Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/gAH6hGTbh83XWulma3xebdXcVp8.roa
File: gAH6hGTbh83XWulma3xebdXcVp8.roa (raw, json)
Hash identifier: 67pLf8ntfCJnYmgD75JQNWVWrsp389xL/Qrv9l7Iyjg=
Subject key identifier: 80:01:FA:84:64:DB:87:CD:D7:5A:E9:66:6B:7C:5E:6D:D5:DC:56:9F
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0193C1B805314FC4CE106A37F01536208230
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/gAH6hGTbh83XWulma3xebdXcVp8.roa
Signing time: Fri 13 Dec 2024 20:31:22 +0000
ROA not before: Fri 13 Dec 2024 20:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 194.38.48.0/24 maxlen: 24
194.38.50.0/24 maxlen: 24
194.38.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:b8:05:31:4f:c4:ce:10:6a:37:f0:15:36:20:82:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Dec 13 20:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8001fa8464db87cdd75ae9666b7c5e6dd5dc569f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ad:b3:e0:45:a5:31:36:9e:c2:5c:b6:aa:cb:
62:6a:a6:9c:ba:59:95:71:83:5b:11:3b:80:44:fa:
cf:50:8e:99:a4:57:c7:60:6f:0a:28:fc:06:1e:49:
69:e8:52:ab:d7:9e:ce:8c:42:58:40:1e:76:26:d1:
5b:a0:fe:28:11:e2:a5:47:e1:b4:47:d9:80:a7:48:
f8:50:78:17:4d:91:6e:4b:1f:3c:69:61:30:43:c9:
09:f2:56:ac:fb:8f:ef:76:a0:af:9f:cc:eb:11:96:
d2:d6:2c:df:43:80:8e:92:05:ba:c2:70:36:78:49:
0f:94:c8:dd:94:d9:a1:89:a3:37:78:3d:7e:0f:b5:
8b:88:14:39:11:45:b4:85:65:c2:35:79:59:dd:6a:
86:fb:06:c7:0a:ff:93:e8:0b:49:ba:4b:21:02:3f:
29:3e:e4:0c:16:51:08:c6:ad:c8:56:33:81:19:04:
9c:ec:0b:87:76:84:9b:36:6e:be:37:73:cf:79:93:
e8:76:13:13:27:31:a8:15:ee:f5:1f:b0:46:e9:8d:
49:fd:87:c5:5a:66:ee:ab:18:c0:ce:3a:92:96:d9:
63:20:65:2f:b8:49:93:43:82:6e:3b:9e:e7:5c:28:
a0:b9:a6:4f:7b:5a:02:8b:41:b2:96:a5:01:0b:45:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:01:FA:84:64:DB:87:CD:D7:5A:E9:66:6B:7C:5E:6D:D5:DC:56:9F
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/gAH6hGTbh83XWulma3xebdXcVp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.48.0/24
194.38.50.0/23
Signature Algorithm: sha256WithRSAEncryption
11:b2:65:e9:17:e5:a1:63:63:c6:87:a6:52:66:b5:b1:3d:88:
7d:d1:33:67:d8:1b:d1:40:ce:0f:f6:ca:73:ca:b3:44:68:8f:
9a:91:40:ea:68:e5:62:ef:08:f4:c8:99:45:b3:fc:91:ab:c4:
8c:4e:57:1b:69:64:5a:55:da:28:2b:68:6a:42:57:a3:45:63:
b6:21:e8:1b:85:94:e6:bb:69:98:cd:4b:a7:9e:92:2d:40:c2:
02:33:91:e0:ce:c5:4a:e1:bf:2c:be:01:5b:95:59:8c:fa:5a:
f3:af:0e:75:77:bd:2d:2a:f8:f0:44:0e:a7:b3:e2:cb:2b:e5:
e6:88:ca:f3:43:c9:93:35:1a:bf:1c:dc:e6:19:77:2d:74:05:
cc:8e:41:28:08:56:d7:dc:b8:ad:ca:62:d1:d1:b3:16:e3:fa:
de:c0:52:aa:09:7c:95:4d:78:d6:91:bc:64:0d:f2:13:03:f8:
94:b8:a6:11:54:1c:22:ad:8a:dd:81:f8:a3:11:6f:27:36:cd:
0d:75:c4:86:76:2f:ad:11:6c:85:e8:3d:70:be:ca:3b:4e:9c:
b6:05:64:d7:75:ea:29:ce:a1:62:8e:d9:28:11:ba:28:06:af:
90:62:85:78:a1:9c:21:35:8e:e6:fd:6b:fa:48:02:7d:0a:34:
46:cf:80:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPBuAUxT8TOEGo38BU2IIIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMjEzMjAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAxZmE4NDY0ZGI4N2NkZDc1YWU5NjY2YjdjNWU2ZGQ1ZGM1NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv62z4EWlMTaewly2qstiaqaculmV
cYNbETuARPrPUI6ZpFfHYG8KKPwGHklp6FKr157OjEJYQB52JtFboP4oEeKlR+G0
R9mAp0j4UHgXTZFuSx88aWEwQ8kJ8las+4/vdqCvn8zrEZbS1izfQ4COkgW6wnA2
eEkPlMjdlNmhiaM3eD1+D7WLiBQ5EUW0hWXCNXlZ3WqG+wbHCv+T6AtJukshAj8p
PuQMFlEIxq3IVjOBGQSc7AuHdoSbNm6+N3PPeZPodhMTJzGoFe71H7BG6Y1J/YfF
WmbuqxjAzjqSltljIGUvuEmTQ4JuO57nXCiguaZPe1oCi0GylqUBC0VzAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIAB+oRk24fN11rpZmt8Xm3V3FafMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvZ0FINmhHVGJoODNYV3VsbWEzeGViZFhjVnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiYwAwQB
wiYyMA0GCSqGSIb3DQEBCwUAA4IBAQARsmXpF+WhY2PGh6ZSZrWxPYh90TNn2BvR
QM4P9spzyrNEaI+akUDqaOVi7wj0yJlFs/yRq8SMTlcbaWRaVdooK2hqQlejRWO2
IegbhZTmu2mYzUunnpItQMICM5HgzsVK4b8svgFblVmM+lrzrw51d70tKvjwRA6n
s+LLK+XmiMrzQ8mTNRq/HNzmGXctdAXMjkEoCFbX3LitymLR0bMW4/rewFKqCXyV
TXjWkbxkDfITA/iUuKYRVBwirYrdgfijEW8nNs0NdcSGdi+tEWyF6D1wvso7Tpy2
BWTXdeopzqFijtkoEbooBq+QYoV4oZwhNY7m/Wv6SAJ9CjRGz4DV
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:50:53 2025 by rpki-client