Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/GCpkrvzZtVI8EMhfkRnMxKwxiJU.roa
File: GCpkrvzZtVI8EMhfkRnMxKwxiJU.roa (raw, json)
Hash identifier: vJTyShtYDVwDI4L7wvhnQH8NjK4FoiMjZAhuZTfibsU=
Subject key identifier: 18:2A:64:AE:FC:D9:B5:52:3C:10:C8:5F:91:19:CC:C4:AC:31:88:95
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 01902A72A4065176672F06689AC4D7F24291
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/GCpkrvzZtVI8EMhfkRnMxKwxiJU.roa
Signing time: Tue 18 Jun 2024 08:24:34 +0000
ROA not before: Tue 18 Jun 2024 08:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 85.203.21.0/24 maxlen: 24
85.203.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Oct 2024 10:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:72:a4:06:51:76:67:2f:06:68:9a:c4:d7:f2:42:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jun 18 08:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=182a64aefcd9b5523c10c85f9119ccc4ac318895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f9:8f:67:8a:54:cc:4a:8e:f7:d6:1a:a4:c8:
e7:07:8d:c1:ca:5d:31:ad:f6:44:e7:74:81:af:35:
8b:71:cf:e8:85:2f:0f:48:de:50:38:69:60:d6:06:
3b:01:45:68:28:60:6d:84:c3:d9:87:f8:0f:d1:0e:
a2:fa:db:83:3c:6b:a2:99:36:31:c9:90:81:aa:75:
e2:6d:4f:66:d0:93:d0:11:3a:2c:ed:44:e4:65:c0:
0d:05:ed:68:22:ad:11:79:17:29:7d:04:01:bd:e9:
cf:de:d3:43:65:2b:e5:5d:31:83:53:46:a3:55:14:
70:1f:cd:04:af:c3:28:9c:da:3f:79:5f:6f:af:fc:
a6:11:40:e4:2e:a3:d6:79:89:21:29:bf:6f:c7:95:
4b:93:12:fc:2e:9e:8e:53:f3:f3:7e:dd:41:2c:86:
da:41:d6:6b:7c:ad:89:b8:ac:8d:f7:7b:6e:5b:bb:
21:55:89:74:3a:05:ab:83:43:87:c5:c9:2b:40:9e:
31:35:6c:49:7f:aa:fb:e2:bf:c5:94:d9:88:9f:6d:
f1:83:1c:b2:34:5d:20:11:5a:f1:5e:03:71:ab:e4:
0a:cb:c7:3b:78:34:b4:d1:83:af:f2:d4:46:c7:d6:
eb:fe:28:77:3e:6b:e2:1a:8f:28:bc:e2:c8:8f:eb:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2A:64:AE:FC:D9:B5:52:3C:10:C8:5F:91:19:CC:C4:AC:31:88:95
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/GCpkrvzZtVI8EMhfkRnMxKwxiJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.21.0/24
85.203.34.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9c:07:93:b3:89:9c:28:4a:e2:2e:8f:33:07:68:d0:9f:76:
da:28:c8:77:49:5d:73:f1:c1:87:e2:58:26:6a:c2:1f:e6:d2:
d3:2a:f4:e2:a6:5c:f5:49:fe:ae:f0:35:0d:21:48:44:c1:58:
72:18:42:89:d2:e3:76:8d:9c:ba:de:60:e0:26:1b:0a:4d:11:
1f:32:83:1f:ae:1f:0d:de:9c:c5:95:60:28:62:6f:17:a7:be:
99:69:8c:79:15:47:5e:1e:2d:1e:56:51:47:9a:da:51:57:54:
79:62:3f:e0:87:8e:38:5a:6d:85:35:67:37:3f:71:75:2e:7d:
57:82:cf:9d:d0:18:2c:a1:ce:92:ec:67:8e:a5:10:80:ea:a2:
d7:0e:73:0a:68:2e:cd:d6:b1:d7:b2:b8:f4:f9:5c:e0:3b:a4:
72:5d:b1:7d:c2:d8:b8:6b:70:42:cd:2b:86:9a:95:57:42:36:
eb:f6:e7:5b:df:8e:7d:97:32:be:b5:a0:24:77:c7:9e:ba:e5:
38:c7:df:3c:e7:e5:95:86:fb:6d:49:59:31:c1:67:52:02:34:
94:d1:ed:b8:3d:e2:f1:99:30:05:75:21:3b:d1:ee:89:7d:0c:
76:b7:6c:a5:d0:bf:a8:ef:f8:54:20:20:7e:e7:85:5a:b3:67:
91:ed:25:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAqcqQGUXZnLwZomsTX8kKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwNjE4MDgyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODJhNjRhZWZjZDliNTUyM2MxMGM4NWY5MTE5Y2NjNGFjMzE4ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivmPZ4pUzEqO99YapMjnB43Byl0x
rfZE53SBrzWLcc/ohS8PSN5QOGlg1gY7AUVoKGBthMPZh/gP0Q6i+tuDPGuimTYx
yZCBqnXibU9m0JPQETos7UTkZcANBe1oIq0ReRcpfQQBvenP3tNDZSvlXTGDU0aj
VRRwH80Er8MonNo/eV9vr/ymEUDkLqPWeYkhKb9vx5VLkxL8Lp6OU/Pzft1BLIba
QdZrfK2JuKyN93tuW7shVYl0OgWrg0OHxckrQJ4xNWxJf6r74r/FlNmIn23xgxyy
NF0gEVrxXgNxq+QKy8c7eDS00YOv8tRGx9br/ih3PmviGo8ovOLIj+ul5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBgqZK782bVSPBDIX5EZzMSsMYiVMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvR0Nwa3J2elp0Vkk4RU1oZmtSbk14S3d4aUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcsVAwQA
VcsiMA0GCSqGSIb3DQEBCwUAA4IBAQAYnAeTs4mcKEriLo8zB2jQn3baKMh3SV1z
8cGH4lgmasIf5tLTKvTiplz1Sf6u8DUNIUhEwVhyGEKJ0uN2jZy63mDgJhsKTREf
MoMfrh8N3pzFlWAoYm8Xp76ZaYx5FUdeHi0eVlFHmtpRV1R5Yj/gh444Wm2FNWc3
P3F1Ln1Xgs+d0Bgsoc6S7GeOpRCA6qLXDnMKaC7N1rHXsrj0+VzgO6RyXbF9wti4
a3BCzSuGmpVXQjbr9udb3459lzK+taAkd8eeuuU4x9885+WVhvttSVkxwWdSAjSU
0e24PeLxmTAFdSE70e6JfQx2t2yl0L+o7/hUICB+54Vas2eR7SXA
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:06:35 2025 by rpki-client