Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/GAfBcVz-9PUZBq9JUDfzeMlw5eE.roa
File: GAfBcVz-9PUZBq9JUDfzeMlw5eE.roa (raw, json)
Hash identifier: soEgEW10i26LtZIFeEwRUyUnFn0YG81X7/LrECYyQSM=
Subject key identifier: 18:07:C1:71:5C:FE:F4:F5:19:06:AF:49:50:37:F3:78:C9:70:E5:E1
Certificate issuer: /CN=8ad37a9933b052c2f12ef1b8f14d74f05fddb611
Certificate serial: 018EAE4E0C262D19477BCB4BD590B7428417
Authority key identifier: 8A:D3:7A:99:33:B0:52:C2:F1:2E:F1:B8:F1:4D:74:F0:5F:DD:B6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/GAfBcVz-9PUZBq9JUDfzeMlw5eE.roa
Signing time: Fri 05 Apr 2024 12:48:54 +0000
ROA not before: Fri 05 Apr 2024 12:48:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50902
IP address blocks: 185.253.5.0/24 maxlen: 24
193.110.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:4e:0c:26:2d:19:47:7b:cb:4b:d5:90:b7:42:84:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad37a9933b052c2f12ef1b8f14d74f05fddb611
Validity
Not Before: Apr 5 12:48:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1807c1715cfef4f51906af495037f378c970e5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1d:b3:89:88:f4:60:80:15:02:44:05:d2:db:
62:ec:78:a1:30:06:14:fc:9b:de:fb:38:cc:d8:fc:
53:3d:24:dc:f1:20:76:47:04:81:85:1a:13:b7:84:
15:2e:ff:a6:da:e6:a0:c8:9a:63:6c:fd:bb:04:8d:
68:8c:93:7b:de:3c:16:02:8c:32:c5:a6:f0:92:48:
01:a0:48:af:6e:e8:71:69:90:43:23:7c:d1:00:9e:
19:09:59:24:f2:ff:6a:9a:f6:dd:74:fe:a8:a5:43:
ae:ac:92:98:90:2d:af:27:10:00:82:f0:e4:e7:ab:
99:df:b3:17:d7:b6:91:0e:1c:f1:24:4b:0b:69:18:
93:0e:14:23:fa:b2:69:b3:c1:29:92:ca:3b:31:d5:
a0:44:3b:a6:e4:00:59:65:23:ae:5e:60:95:e3:ba:
85:1a:47:d3:d3:2f:0e:2d:f3:bb:49:70:7a:a3:6d:
69:bd:0a:fd:2f:8b:c9:81:54:1d:57:14:7b:86:f0:
98:7f:28:69:c8:de:b5:ff:07:75:ed:52:f1:c1:ab:
58:66:92:5a:a7:f8:c1:ec:89:93:67:8a:93:dd:bc:
40:a6:fc:a4:92:8d:77:43:2b:bf:bf:f7:85:5f:c9:
18:fb:8a:3a:50:d3:f9:b1:db:78:37:96:d7:79:26:
e8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:07:C1:71:5C:FE:F4:F5:19:06:AF:49:50:37:F3:78:C9:70:E5:E1
X509v3 Authority Key Identifier:
keyid:8A:D3:7A:99:33:B0:52:C2:F1:2E:F1:B8:F1:4D:74:F0:5F:DD:B6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/GAfBcVz-9PUZBq9JUDfzeMlw5eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/itN6mTOwUsLxLvG48U108F_dthE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.5.0/24
193.110.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:1a:09:00:62:06:e9:1f:74:53:2f:7b:49:a4:a0:23:8c:5c:
6c:b9:da:ca:b4:c5:43:e2:d5:68:f5:04:f2:a8:96:75:43:e3:
17:fb:53:97:8f:22:a2:63:c8:83:64:87:2e:72:54:6d:1d:14:
91:cd:70:fe:ff:e2:a8:55:96:44:7f:ee:57:45:42:ce:ba:cf:
85:88:10:fb:7b:f6:2c:fe:e3:c3:ed:db:d6:d6:e1:6b:99:98:
d2:c6:bb:a9:52:a0:0e:7b:45:13:0f:1f:70:de:4f:7e:c3:65:
e7:95:90:bc:8f:76:15:ca:75:5f:8d:b5:34:34:2f:89:b3:de:
28:05:86:33:30:fd:5e:48:40:13:8e:3b:6e:60:2e:da:10:1a:
6d:d7:a7:19:64:11:77:26:b2:90:87:a9:eb:28:26:b0:57:2e:
a3:46:14:4e:dd:b1:41:e7:7d:b4:e7:7a:a0:9e:9d:4b:05:43:
63:bc:78:ed:33:cc:77:7c:9d:9b:98:00:2e:1c:23:8b:20:d0:
3d:2f:58:44:6c:6a:46:4a:46:5f:49:b4:0e:ec:9c:5e:e4:cc:
87:f1:1e:05:3b:7c:c8:22:35:52:a2:b4:b4:f5:cf:8f:39:b1:
1b:cc:3f:fe:59:d0:2a:70:6a:a7:5c:59:1d:61:9e:35:d5:34:
33:d0:0a:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6uTgwmLRlHe8tL1ZC3QoQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDM3YTk5MzNiMDUyYzJmMTJlZjFiOGYxNGQ3NGYwNWZk
ZGI2MTEwHhcNMjQwNDA1MTI0ODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODA3YzE3MTVjZmVmNGY1MTkwNmFmNDk1MDM3ZjM3OGM5NzBlNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR2ziYj0YIAVAkQF0tti7HihMAYU
/Jve+zjM2PxTPSTc8SB2RwSBhRoTt4QVLv+m2uagyJpjbP27BI1ojJN73jwWAowy
xabwkkgBoEivbuhxaZBDI3zRAJ4ZCVkk8v9qmvbddP6opUOurJKYkC2vJxAAgvDk
56uZ37MX17aRDhzxJEsLaRiTDhQj+rJps8Epkso7MdWgRDum5ABZZSOuXmCV47qF
GkfT0y8OLfO7SXB6o21pvQr9L4vJgVQdVxR7hvCYfyhpyN61/wd17VLxwatYZpJa
p/jB7ImTZ4qT3bxApvykko13Qyu/v/eFX8kY+4o6UNP5sdt4N5bXeSbovQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBgHwXFc/vT1GQavSVA383jJcOXhMB8GA1UdIwQY
MBaAFIrTepkzsFLC8S7xuPFNdPBf3bYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRONm1UT3dVc0x4THZHNDhVMTA4Rl9kdGhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zZTMxMjYtM2Y0Zi00OGU5LWFiZWYt
NWNiMTFhMzY4ZDEwLzEvR0FmQmNWei05UFVaQnE5SlVEZnplTWx3NWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zZTMxMjYtM2Y0Zi00OGU5LWFiZWYtNWNiMTFhMzY4ZDEw
LzEvaXRONm1UT3dVc0x4THZHNDhVMTA4Rl9kdGhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf0FAwQA
wW5RMA0GCSqGSIb3DQEBCwUAA4IBAQAcGgkAYgbpH3RTL3tJpKAjjFxsudrKtMVD
4tVo9QTyqJZ1Q+MX+1OXjyKiY8iDZIcuclRtHRSRzXD+/+KoVZZEf+5XRULOus+F
iBD7e/Ys/uPD7dvW1uFrmZjSxrupUqAOe0UTDx9w3k9+w2XnlZC8j3YVynVfjbU0
NC+Js94oBYYzMP1eSEATjjtuYC7aEBpt16cZZBF3JrKQh6nrKCawVy6jRhRO3bFB
532053qgnp1LBUNjvHjtM8x3fJ2bmAAuHCOLINA9L1hEbGpGSkZfSbQO7Jxe5MyH
8R4FO3zIIjVSorS09c+PObEbzD/+WdAqcGqnXFkdYZ411TQz0Ar2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:25 2025 by rpki-client