Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/GXtI_8eb5Ir6coFM83GRueltwlY.roa
File: GXtI_8eb5Ir6coFM83GRueltwlY.roa (raw, json)
Hash identifier: ewEqYatUc2zCDeUmAzMSgzyfqCeGx8AGSzLXU45n5c8=
Subject key identifier: 19:7B:48:FF:C7:9B:E4:8A:FA:72:81:4C:F3:71:91:B9:E9:6D:C2:56
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 0193B5A531A6B4D69AA4E33AC41F36534D87
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/GXtI_8eb5Ir6coFM83GRueltwlY.roa
Signing time: Wed 11 Dec 2024 12:15:22 +0000
ROA not before: Wed 11 Dec 2024 12:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6810
IP address blocks: 147.235.0.0/16 maxlen: 24
147.235.28.0/24 maxlen: 24
147.235.31.0/24 maxlen: 24
147.235.59.0/24 maxlen: 24
147.235.70.0/23 maxlen: 23
147.235.70.0/24 maxlen: 24
147.235.71.0/24 maxlen: 24
147.235.96.0/22 maxlen: 22
147.235.96.0/23 maxlen: 23
147.235.96.0/24 maxlen: 24
147.235.97.0/24 maxlen: 24
147.235.98.0/23 maxlen: 23
147.235.98.0/24 maxlen: 24
147.235.99.0/24 maxlen: 24
147.235.111.0/24 maxlen: 24
147.235.144.0/21 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.182.0/23 maxlen: 23
147.235.182.0/24 maxlen: 24
147.235.183.0/24 maxlen: 24
147.235.192.0/19 maxlen: 24
147.235.192.0/22 maxlen: 22
147.235.192.0/24 maxlen: 24
147.235.193.0/24 maxlen: 24
147.235.194.0/23 maxlen: 24
147.235.194.0/24 maxlen: 24
147.235.195.0/24 maxlen: 24
147.235.196.0/22 maxlen: 22
147.235.196.0/23 maxlen: 24
147.235.196.0/24 maxlen: 24
147.235.197.0/24 maxlen: 24
147.235.198.0/23 maxlen: 24
147.235.198.0/24 maxlen: 24
147.235.199.0/24 maxlen: 24
147.235.200.0/21 maxlen: 21
147.235.200.0/22 maxlen: 22
147.235.200.0/23 maxlen: 24
147.235.200.0/24 maxlen: 24
147.235.201.0/24 maxlen: 24
147.235.202.0/23 maxlen: 24
147.235.202.0/24 maxlen: 24
147.235.203.0/24 maxlen: 24
147.235.204.0/22 maxlen: 22
147.235.204.0/23 maxlen: 24
147.235.204.0/24 maxlen: 24
147.235.205.0/24 maxlen: 24
147.235.206.0/23 maxlen: 24
147.235.206.0/24 maxlen: 24
147.235.207.0/24 maxlen: 24
147.235.208.0/22 maxlen: 23
147.235.208.0/24 maxlen: 24
147.235.209.0/24 maxlen: 24
147.235.210.0/24 maxlen: 24
147.235.211.0/24 maxlen: 24
147.235.212.0/22 maxlen: 23
147.235.212.0/23 maxlen: 23
147.235.212.0/24 maxlen: 24
147.235.213.0/24 maxlen: 24
147.235.214.0/24 maxlen: 24
147.235.215.0/24 maxlen: 24
147.235.216.0/21 maxlen: 21
147.235.216.0/22 maxlen: 23
147.235.216.0/24 maxlen: 24
147.235.217.0/24 maxlen: 24
147.235.218.0/23 maxlen: 23
147.235.218.0/24 maxlen: 24
147.235.219.0/24 maxlen: 24
147.235.220.0/22 maxlen: 22
147.235.220.0/23 maxlen: 23
147.235.220.0/24 maxlen: 24
147.235.221.0/24 maxlen: 24
147.235.222.0/23 maxlen: 23
147.235.222.0/24 maxlen: 24
147.235.223.0/24 maxlen: 24
147.235.226.0/24 maxlen: 24
147.235.228.0/22 maxlen: 24
147.235.253.0/24 maxlen: 24
147.235.254.0/23 maxlen: 24
149.106.128.0/19 maxlen: 24
149.106.224.0/19 maxlen: 24
2a06:c700::/29 maxlen: 48
2a06:c700::/32 maxlen: 48
2a06:c700::/44 maxlen: 44
2a06:c700:2000::/36 maxlen: 36
2a06:c701::/32 maxlen: 32
2a06:c701:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:a5:31:a6:b4:d6:9a:a4:e3:3a:c4:1f:36:53:4d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Dec 11 12:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=197b48ffc79be48afa72814cf37191b9e96dc256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d5:5f:51:f8:8f:58:20:1a:55:02:49:d9:60:
a1:70:2a:1c:3e:a2:02:94:fa:f4:bd:e5:14:9b:a1:
15:23:04:c4:6b:86:3c:61:76:51:5b:29:9c:9f:09:
a3:a8:b9:95:b5:d0:db:0b:ed:78:1c:e6:c2:ba:79:
0c:7c:26:f6:69:87:33:bd:d2:29:20:88:07:08:03:
9f:9f:35:38:7f:64:4d:ef:fe:6b:8e:49:fe:a5:b3:
9a:00:f2:17:8a:14:2a:70:43:5d:98:fa:e3:82:85:
30:05:a8:07:08:a1:b5:f4:06:1d:1f:13:5c:ae:83:
11:5a:3f:5f:da:fb:87:b8:c6:b0:8a:10:c5:93:3b:
07:fd:ec:78:11:d2:1f:52:f8:f7:64:a6:b0:d6:c1:
67:22:85:3e:61:14:b0:47:cc:c5:5a:f3:50:da:69:
e1:96:17:02:e7:8d:42:ca:22:c7:bf:0e:de:df:fd:
72:8b:c5:4b:fb:02:1e:1c:68:75:be:09:fc:1b:43:
2c:d3:88:ad:d7:28:0b:64:0a:fe:15:1a:23:31:8d:
97:b1:0a:8b:04:6d:cb:38:ab:b5:77:2b:b8:29:eb:
b1:01:49:bb:3e:22:e1:9c:88:df:7a:03:bb:b7:02:
6f:9a:f9:01:49:2e:fd:63:77:fb:49:b2:db:29:d9:
bb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7B:48:FF:C7:9B:E4:8A:FA:72:81:4C:F3:71:91:B9:E9:6D:C2:56
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/GXtI_8eb5Ir6coFM83GRueltwlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.0.0/16
149.106.128.0/19
149.106.224.0/19
IPv6:
2a06:c700::/29
Signature Algorithm: sha256WithRSAEncryption
6b:c4:1c:9e:d5:76:d0:d0:2e:67:c4:15:c1:11:21:28:0f:77:
9a:f4:db:9f:4a:ba:7d:73:07:32:04:77:2f:03:af:12:d6:73:
fc:85:23:7d:20:d0:42:f6:ab:bc:44:67:ed:8e:93:4e:07:4e:
16:bb:39:f9:a8:b9:21:c7:00:e1:ec:e7:90:43:7e:82:77:f9:
d9:9e:e5:8c:1b:d5:d4:c4:a5:0a:9d:5c:ef:f9:d2:97:de:fe:
db:21:98:31:94:7e:bb:e1:77:09:ec:3d:ff:12:1f:8b:d6:f6:
4c:6d:47:f3:ab:ae:6b:eb:ca:82:d3:48:1a:b8:93:7c:35:5d:
3e:c1:0a:0b:34:1c:cf:fc:1d:d1:c0:18:07:b4:22:35:fd:43:
eb:84:e9:e2:b6:e8:4f:c2:d9:a2:8f:cf:a0:a8:2e:ce:ba:fa:
f9:4c:2a:b5:ae:38:df:41:c4:81:a0:8a:c2:63:a9:11:fd:eb:
f7:14:04:21:af:6e:4b:e0:50:58:b9:59:d3:18:fe:ce:65:58:
f0:10:40:3d:fa:8e:00:d5:4c:7f:ae:1f:21:d4:3c:65:1e:0a:
bc:72:68:3b:69:fb:4c:53:2a:50:6b:0e:1b:e4:7f:38:aa:4e:
7d:ee:a5:b3:94:9b:fe:5f:72:95:43:7b:91:3c:e0:d1:c5:91:
69:79:e0:f6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZO1pTGmtNaapOM6xB82U02HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjQxMjExMTIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdiNDhmZmM3OWJlNDhhZmE3MjgxNGNmMzcxOTFiOWU5NmRjMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tVfUfiPWCAaVQJJ2WChcCocPqIC
lPr0veUUm6EVIwTEa4Y8YXZRWymcnwmjqLmVtdDbC+14HObCunkMfCb2aYczvdIp
IIgHCAOfnzU4f2RN7/5rjkn+pbOaAPIXihQqcENdmPrjgoUwBagHCKG19AYdHxNc
roMRWj9f2vuHuMawihDFkzsH/ex4EdIfUvj3ZKaw1sFnIoU+YRSwR8zFWvNQ2mnh
lhcC541CyiLHvw7e3/1yi8VL+wIeHGh1vgn8G0Ms04it1ygLZAr+FRojMY2XsQqL
BG3LOKu1dyu4KeuxAUm7PiLhnIjfegO7twJvmvkBSS79Y3f7SbLbKdm7qQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBl7SP/Hm+SK+nKBTPNxkbnpbcJWMB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvR1h0SV84ZWI1SXI2Y29GTTgzR1J1ZWx0d2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAk+sDBAWV
aoADBAWVauAwDQQCAAIwBwMFAyoGxwAwDQYJKoZIhvcNAQELBQADggEBAGvEHJ7V
dtDQLmfEFcERISgPd5r0259Kun1zBzIEdy8DrxLWc/yFI30g0EL2q7xEZ+2Ok04H
Tha7OfmouSHHAOHs55BDfoJ3+dme5Ywb1dTEpQqdXO/50pfe/tshmDGUfrvhdwns
Pf8SH4vW9kxtR/OrrmvryoLTSBq4k3w1XT7BCgs0HM/8HdHAGAe0IjX9Q+uE6eK2
6E/C2aKPz6CoLs66+vlMKrWuON9BxIGgisJjqRH96/cUBCGvbkvgUFi5WdMY/s5l
WPAQQD36jgDVTH+uHyHUPGUeCrxyaDtp+0xTKlBrDhvkfziqTn3upbOUm/5fcpVD
e5E84NHFkWl54PY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:43:58 2025 by rpki-client