Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/gkZff9Uu7j35p1qD3lzNGlFFu8c.roa
File: gkZff9Uu7j35p1qD3lzNGlFFu8c.roa (raw, json)
Hash identifier: KGJUjFopuGJQZHYj2TZF+1NLHwxiVJxbIzHvt0xAnrc=
Subject key identifier: 82:46:5F:7F:D5:2E:EE:3D:F9:A7:5A:83:DE:5C:CD:1A:51:45:BB:C7
Certificate issuer: /CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Certificate serial: 018DC0C9B8A837BB5A33564169C5B430C87C
Authority key identifier: 88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/gkZff9Uu7j35p1qD3lzNGlFFu8c.roa
Signing time: Mon 19 Feb 2024 09:54:21 +0000
ROA not before: Mon 19 Feb 2024 09:54:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12479
IP address blocks: 83.231.0.0/17 maxlen: 17
83.231.0.0/19 maxlen: 24
83.231.48.0/21 maxlen: 24
83.231.56.0/21 maxlen: 24
83.231.64.0/18 maxlen: 24
185.124.28.0/22 maxlen: 24
212.169.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 09:51:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:c9:b8:a8:37:bb:5a:33:56:41:69:c5:b4:30:c8:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Validity
Not Before: Feb 19 09:54:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82465f7fd52eee3df9a75a83de5ccd1a5145bbc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ad:a9:76:61:ac:0e:0c:60:1b:1c:59:a0:6b:
38:f5:8e:b6:d1:78:1e:43:23:06:76:d1:a2:f5:a2:
bd:95:fc:8b:43:c5:ca:a9:cd:66:db:38:32:d2:d2:
21:97:fe:73:f0:d7:f7:b3:92:20:4d:05:ad:45:d2:
e3:1a:3c:5a:1e:50:10:51:f2:c0:64:22:2e:93:c9:
32:15:6a:95:17:ab:2b:00:05:e5:33:b7:96:e0:09:
50:9e:9e:fb:f3:89:11:6d:8b:c7:ec:af:84:78:3a:
7b:b3:b3:2f:0a:c4:84:74:c1:a9:a5:c8:17:32:65:
a6:72:db:d0:e7:fc:da:73:00:e9:d1:6f:56:96:7f:
71:4c:78:1c:68:74:16:ff:49:54:05:ea:6c:6b:d9:
66:b6:ff:53:2c:93:03:8d:e6:70:83:29:bd:63:c1:
03:c0:2a:5f:f7:34:a0:ee:99:ac:dc:ea:e1:69:80:
ef:6a:01:a0:e3:88:de:07:dc:f7:df:7d:49:f3:88:
fb:6d:4c:4d:81:f4:29:33:c2:32:3d:14:61:47:f1:
21:f2:c3:b4:eb:3d:2d:7f:58:ef:5c:23:6c:6c:a6:
90:ef:17:77:67:fb:f7:6d:79:0d:cc:11:e7:40:d9:
d9:69:fc:15:c0:ea:d5:97:9d:7b:9a:a6:4f:c0:c1:
bb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:46:5F:7F:D5:2E:EE:3D:F9:A7:5A:83:DE:5C:CD:1A:51:45:BB:C7
X509v3 Authority Key Identifier:
keyid:88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/gkZff9Uu7j35p1qD3lzNGlFFu8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.231.0.0/17
185.124.28.0/22
212.169.128.0/17
Signature Algorithm: sha256WithRSAEncryption
95:2a:57:3b:d1:75:4d:d4:9a:98:48:24:e9:d7:a6:b6:09:00:
2b:96:0e:f0:af:e2:86:d2:0e:21:3b:85:66:b7:ba:b1:f0:21:
c3:0f:2d:43:95:3e:4f:d0:cd:f5:24:6a:4e:4b:10:8e:ed:5b:
ad:d8:bd:46:23:32:78:b7:db:af:9e:27:25:d6:8e:ce:45:bc:
1e:bc:e4:c5:28:eb:53:11:94:f0:6f:6e:88:08:ba:9a:a2:d2:
79:c9:54:e8:87:b9:2a:3c:84:2f:0e:e5:1c:5e:55:1d:3c:05:
d6:2a:37:7c:6a:bc:71:6e:0d:bd:1d:5a:b8:52:15:5e:fd:f5:
e3:c3:57:aa:d7:27:63:a0:80:7d:d9:9a:72:2d:33:67:42:3c:
5e:47:77:c7:ac:5d:ba:40:f7:ba:1a:a7:ea:69:df:c1:60:91:
ed:68:2c:0d:38:cf:09:7a:81:e1:72:63:85:7d:c2:f9:1a:8c:
ff:f4:b3:62:16:e5:dd:b3:3c:ee:c7:2e:e7:38:41:29:f0:a0:
66:95:6e:63:fc:b4:88:40:7d:12:68:ca:93:29:bf:36:ad:91:
ce:14:9b:33:85:43:df:b0:be:d2:9e:57:9c:58:a5:7f:6e:73:
d6:22:3b:47:09:be:53:7d:b5:28:bd:32:3b:4e:bf:d9:60:97:
9f:bd:a5:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3AybioN7taM1ZBacW0MMh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Njc4Y2EzNGMzYzYzNjVmYjYxNmE2NjA3NzE2MGE0OTRh
NmU5ZDYwHhcNMjQwMjE5MDk1NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ2NWY3ZmQ1MmVlZTNkZjlhNzVhODNkZTVjY2QxYTUxNDViYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra2pdmGsDgxgGxxZoGs49Y620Xge
QyMGdtGi9aK9lfyLQ8XKqc1m2zgy0tIhl/5z8Nf3s5IgTQWtRdLjGjxaHlAQUfLA
ZCIuk8kyFWqVF6srAAXlM7eW4AlQnp7784kRbYvH7K+EeDp7s7MvCsSEdMGppcgX
MmWmctvQ5/zacwDp0W9Wln9xTHgcaHQW/0lUBepsa9lmtv9TLJMDjeZwgym9Y8ED
wCpf9zSg7pms3OrhaYDvagGg44jeB9z3331J84j7bUxNgfQpM8IyPRRhR/Eh8sO0
6z0tf1jvXCNsbKaQ7xd3Z/v3bXkNzBHnQNnZafwVwOrVl517mqZPwMG7SwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIJGX3/VLu49+adag95czRpRRbvHMB8GA1UdIwQY
MBaAFIhnjKNMPGNl+2FqZgdxYKSUpunWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQt
Zjg1ZjcyMWZiMWI4LzEvZ2taZmY5VXU3ajM1cDFxRDNsek5HbEZGdThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQtZjg1ZjcyMWZiMWI4
LzEvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQHU+cAAwQC
uXwcAwQH1KmAMA0GCSqGSIb3DQEBCwUAA4IBAQCVKlc70XVN1JqYSCTp16a2CQAr
lg7wr+KG0g4hO4Vmt7qx8CHDDy1DlT5P0M31JGpOSxCO7Vut2L1GIzJ4t9uvnicl
1o7ORbwevOTFKOtTEZTwb26ICLqaotJ5yVToh7kqPIQvDuUcXlUdPAXWKjd8arxx
bg29HVq4UhVe/fXjw1eq1ydjoIB92ZpyLTNnQjxeR3fHrF26QPe6Gqfqad/BYJHt
aCwNOM8JeoHhcmOFfcL5Goz/9LNiFuXdszzuxy7nOEEp8KBmlW5j/LSIQH0SaMqT
Kb82rZHOFJszhUPfsL7SnlecWKV/bnPWIjtHCb5TfbUovTI7Tr/ZYJefvaWs
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:18:07 2025 by rpki-client