Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/Gb-iGp-DgH6_eO2l3rW60H86IWk.roa
File: Gb-iGp-DgH6_eO2l3rW60H86IWk.roa (raw, json)
Hash identifier: 0+hsxhSoPie5AKQVuFI9JJgHgEIUsG7orEiHSe2k9Gk=
Subject key identifier: 19:BF:A2:1A:9F:83:80:7E:BF:78:ED:A5:DE:B5:BA:D0:7F:3A:21:69
Certificate issuer: /CN=3ec14cc607d1f0283848f9a815dbe675e2339a7e
Certificate serial: 018CC349103C7E233D9565D7F1DB1417CE5D
Authority key identifier: 3E:C1:4C:C6:07:D1:F0:28:38:48:F9:A8:15:DB:E6:75:E2:33:9A:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/Gb-iGp-DgH6_eO2l3rW60H86IWk.roa
Signing time: Mon 01 Jan 2024 04:29:54 +0000
ROA not before: Mon 01 Jan 2024 04:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209327
IP address blocks: 85.209.116.0/22 maxlen: 22
2a09:94c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:10:3c:7e:23:3d:95:65:d7:f1:db:14:17:ce:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec14cc607d1f0283848f9a815dbe675e2339a7e
Validity
Not Before: Jan 1 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19bfa21a9f83807ebf78eda5deb5bad07f3a2169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:9e:54:66:91:3f:5d:41:2b:50:59:b9:de:
c7:0b:b9:33:fa:7b:a7:27:a1:c8:bd:18:ee:36:1f:
2e:25:c3:0e:2d:41:79:0e:05:3b:47:d9:25:3a:36:
f1:52:19:5f:a4:08:a8:26:c7:1a:43:15:75:b5:ef:
d2:36:27:6c:59:ee:f5:ab:45:ae:c3:15:c9:5c:89:
da:16:74:8a:a0:5b:df:08:e4:27:dd:76:38:98:02:
4f:21:97:f7:03:22:f6:22:ac:cc:f0:5e:05:49:d5:
70:16:32:a4:b0:5c:ea:e4:c2:f5:9d:8f:3c:4e:0f:
51:39:9e:25:1b:8e:58:27:38:f1:46:0d:66:06:76:
54:12:d5:6b:8c:38:47:81:83:49:c8:d5:d0:2b:1c:
68:a0:23:76:ec:00:cc:d4:71:67:36:3a:74:10:4d:
17:16:0f:f7:56:75:25:b3:59:0e:8b:b3:34:0a:04:
c0:d1:86:b1:6e:6d:6c:3a:77:82:b0:f8:2f:f2:31:
30:aa:dc:bd:7d:b8:dd:3e:9c:8f:e2:3a:95:70:63:
28:69:5c:3f:c0:bd:41:e4:e8:46:81:f0:24:2a:04:
fc:13:9c:89:90:aa:3a:7f:45:f1:8e:ec:ee:ce:ab:
b7:bc:4a:15:07:42:33:88:65:c4:d0:50:70:4f:9d:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BF:A2:1A:9F:83:80:7E:BF:78:ED:A5:DE:B5:BA:D0:7F:3A:21:69
X509v3 Authority Key Identifier:
keyid:3E:C1:4C:C6:07:D1:F0:28:38:48:F9:A8:15:DB:E6:75:E2:33:9A:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/Gb-iGp-DgH6_eO2l3rW60H86IWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.116.0/22
IPv6:
2a09:94c0::/29
Signature Algorithm: sha256WithRSAEncryption
82:82:7e:32:b0:25:73:19:c5:be:bc:27:86:58:6d:a2:b3:80:
e2:53:87:9d:9e:6b:71:d1:42:36:d9:e2:b7:d2:80:a1:29:72:
5d:b2:e9:b5:26:87:b3:de:3f:d2:ad:c2:df:74:12:90:14:48:
87:5f:f4:dd:35:5a:05:d2:77:2f:2a:dd:e4:38:65:d9:d7:05:
5f:10:d3:b6:b1:e8:48:00:d1:0f:97:ff:05:a8:a7:e4:c3:07:
c7:0e:45:53:bf:75:26:c6:bc:f4:2b:4c:c6:0d:96:10:d0:85:
b5:b8:1b:c1:ef:b0:7f:d4:8e:67:ad:94:b9:e7:4a:17:67:4b:
5b:9f:99:75:53:77:72:f7:ed:61:c8:d4:e2:37:60:59:cc:40:
30:32:cd:73:79:ae:b8:41:66:c7:7b:d5:a0:27:e1:12:4a:03:
45:03:d7:aa:b9:00:16:13:21:09:fb:5a:11:bb:2b:ab:8d:61:
a5:9a:60:74:7a:e8:e5:7f:83:bf:38:c7:6b:4a:a7:54:a8:cb:
dd:ad:83:9e:ab:96:ad:0f:0e:60:7b:fa:f4:54:30:9b:d0:fd:
7e:1e:b6:9f:36:67:f8:7e:95:92:98:8e:03:e1:49:54:3b:dd:
ff:f7:7d:13:91:bd:a4:23:f7:e8:66:11:a2:78:d3:57:75:6d:
fd:84:31:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSRA8fiM9lWXX8dsUF85dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzE0Y2M2MDdkMWYwMjgzODQ4ZjlhODE1ZGJlNjc1ZTIz
MzlhN2UwHhcNMjQwMTAxMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWJmYTIxYTlmODM4MDdlYmY3OGVkYTVkZWI1YmFkMDdmM2EyMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVOeVGaRP11BK1BZud7HC7kz+nun
J6HIvRjuNh8uJcMOLUF5DgU7R9klOjbxUhlfpAioJscaQxV1te/SNidsWe71q0Wu
wxXJXInaFnSKoFvfCOQn3XY4mAJPIZf3AyL2IqzM8F4FSdVwFjKksFzq5ML1nY88
Tg9ROZ4lG45YJzjxRg1mBnZUEtVrjDhHgYNJyNXQKxxooCN27ADM1HFnNjp0EE0X
Fg/3VnUls1kOi7M0CgTA0Yaxbm1sOneCsPgv8jEwqty9fbjdPpyP4jqVcGMoaVw/
wL1B5OhGgfAkKgT8E5yJkKo6f0Xxjuzuzqu3vEoVB0IziGXE0FBwT50rkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBm/ohqfg4B+v3jtpd61utB/OiFpMB8GA1UdIwQY
MBaAFD7BTMYH0fAoOEj5qBXb5nXiM5p+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNGTXhnZlI4Q2c0U1Btb0Zkdm1kZUl6bW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83NTRiZDYtZmQ2YS00ZGM2LWE5Mjct
NzY5YTBjNWVlYTBkLzEvR2ItaUdwLURnSDZfZU8ybDNyVzYwSDg2SVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83NTRiZDYtZmQ2YS00ZGM2LWE5MjctNzY5YTBjNWVlYTBk
LzEvUHNGTXhnZlI4Q2c0U1Btb0Zkdm1kZUl6bW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdF0MA0E
AgACMAcDBQMqCZTAMA0GCSqGSIb3DQEBCwUAA4IBAQCCgn4ysCVzGcW+vCeGWG2i
s4DiU4ednmtx0UI22eK30oChKXJdsum1Joez3j/SrcLfdBKQFEiHX/TdNVoF0ncv
Kt3kOGXZ1wVfENO2sehIANEPl/8FqKfkwwfHDkVTv3Umxrz0K0zGDZYQ0IW1uBvB
77B/1I5nrZS550oXZ0tbn5l1U3dy9+1hyNTiN2BZzEAwMs1zea64QWbHe9WgJ+ES
SgNFA9equQAWEyEJ+1oRuyurjWGlmmB0eujlf4O/OMdrSqdUqMvdrYOeq5atDw5g
e/r0VDCb0P1+HrafNmf4fpWSmI4D4UlUO93/930Tkb2kI/foZhGieNNXdW39hDEa
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:39 2025 by rpki-client