Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GpOcZeA9RhtRwiOmsnAKA24jotk.roa
File: GpOcZeA9RhtRwiOmsnAKA24jotk.roa (raw, json)
Hash identifier: sboxQ43pYGx0A1Xf9ZUGcGsS59jv/KKCq44T/boqzKQ=
Subject key identifier: 1A:93:9C:65:E0:3D:46:1B:51:C2:23:A6:B2:70:0A:03:6E:23:A2:D9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019493041970904EEDD8C3E61ACFC490286E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GpOcZeA9RhtRwiOmsnAKA24jotk.roa
Signing time: Thu 23 Jan 2025 11:55:06 +0000
ROA not before: Thu 23 Jan 2025 11:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34577
IP address blocks: 37.60.141.0/24 maxlen: 32
87.120.0.0/22 maxlen: 32
87.120.12.0/24 maxlen: 32
87.120.14.0/23 maxlen: 32
87.120.44.0/23 maxlen: 32
87.120.45.119/32 maxlen: 32
87.120.178.0/23 maxlen: 32
87.120.180.0/22 maxlen: 32
87.120.184.0/23 maxlen: 32
87.120.190.0/24 maxlen: 32
87.121.48.0/22 maxlen: 32
93.123.40.0/22 maxlen: 32
93.123.40.0/24 maxlen: 32
93.123.41.0/24 maxlen: 32
93.123.42.0/24 maxlen: 32
93.123.43.0/24 maxlen: 32
93.123.44.0/24 maxlen: 32
93.123.47.0/24 maxlen: 32
93.123.66.0/24 maxlen: 32
93.123.67.0/24 maxlen: 32
93.123.96.0/22 maxlen: 32
94.156.123.0/24 maxlen: 32
212.73.149.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 08:23:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:04:19:70:90:4e:ed:d8:c3:e6:1a:cf:c4:90:28:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 23 11:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a939c65e03d461b51c223a6b2700a036e23a2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:55:3b:55:a2:b0:3d:77:02:08:29:fb:c0:ca:
82:66:d0:e7:01:ee:76:8d:7e:d3:ea:f4:fd:2d:f6:
cf:3a:52:57:73:07:10:2c:24:ba:09:64:25:91:2c:
62:49:74:2b:c6:49:df:1b:e3:c1:d3:9b:2c:33:5c:
bd:2f:73:68:0d:6d:bb:ac:fb:55:4e:71:c2:78:fd:
8b:65:34:da:a5:d7:3e:ba:b5:45:5f:b6:d9:59:2d:
e2:d1:6e:0e:af:45:a0:44:2d:4c:81:0e:ce:1a:99:
37:a4:a3:35:e4:b4:2f:5a:50:ab:fa:d0:e6:82:b8:
69:f7:26:a6:52:6b:8a:81:39:fa:08:39:e9:2c:cb:
64:53:b6:ae:25:b6:96:23:98:5a:64:a8:30:d8:5c:
02:73:88:0f:1c:bb:07:d7:68:19:71:47:03:54:8d:
99:ff:49:00:a9:5d:d6:3d:bc:88:59:cd:80:7e:a1:
81:c9:99:13:0c:c0:4e:d3:69:f7:a3:d2:32:ec:6c:
97:51:19:aa:50:10:52:1c:54:85:1e:18:d8:9c:04:
44:81:30:12:8e:2c:51:c2:fa:13:11:6d:50:6d:a1:
ed:56:42:27:b8:b6:80:dc:57:77:e3:d8:e1:d5:c3:
1e:34:af:b9:6a:23:65:44:b2:e1:ed:b6:d5:02:29:
01:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:93:9C:65:E0:3D:46:1B:51:C2:23:A6:B2:70:0A:03:6E:23:A2:D9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GpOcZeA9RhtRwiOmsnAKA24jotk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.141.0/24
87.120.0.0/22
87.120.12.0/24
87.120.14.0/23
87.120.44.0/23
87.120.178.0-87.120.185.255
87.120.190.0/24
87.121.48.0/22
93.123.40.0-93.123.44.255
93.123.47.0/24
93.123.66.0/23
93.123.96.0/22
94.156.123.0/24
212.73.149.0/24
Signature Algorithm: sha256WithRSAEncryption
65:e5:b6:a0:57:c4:d3:88:24:c3:f3:b1:7f:4b:22:8c:81:04:
01:91:b0:7c:fb:41:49:3b:1e:f9:ed:66:c1:6e:d7:89:33:ab:
59:64:0f:78:df:b7:1f:22:b9:d4:1c:dd:9a:5f:8f:e3:2c:d6:
eb:ae:b9:0a:98:14:fa:b9:4d:bd:ba:8a:df:85:c0:9a:a5:e9:
31:51:9e:df:86:38:1f:4b:fe:43:e8:df:38:a6:46:a1:24:cc:
25:07:76:c4:52:1e:b1:48:14:18:55:7e:e1:5a:68:a7:2c:27:
99:be:7c:bc:21:7c:ee:40:cd:ee:8d:8d:b0:d2:d0:cf:80:39:
52:37:9c:33:2a:1d:5e:e9:44:0b:a3:76:6f:7e:5e:7d:ce:a7:
d8:91:9f:b7:d8:b9:e5:54:f6:3c:95:6e:87:00:c6:bb:09:61:
0a:ca:8f:53:58:7e:b3:f0:b2:a3:eb:6b:0e:08:43:3c:88:d4:
56:d6:2a:4b:f8:2a:3a:1e:fa:f3:09:1a:68:dc:97:66:4c:77:
52:dd:d9:59:2e:7c:c1:e9:e4:c7:dc:46:ba:2c:c6:0d:c8:b7:
e3:1d:55:a9:6b:ce:a0:0f:b5:58:02:8c:85:cd:45:e3:58:9f:
23:04:25:27:41:c1:02:13:47:0d:1e:4d:2c:c6:1a:49:13:1b:
fd:97:33:7d
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZSTBBlwkE7t2MPmGs/EkChuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIzMTE1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkzOWM2NWUwM2Q0NjFiNTFjMjIzYTZiMjcwMGEwMzZlMjNhMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1U7VaKwPXcCCCn7wMqCZtDnAe52
jX7T6vT9LfbPOlJXcwcQLCS6CWQlkSxiSXQrxknfG+PB05ssM1y9L3NoDW27rPtV
TnHCeP2LZTTapdc+urVFX7bZWS3i0W4Or0WgRC1MgQ7OGpk3pKM15LQvWlCr+tDm
grhp9yamUmuKgTn6CDnpLMtkU7auJbaWI5haZKgw2FwCc4gPHLsH12gZcUcDVI2Z
/0kAqV3WPbyIWc2AfqGByZkTDMBO02n3o9Iy7GyXURmqUBBSHFSFHhjYnAREgTAS
jixRwvoTEW1QbaHtVkInuLaA3Fd349jh1cMeNK+5aiNlRLLh7bbVAikB+QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFBqTnGXgPUYbUcIjprJwCgNuI6LZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR3BPY1plQTlSaHRSd2lPbXNuQUtBMjRqb3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAJTyNAwQC
V3gAAwQAV3gMAwQBV3gOAwQBV3gsMAwDBAFXeLIDBAFXeLgDBABXeL4DBAJXeTAw
DAMEA117KAMEAF17LAMEAF17LwMEAV17QgMEAl17YAMEAF6cewMEANRJlTANBgkq
hkiG9w0BAQsFAAOCAQEAZeW2oFfE04gkw/Oxf0sijIEEAZGwfPtBSTse+e1mwW7X
iTOrWWQPeN+3HyK51Bzdml+P4yzW6665CpgU+rlNvbqK34XAmqXpMVGe34Y4H0v+
Q+jfOKZGoSTMJQd2xFIesUgUGFV+4Vpopywnmb58vCF87kDN7o2NsNLQz4A5Ujec
MyodXulEC6N2b35efc6n2JGft9i55VT2PJVuhwDGuwlhCsqPU1h+s/Cyo+trDghD
PIjUVtYqS/gqOh768wkaaNyXZkx3Ut3ZWS58wenkx9xGuizGDci34x1VqWvOoA+1
WAKMhc1F41ifIwQlJ0HBAhNHDR5NLMYaSRMb/ZczfQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:43:19 2025 by rpki-client