Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/GMihybScjzYuECFQMxv6NkWUSJk.roa
File: GMihybScjzYuECFQMxv6NkWUSJk.roa (raw, json)
Hash identifier: WvVqyptDC1IiT3PGes+FTaKFX/ABS5GC3wcn1FS1PlQ=
Subject key identifier: 18:C8:A1:C9:B4:9C:8F:36:2E:10:21:50:33:1B:FA:36:45:94:48:99
Certificate issuer: /CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8
Certificate serial: 018CC8DF00EDC77B6079F2D0C30B385A158D
Authority key identifier: 8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/GMihybScjzYuECFQMxv6NkWUSJk.roa
Signing time: Tue 02 Jan 2024 06:31:47 +0000
ROA not before: Tue 02 Jan 2024 06:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8455
IP address blocks: 185.121.95.0/24 maxlen: 24
185.121.94.0/24 maxlen: 24
185.121.93.0/24 maxlen: 24
185.121.92.0/22 maxlen: 24
2a03:8300::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:00:ed:c7:7b:60:79:f2:d0:c3:0b:38:5a:15:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8
Validity
Not Before: Jan 2 06:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18c8a1c9b49c8f362e102150331bfa3645944899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0e:e5:aa:4a:95:58:93:fa:56:66:a5:e0:f6:
26:51:7d:13:9c:69:c0:48:df:66:a8:5f:da:04:29:
6e:8b:c9:85:cb:70:02:8c:f7:bb:aa:e0:57:c7:d5:
05:9b:8a:72:6a:db:38:a7:a5:08:49:76:44:3d:c9:
e3:83:1f:f1:20:a6:52:cd:5b:fc:0b:e2:83:cf:72:
21:dd:84:6c:72:e6:54:f3:f6:eb:ca:ed:7d:8d:cd:
21:d2:28:88:8f:0f:da:d5:59:57:7a:29:f0:6b:6c:
9c:1e:73:35:56:da:fc:08:8f:18:8f:e9:d2:ca:25:
19:bb:97:90:42:1f:e5:8e:c7:55:c6:ee:e5:99:a5:
98:b8:fe:3f:f6:1e:14:7d:f5:76:c9:8b:23:3b:4b:
1f:56:8f:c9:cc:e1:71:c2:7b:f3:68:28:14:83:e8:
35:cb:6d:31:52:1f:c6:9b:07:6d:b6:6f:fc:50:33:
b9:a6:c6:70:9f:6f:3a:ba:87:81:11:22:56:e2:c7:
8c:1a:ce:99:be:f2:32:e3:1e:fb:58:32:0e:69:d4:
6d:8c:99:5a:82:46:0e:80:62:9f:3e:f9:29:16:57:
83:35:e6:2e:a2:76:dd:51:84:8f:72:cf:01:bf:a3:
2d:8d:92:ed:4a:fe:2c:77:e1:6e:4f:50:0a:98:03:
ac:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C8:A1:C9:B4:9C:8F:36:2E:10:21:50:33:1B:FA:36:45:94:48:99
X509v3 Authority Key Identifier:
keyid:8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/GMihybScjzYuECFQMxv6NkWUSJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.92.0/22
IPv6:
2a03:8300::/32
Signature Algorithm: sha256WithRSAEncryption
34:ad:35:0e:1f:3a:b9:27:90:d0:6f:a3:09:9a:b8:1b:82:88:
ee:cd:4d:27:3e:76:8d:2d:7d:34:08:80:f4:fd:ae:7c:88:4e:
32:32:56:22:b7:54:86:b4:86:ef:94:ff:08:86:68:07:74:c3:
f9:8b:75:0a:dc:2c:df:6f:aa:62:29:50:48:d6:c9:f9:c7:f7:
c8:63:d5:24:1c:85:14:6e:f1:ba:1a:ea:f1:79:c7:2d:18:f1:
26:b2:f8:14:4c:c6:71:55:25:6d:e1:27:41:be:18:4b:9a:b8:
e4:62:08:bb:c0:ee:ae:ff:ef:65:ca:04:a8:77:88:80:d4:fa:
72:a9:3a:6d:5a:b1:12:c8:a5:b3:20:ae:8a:06:ae:4d:9f:1e:
0d:21:de:71:dd:00:9f:bc:d2:41:3c:76:94:4f:68:48:30:49:
35:db:ee:b3:75:8b:60:2f:db:cf:d8:29:9e:4f:78:29:95:c7:
78:bc:49:a2:30:e7:27:c7:b7:19:b3:4d:e6:a3:db:53:12:d5:
de:50:50:01:93:09:3e:ce:4f:f7:7d:31:60:b5:09:8a:27:61:
e4:54:18:9e:e5:3b:54:c8:b4:c6:d3:73:ff:d3:ae:1a:24:b7:
db:07:2d:aa:a3:7b:a1:db:98:55:7e:ee:3d:5d:bc:27:cc:7a:
4d:e4:30:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3wDtx3tgefLQwws4WhWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMGM4ZDM1ZGQ2NjY1N2JmZmM5MGI2YWM0MTYwMGZmYTYy
M2Q1YjgwHhcNMjQwMTAyMDYzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGM4YTFjOWI0OWM4ZjM2MmUxMDIxNTAzMzFiZmEzNjQ1OTQ0ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ7lqkqVWJP6Vmal4PYmUX0TnGnA
SN9mqF/aBClui8mFy3ACjPe7quBXx9UFm4pyats4p6UISXZEPcnjgx/xIKZSzVv8
C+KDz3Ih3YRscuZU8/bryu19jc0h0iiIjw/a1VlXeinwa2ycHnM1Vtr8CI8Yj+nS
yiUZu5eQQh/ljsdVxu7lmaWYuP4/9h4UffV2yYsjO0sfVo/JzOFxwnvzaCgUg+g1
y20xUh/Gmwdttm/8UDO5psZwn286uoeBESJW4seMGs6ZvvIy4x77WDIOadRtjJla
gkYOgGKfPvkpFleDNeYuonbdUYSPcs8Bv6MtjZLtSv4sd+FuT1AKmAOs+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBjIocm0nI82LhAhUDMb+jZFlEiZMB8GA1UdIwQY
MBaAFIsMjTXdZmV7/8kLasQWAP+mI9W4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXd5Tk5kMW1aWHZfeVF0cXhCWUFfNllqMWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kMjhmZDQtYzM2OC00NmIzLWExN2Qt
NDMxODdlMjliMGUzLzEvR01paHliU2Nqell1RUNGUU14djZOa1dVU0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kMjhmZDQtYzM2OC00NmIzLWExN2QtNDMxODdlMjliMGUz
LzEvaXd5Tk5kMW1aWHZfeVF0cXhCWUFfNllqMWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXlcMA0E
AgACMAcDBQAqA4MAMA0GCSqGSIb3DQEBCwUAA4IBAQA0rTUOHzq5J5DQb6MJmrgb
gojuzU0nPnaNLX00CID0/a58iE4yMlYit1SGtIbvlP8IhmgHdMP5i3UK3Czfb6pi
KVBI1sn5x/fIY9UkHIUUbvG6GurxecctGPEmsvgUTMZxVSVt4SdBvhhLmrjkYgi7
wO6u/+9lygSod4iA1PpyqTptWrESyKWzIK6KBq5Nnx4NId5x3QCfvNJBPHaUT2hI
MEk12+6zdYtgL9vP2CmeT3gplcd4vEmiMOcnx7cZs03mo9tTEtXeUFABkwk+zk/3
fTFgtQmKJ2HkVBie5TtUyLTG03P/064aJLfbBy2qo3uh25hVfu49XbwnzHpN5DAM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:16 2025 by rpki-client