Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/GkmSBj2sezfH3zu1N0njuZidOrg.roa
File: GkmSBj2sezfH3zu1N0njuZidOrg.roa (raw, json)
Hash identifier: tsdYh/yByYG9BZNHsZ5R4HQI/WBx6LHKyadG3aiNlnk=
Subject key identifier: 1A:49:92:06:3D:AC:7B:37:C7:DF:3B:B5:37:49:E3:B9:98:9D:3A:B8
Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Certificate serial: 01947492350ED977A124B8229D31124EF799
Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/GkmSBj2sezfH3zu1N0njuZidOrg.roa
Signing time: Fri 17 Jan 2025 14:02:06 +0000
ROA not before: Fri 17 Jan 2025 14:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15731
IP address blocks: 45.152.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 20:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:92:35:0e:d9:77:a1:24:b8:22:9d:31:12:4e:f7:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Validity
Not Before: Jan 17 14:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a4992063dac7b37c7df3bb53749e3b9989d3ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:01:94:09:27:c8:81:39:23:9d:fb:00:94:
f9:a1:6f:0d:7d:87:9b:b5:a5:81:e6:10:c0:c4:b3:
fe:7b:70:ec:22:bb:a9:ea:c9:36:93:3f:9e:6b:ac:
ea:ea:b1:94:69:39:50:bc:da:80:cf:e5:76:43:4f:
42:c7:67:a9:e0:b7:62:ab:85:e6:6e:bd:0a:b6:d1:
15:a0:03:fa:82:40:91:78:6b:12:74:d1:0b:7b:92:
ef:33:d6:07:59:50:e4:9b:e9:66:01:eb:c3:c1:ef:
c6:71:ea:15:fc:c6:b1:33:09:30:f3:c1:77:72:a5:
61:c4:b7:49:29:cb:ad:33:bb:e2:e1:62:55:90:af:
74:dc:c4:06:d7:01:4f:79:96:14:83:fd:14:06:88:
2b:2f:38:c3:ad:f1:e1:37:53:81:2e:cf:76:88:15:
f9:a0:56:5e:4d:14:9f:36:db:c9:6a:d5:1c:ff:14:
18:6a:76:bd:60:29:b5:8f:df:cd:da:0c:41:5c:78:
43:86:be:17:7d:3f:cf:83:4c:79:ac:78:f1:20:a1:
79:1e:42:e1:20:3e:b8:db:ee:2b:15:0a:32:e3:1c:
d9:0f:ac:1f:ee:b3:7e:6e:d5:b8:a3:05:81:b2:7f:
f6:7b:2e:19:bf:ec:57:47:a4:b1:6e:56:72:9c:bd:
57:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:49:92:06:3D:AC:7B:37:C7:DF:3B:B5:37:49:E3:B9:98:9D:3A:B8
X509v3 Authority Key Identifier:
keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/GkmSBj2sezfH3zu1N0njuZidOrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.22.0/24
Signature Algorithm: sha256WithRSAEncryption
24:aa:e9:89:6a:3b:c7:dd:42:fd:41:d9:26:1e:bf:51:37:4c:
ef:69:95:55:99:e5:6b:4c:1e:d2:4e:5d:f0:f3:53:e0:fe:74:
89:b3:af:11:66:fd:17:11:58:69:27:eb:4c:cc:08:96:97:f4:
2c:ca:8c:6d:48:7b:91:f5:8b:56:e5:96:08:bd:82:ed:3b:11:
c5:88:3d:3d:c3:b4:1c:c4:47:42:b8:9b:2a:d1:3b:81:b7:aa:
33:d5:68:7e:a0:48:91:e4:b7:b1:1a:c8:67:c3:51:7d:58:f7:
3a:fd:73:d7:04:70:bc:96:cc:87:7d:6b:86:1d:e7:d1:1b:cd:
80:1d:f0:53:02:2c:50:32:d4:0d:0f:8a:f8:6c:ae:6b:25:82:
8c:77:4e:bd:3e:20:91:50:54:17:35:46:25:77:9a:c0:1b:7d:
20:76:0d:db:c5:11:7f:0a:da:1d:fe:64:c1:9e:ea:6d:f8:ac:
dd:22:80:29:67:97:d7:a4:80:48:ef:ba:2b:24:73:82:41:31:
03:f1:78:da:e9:f6:61:51:40:8c:fb:95:89:1a:f7:7a:46:87:
00:ac:fd:6c:ae:dd:1c:37:0c:e8:fa:ab:9f:80:de:c8:f7:df:
cc:86:fb:2e:58:3c:03:6f:c0:bc:ed:77:49:ed:17:d2:9d:5a:
98:f4:92:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR0kjUO2XehJLginTESTveZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwM2IyYzM4NzEwNjkwMDJhZDBiMmY0MmIwY2JmNWU5MmUz
YmU0YjMwHhcNMjUwMTE3MTQwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQ5OTIwNjNkYWM3YjM3YzdkZjNiYjUzNzQ5ZTNiOTk4OWQzYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuEBlAknyIE5I537AJT5oW8NfYeb
taWB5hDAxLP+e3DsIrup6sk2kz+ea6zq6rGUaTlQvNqAz+V2Q09Cx2ep4Ldiq4Xm
br0KttEVoAP6gkCReGsSdNELe5LvM9YHWVDkm+lmAevDwe/GceoV/MaxMwkw88F3
cqVhxLdJKcutM7vi4WJVkK903MQG1wFPeZYUg/0UBogrLzjDrfHhN1OBLs92iBX5
oFZeTRSfNtvJatUc/xQYana9YCm1j9/N2gxBXHhDhr4XfT/Pg0x5rHjxIKF5HkLh
ID642+4rFQoy4xzZD6wf7rN+btW4owWBsn/2ey4Zv+xXR6SxblZynL1XsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpJkgY9rHs3x987tTdJ47mYnTq4MB8GA1UdIwQY
MBaAFAA7LDhxBpACrQsvQrDL9ekuO+SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGIt
YjM1YTBhMTQ1M2ZiLzEvR2ttU0JqMnNlemZIM3p1MU4wbmp1WmlkT3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGItYjM1YTBhMTQ1M2Zi
LzEvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZgWMA0G
CSqGSIb3DQEBCwUAA4IBAQAkqumJajvH3UL9QdkmHr9RN0zvaZVVmeVrTB7STl3w
81Pg/nSJs68RZv0XEVhpJ+tMzAiWl/QsyoxtSHuR9YtW5ZYIvYLtOxHFiD09w7Qc
xEdCuJsq0TuBt6oz1Wh+oEiR5LexGshnw1F9WPc6/XPXBHC8lsyHfWuGHefRG82A
HfBTAixQMtQND4r4bK5rJYKMd069PiCRUFQXNUYld5rAG30gdg3bxRF/Ctod/mTB
nupt+KzdIoApZ5fXpIBI77orJHOCQTED8Xja6fZhUUCM+5WJGvd6RocArP1srt0c
Nwzo+qufgN7I99/MhvsuWDwDb8C87XdJ7RfSnVqY9JKi
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:46:22 2025 by rpki-client