Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GoM2_gQQwQydbbOwNFLrCZugZ88.roa
File: GoM2_gQQwQydbbOwNFLrCZugZ88.roa (raw, json)
Hash identifier: SAiCj2AKVhbLHb/5DCrFN24jI6ZMbx+SzorfIRwu+e4=
Subject key identifier: 1A:83:36:FE:04:10:C1:0C:9D:6D:B3:B0:34:52:EB:09:9B:A0:67:CF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193CAE19CC173B2D122D8666104D8B3E1ED
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GoM2_gQQwQydbbOwNFLrCZugZ88.roa
Signing time: Sun 15 Dec 2024 15:13:23 +0000
ROA not before: Sun 15 Dec 2024 15:13:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395793
IP address blocks: 163.5.17.0/24 maxlen: 24
163.5.25.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ca:e1:9c:c1:73:b2:d1:22:d8:66:61:04:d8:b3:e1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 15 15:13:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a8336fe0410c10c9d6db3b03452eb099ba067cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:07:c2:a7:cb:c7:97:32:47:ea:99:47:f7:dd:
e7:9e:cb:20:f4:dd:d7:7f:50:c1:2c:49:a1:16:c2:
e8:91:f9:90:6a:68:f1:05:93:eb:7a:d4:ad:d3:db:
b1:31:8a:ec:e1:85:1c:39:8f:86:f7:dd:f2:c3:18:
79:d1:da:09:b9:a7:df:44:4e:bf:85:b3:e1:b9:84:
49:44:08:c5:42:1b:2f:d4:9a:cb:44:a3:89:6a:b2:
1f:aa:bc:e8:de:f5:24:5f:d8:bf:93:d8:2d:76:91:
5b:74:59:80:88:b9:c5:68:34:9b:9a:fa:0e:7f:29:
67:7e:da:07:5b:50:44:bd:41:08:1f:4b:71:0d:1c:
ac:8b:56:a5:d1:bf:91:10:54:8a:4c:c2:3d:ec:12:
dd:7d:ef:a7:75:85:57:96:3d:86:2b:84:49:58:c5:
5f:5e:75:9e:84:20:95:6d:6b:aa:9c:f0:03:e6:95:
62:59:92:70:75:78:9d:04:1b:52:ac:79:18:40:ea:
3a:4e:8d:ee:fa:b6:99:b5:ad:d9:71:0f:2c:85:2f:
30:8e:36:27:2f:7c:d5:3c:63:ca:c2:40:d7:cb:53:
63:22:fd:04:0d:70:70:94:5f:8b:58:da:77:00:02:
42:81:04:aa:09:91:d5:3c:f7:16:ae:34:98:98:74:
a7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:83:36:FE:04:10:C1:0C:9D:6D:B3:B0:34:52:EB:09:9B:A0:67:CF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GoM2_gQQwQydbbOwNFLrCZugZ88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.17.0/24
163.5.25.0/24
163.5.35.0/24
163.5.40.0/24
163.5.44.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:e1:b4:d6:27:48:08:60:d0:ce:36:5d:7d:de:d1:3f:cf:83:
46:9f:c0:07:15:31:14:58:9d:5b:78:1b:04:20:e2:5d:a1:14:
e9:38:9e:c5:a8:a0:41:f5:e5:90:52:31:8f:fc:7d:c9:7f:f3:
31:f8:87:c2:e7:23:74:1f:89:f5:b5:a7:c2:aa:96:53:40:d0:
ae:cd:5d:0c:4d:f8:74:e8:87:07:78:65:4d:25:da:c4:48:5a:
39:eb:66:be:66:81:6c:ad:08:79:08:37:e3:22:6d:15:a1:89:
9b:cb:bd:a2:bf:93:40:22:9c:23:c2:c0:8d:49:48:aa:85:9c:
dc:02:41:20:dd:4e:64:eb:c9:43:a3:3b:16:ff:d7:28:a1:5b:
db:37:95:55:e7:89:c6:56:74:fd:41:54:f0:33:f7:7a:e4:34:
f4:33:57:aa:26:4e:bd:6a:5b:92:25:85:d0:68:4b:70:21:80:
a7:02:cd:20:c3:9c:7e:fd:0c:d2:28:09:aa:06:3e:e4:a2:12:
5a:ec:5b:80:de:3c:bd:97:a0:ad:dc:46:13:11:0c:c3:2b:fc:
f7:fc:53:fc:0f:a1:98:b7:55:8b:1a:5c:6d:0b:0b:3e:0a:a5:
3f:9c:17:be:87:f4:a4:25:31:19:ae:ff:91:bb:eb:3b:d7:65:
6b:40:cf:0e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPK4ZzBc7LRIthmYQTYs+HtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjE1MTUxMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTgzMzZmZTA0MTBjMTBjOWQ2ZGIzYjAzNDUyZWIwOTliYTA2N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAfCp8vHlzJH6plH993nnssg9N3X
f1DBLEmhFsLokfmQamjxBZPretSt09uxMYrs4YUcOY+G993ywxh50doJuaffRE6/
hbPhuYRJRAjFQhsv1JrLRKOJarIfqrzo3vUkX9i/k9gtdpFbdFmAiLnFaDSbmvoO
fylnftoHW1BEvUEIH0txDRysi1al0b+REFSKTMI97BLdfe+ndYVXlj2GK4RJWMVf
XnWehCCVbWuqnPAD5pViWZJwdXidBBtSrHkYQOo6To3u+raZta3ZcQ8shS8wjjYn
L3zVPGPKwkDXy1NjIv0EDXBwlF+LWNp3AAJCgQSqCZHVPPcWrjSYmHSnswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBqDNv4EEMEMnW2zsDRS6wmboGfPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR29NMl9nUVF3UXlkYmJPd05GTHJDWnVnWjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowURAwQA
owUZAwQAowUjAwQAowUoAwQAowUsMA0GCSqGSIb3DQEBCwUAA4IBAQBe4bTWJ0gI
YNDONl193tE/z4NGn8AHFTEUWJ1beBsEIOJdoRTpOJ7FqKBB9eWQUjGP/H3Jf/Mx
+IfC5yN0H4n1tafCqpZTQNCuzV0MTfh06IcHeGVNJdrESFo562a+ZoFsrQh5CDfj
Im0VoYmby72iv5NAIpwjwsCNSUiqhZzcAkEg3U5k68lDozsW/9cooVvbN5VV54nG
VnT9QVTwM/d65DT0M1eqJk69aluSJYXQaEtwIYCnAs0gw5x+/QzSKAmqBj7kohJa
7FuA3jy9l6Ct3EYTEQzDK/z3/FP8D6GYt1WLGlxtCws+CqU/nBe+h/SkJTEZrv+R
u+s712VrQM8O
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:53:58 2025 by rpki-client