Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/GjuX0ohHhepkLhFf2APs3YcB0iw.roa
File: GjuX0ohHhepkLhFf2APs3YcB0iw.roa (raw, json)
Hash identifier: EJsCmKMhFRJB7WyXK4fAyQMmje5+w5JUBXAkancadHA=
Subject key identifier: 1A:3B:97:D2:88:47:85:EA:64:2E:11:5F:D8:03:EC:DD:87:01:D2:2C
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B8125CDF8A883C88B5092F76D1C043
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/GjuX0ohHhepkLhFf2APs3YcB0iw.roa
Signing time: Mon 01 Jan 2024 20:30:01 +0000
ROA not before: Mon 01 Jan 2024 20:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8359
IP address blocks: 212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
178.141.0.0/16 maxlen: 16
213.87.105.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.100.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
89.175.0.0/16 maxlen: 16
213.87.128.0/19 maxlen: 19
213.87.64.0/22 maxlen: 22
81.195.0.0/16 maxlen: 24
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
80.83.237.0/24 maxlen: 24
213.87.80.0/20 maxlen: 20
85.140.0.0/15 maxlen: 24
91.76.0.0/14 maxlen: 14
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
195.34.0.0/19 maxlen: 19
213.87.240.0/22 maxlen: 22
213.87.246.0/24 maxlen: 24
195.34.15.0/24 maxlen: 24
213.87.244.0/23 maxlen: 23
213.87.248.0/22 maxlen: 22
178.155.0.0/17 maxlen: 17
213.87.160.0/22 maxlen: 22
62.118.0.0/16 maxlen: 24
89.175.248.0/21 maxlen: 21
195.34.38.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa0::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa0::/29 maxlen: 29
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
2a02:28:1::/48 maxlen: 48
2a02:28::/29 maxlen: 29
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Mar 2024 07:39:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:12:5c:df:8a:88:3c:88:b5:09:2f:76:d1:c0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a3b97d2884785ea642e115fd803ecdd8701d22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ee:36:44:4f:be:23:19:39:5c:be:7f:13:4f:
7a:b8:8d:8c:7b:f2:57:4b:28:34:27:cb:81:d5:14:
9b:c7:46:df:11:ed:35:6e:8e:25:de:88:a9:f5:e7:
87:e1:ea:36:eb:ef:ed:d8:a9:6e:c6:18:4d:1a:19:
f2:a8:5f:60:bb:4a:6c:92:3c:05:8e:54:14:d2:b7:
0e:9b:83:e4:89:1c:2b:c2:d3:4c:8b:27:42:e7:80:
27:8f:69:e8:50:a0:6d:d4:0f:84:31:51:93:95:25:
6f:15:06:28:b5:d8:1e:d3:39:bd:e0:6e:22:12:5e:
5c:6c:e6:0a:50:88:c2:89:b0:b8:64:f5:aa:d5:5f:
a3:8b:c5:24:82:4c:4b:c1:36:66:d2:48:d6:a9:d0:
f0:0f:ac:f0:45:6f:23:ae:17:1f:54:41:a3:42:34:
83:12:46:33:d0:f3:c5:e8:b8:53:35:59:ea:57:3f:
9a:97:0d:26:86:69:09:ee:73:25:28:cb:d8:f7:a9:
d7:27:39:a2:98:af:47:b2:67:8e:27:3f:0e:46:7a:
49:2a:51:b1:e5:7a:73:13:dd:50:5c:ad:bf:0b:fb:
81:c6:55:81:0b:a0:91:ec:4d:00:40:48:6e:d0:ce:
e6:4e:db:57:95:21:a1:76:a7:11:db:3a:0f:21:21:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3B:97:D2:88:47:85:EA:64:2E:11:5F:D8:03:EC:DD:87:01:D2:2C
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/GjuX0ohHhepkLhFf2APs3YcB0iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.118.0.0/16
80.83.237.0/24
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
89.175.0.0/16
91.76.0.0/14
178.141.0.0/16
178.155.0.0/17
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
48:0a:e7:68:c7:94:de:fd:60:dc:88:52:bd:84:2f:f7:8e:30:
f2:0c:b6:28:7b:3b:c3:ea:2c:09:63:1b:fa:67:6a:79:30:fc:
1b:b6:84:1c:da:f5:ca:a1:d4:c8:c1:fd:8c:8e:e2:b6:36:79:
e8:20:fa:c6:e5:4b:e6:b0:d6:45:71:37:f7:b9:83:0a:dc:2e:
b3:b3:13:20:ac:b3:b9:fb:25:62:2c:86:2e:12:7f:92:ab:a0:
3d:11:55:5e:5f:9d:43:6d:70:eb:19:e3:53:01:94:22:ab:46:
96:1e:66:37:89:40:b8:59:9f:e8:0e:2a:60:cd:b8:ca:20:1f:
8f:06:9e:fb:ab:b5:56:75:15:1a:e9:37:8d:10:69:2b:d9:1a:
8a:dd:0b:5e:e2:a0:d1:57:65:92:c3:2c:b1:e2:6d:94:f9:13:
7c:7b:30:f8:72:d5:58:f3:e7:d0:57:b3:07:b8:54:6f:44:7a:
e0:c0:6a:62:41:9e:2c:fd:f9:30:a3:29:8d:8a:60:fd:a9:b1:
51:2c:e9:ab:c8:72:b2:4e:fc:b1:9b:9e:aa:2e:79:77:58:19:
0f:bb:14:6e:53:cf:dd:95:e9:19:9e:0a:fd:30:a4:6a:f5:46:
53:fd:cd:af:a7:a3:6d:bf:f8:fb:e9:8e:cd:26:44:27:99:fd:
02:c4:82:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzGuBJc34qIPIi1CS920cBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNiOTdkMjg4NDc4NWVhNjQyZTExNWZkODAzZWNkZDg3MDFkMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u42RE++Ixk5XL5/E096uI2Me/JX
Syg0J8uB1RSbx0bfEe01bo4l3oip9eeH4eo26+/t2KluxhhNGhnyqF9gu0pskjwF
jlQU0rcOm4PkiRwrwtNMiydC54Anj2noUKBt1A+EMVGTlSVvFQYotdge0zm94G4i
El5cbOYKUIjCibC4ZPWq1V+ji8UkgkxLwTZm0kjWqdDwD6zwRW8jrhcfVEGjQjSD
EkYz0PPF6LhTNVnqVz+alw0mhmkJ7nMlKMvY96nXJzmimK9HsmeOJz8ORnpJKlGx
5XpzE91QXK2/C/uBxlWBC6CR7E0AQEhu0M7mTttXlSGhdqcR2zoPISEaqwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFBo7l9KIR4XqZC4RX9gD7N2HAdIsMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvR2p1WDBvaEhoZXBrTGhGZjJBUHMzWWNCMGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwWQQCAAEwUwMDAD52AwQA
UFPtAwMAUcMDBAZSYMADAwBT7QMDAVWMAwMAWa8DAwJbTAMDALKNAwQHspsAAwQG
wyIAAwQH1LwAAwMA1VcwCwMEAtlK9AMDANlKMBQEAgACMA4DBQMqAB+gAwUDKgIA
KDANBgkqhkiG9w0BAQsFAAOCAQEASArnaMeU3v1g3IhSvYQv944w8gy2KHs7w+os
CWMb+mdqeTD8G7aEHNr1yqHUyMH9jI7itjZ56CD6xuVL5rDWRXE397mDCtwus7MT
IKyzufslYiyGLhJ/kqugPRFVXl+dQ21w6xnjUwGUIqtGlh5mN4lAuFmf6A4qYM24
yiAfjwae+6u1VnUVGuk3jRBpK9kait0LXuKg0VdlksMsseJtlPkTfHsw+HLVWPPn
0FezB7hUb0R64MBqYkGeLP35MKMpjYpg/amxUSzpq8hysk78sZueqi55d1gZD7sU
blPP3ZXpGZ4K/TCkavVGU/3Nr6ejbb/4++mOzSZEJ5n9AsSCAQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:08 2025 by rpki-client