Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/gEg17zjd8Impd_QAPuJWyy1TOg0.roa
File: gEg17zjd8Impd_QAPuJWyy1TOg0.roa (raw, json)
Hash identifier: D2Z9g2ahEoFrpW4aztWeZEDsKrRhT3xm8LQ7rlt1GM8=
Subject key identifier: 80:48:35:EF:38:DD:F0:89:A9:77:F4:00:3E:E2:56:CB:2D:53:3A:0D
Certificate issuer: /CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Certificate serial: 018CC72732CA83987EC8A2BCF447100EC469
Authority key identifier: 9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/gEg17zjd8Impd_QAPuJWyy1TOg0.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 194.115.212.0/24 maxlen: 24
194.115.212.0/22 maxlen: 22
194.115.213.0/24 maxlen: 24
194.115.215.0/24 maxlen: 24
194.115.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:32:ca:83:98:7e:c8:a2:bc:f4:47:10:0e:c4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=804835ef38ddf089a977f4003ee256cb2d533a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f6:92:0b:c6:c2:c9:ce:71:17:14:c3:3c:77:
fe:c2:fe:49:39:aa:af:2e:eb:79:df:2f:e3:83:87:
b3:1d:82:4a:cb:41:b8:40:55:39:eb:cb:24:52:23:
d7:32:76:51:90:43:36:4c:ef:c3:27:dd:73:ab:f5:
fd:8e:f3:df:9a:eb:99:91:76:e0:fe:ea:8f:b1:05:
71:5f:d7:aa:e8:55:1b:c0:f3:3a:1d:33:a4:bf:1e:
61:32:b6:17:c4:8e:a4:c7:f6:c6:d7:85:b2:3c:b1:
cf:71:d2:1f:3c:e7:31:75:3d:7a:4e:2e:09:cc:4b:
56:90:88:60:90:3c:ee:c5:8d:3a:da:46:2b:c2:9b:
93:b6:ba:2f:f9:d6:98:4e:29:fe:2f:a1:73:0f:08:
4d:6c:92:2c:d2:e8:c4:73:5d:91:12:63:18:2f:61:
6a:3c:95:25:ab:31:bd:cd:35:08:d2:58:c4:19:36:
7c:19:3c:80:5b:74:77:2c:e4:62:fd:9a:b4:ab:dd:
79:79:c1:c0:d4:5c:f6:82:e3:a1:f8:18:f8:b5:3b:
e3:9a:e2:1e:12:f9:44:5e:1b:6f:47:af:a4:4c:5a:
af:9a:ab:32:d5:7a:b5:b6:d6:b9:5a:d6:7d:ea:af:
b0:e3:46:1c:10:0a:8c:1c:cc:9d:06:96:94:fc:6d:
98:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:48:35:EF:38:DD:F0:89:A9:77:F4:00:3E:E2:56:CB:2D:53:3A:0D
X509v3 Authority Key Identifier:
keyid:9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/gEg17zjd8Impd_QAPuJWyy1TOg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/m8b9PzLKRZTJYHVlmnCJsnrj_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.115.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:71:1f:e8:3c:52:21:e6:55:f3:2a:63:28:af:c6:d8:b9:38:
c3:82:29:51:4a:5c:71:3b:0f:34:f2:f7:14:0e:aa:9c:78:ff:
d6:30:14:ff:78:4e:84:22:26:db:f1:7b:ac:fa:de:60:d6:0a:
30:fb:0e:c7:5e:d4:c7:91:37:bc:d0:f5:1f:59:f2:c5:a7:40:
19:05:00:79:6f:34:06:ad:5f:70:d7:63:28:f2:01:37:6c:70:
0b:63:90:08:d0:e4:e0:df:11:b2:1c:71:79:f6:76:d2:33:a3:
f6:b2:28:43:01:9c:3d:d2:62:bb:93:2c:1b:8f:18:35:73:f7:
ac:2a:f7:33:0d:12:cf:96:24:c8:96:27:17:1b:40:06:12:1b:
6f:0d:88:ed:39:48:c0:19:c9:07:b1:28:13:c6:88:d7:64:a1:
cd:32:32:c4:a8:82:07:90:69:de:d2:6a:2b:eb:a0:18:2a:34:
b0:eb:ce:0c:cc:ab:3e:b0:0b:38:a1:ad:04:f1:37:8a:37:ef:
76:02:f8:b2:85:d8:ff:02:5f:63:86:7a:13:ed:63:88:fa:ec:
af:60:3b:82:0a:ad:a4:64:2f:94:00:36:ea:7b:63:e0:96:8b:
7d:fa:0e:52:09:c1:5b:af:a7:80:e5:07:ae:aa:92:22:e6:49:
99:66:9a:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJzLKg5h+yKK89EcQDsRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzZmZDNmMzJjYTQ1OTRjOTYwNzU2NTlhNzA4OWIyN2Fl
M2ZlZjMwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDQ4MzVlZjM4ZGRmMDg5YTk3N2Y0MDAzZWUyNTZjYjJkNTMzYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPaSC8bCyc5xFxTDPHf+wv5JOaqv
Lut53y/jg4ezHYJKy0G4QFU568skUiPXMnZRkEM2TO/DJ91zq/X9jvPfmuuZkXbg
/uqPsQVxX9eq6FUbwPM6HTOkvx5hMrYXxI6kx/bG14WyPLHPcdIfPOcxdT16Ti4J
zEtWkIhgkDzuxY062kYrwpuTtrov+daYTin+L6FzDwhNbJIs0ujEc12REmMYL2Fq
PJUlqzG9zTUI0ljEGTZ8GTyAW3R3LORi/Zq0q915ecHA1Fz2guOh+Bj4tTvjmuIe
EvlEXhtvR6+kTFqvmqsy1Xq1tta5WtZ96q+w40YcEAqMHMydBpaU/G2Y4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBINe843fCJqXf0AD7iVsstUzoNMB8GA1UdIwQY
MBaAFJvG/T8yykWUyWB1ZZpwibJ64/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYt
ZGNiZTUzZGE3ODYwLzEvZ0VnMTd6amQ4SW1wZF9RQVB1Sld5eTFUT2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYtZGNiZTUzZGE3ODYw
LzEvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwnPUMA0G
CSqGSIb3DQEBCwUAA4IBAQC3cR/oPFIh5lXzKmMor8bYuTjDgilRSlxxOw808vcU
DqqceP/WMBT/eE6EIibb8Xus+t5g1gow+w7HXtTHkTe80PUfWfLFp0AZBQB5bzQG
rV9w12Mo8gE3bHALY5AI0OTg3xGyHHF59nbSM6P2sihDAZw90mK7kywbjxg1c/es
KvczDRLPliTIlicXG0AGEhtvDYjtOUjAGckHsSgTxojXZKHNMjLEqIIHkGne0mor
66AYKjSw684MzKs+sAs4oa0E8TeKN+92Aviyhdj/Al9jhnoT7WOI+uyvYDuCCq2k
ZC+UADbqe2Pglot9+g5SCcFbr6eA5QeuqpIi5kmZZppb
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:55:28 2025 by rpki-client