5xbBDv3s3wqh/j9X4q+f0zizndcyzOQaGO37
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:50:55 2025 by rpki-client