Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Gw8VO67kWXNI3_8kkE4Efl5k4eI.roa
File: Gw8VO67kWXNI3_8kkE4Efl5k4eI.roa (raw, json)
Hash identifier: BpQ/nsN9empxnXgLCrQNLnoOS0d/IA9Nibdo/3B3Zf0=
Subject key identifier: 1B:0F:15:3B:AE:E4:59:73:48:DF:FF:24:90:4E:04:7E:5E:64:E1:E2
Certificate issuer: /CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Certificate serial: 018CC7932F935FF7085220275DC9CF6273AF
Authority key identifier: 39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Gw8VO67kWXNI3_8kkE4Efl5k4eI.roa
Signing time: Tue 02 Jan 2024 00:29:21 +0000
ROA not before: Tue 02 Jan 2024 00:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201503
IP address blocks: 185.72.210.0/24 maxlen: 24
185.72.209.0/24 maxlen: 24
185.72.208.0/24 maxlen: 24
185.72.208.0/22 maxlen: 22
82.163.120.0/22 maxlen: 22
82.163.132.0/22 maxlen: 22
2a05:3950::/31 maxlen: 31
2a05:3950:f000::/36 maxlen: 36
2a05:3950:8000::/48 maxlen: 48
2a05:3950:8660::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jan 2024 12:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:2f:93:5f:f7:08:52:20:27:5d:c9:cf:62:73:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Validity
Not Before: Jan 2 00:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b0f153baee4597348dfff24904e047e5e64e1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:69:9c:d8:e6:4d:42:c8:d4:0d:42:65:59:
58:73:e5:3e:ec:56:8c:97:32:d4:7e:a4:5f:97:3a:
0c:32:f7:00:0d:2a:8c:c7:9d:44:02:80:61:3e:00:
b7:5c:a0:ee:62:1a:d1:44:95:a2:a6:e1:a5:5c:de:
41:5a:ac:a9:b7:4a:f8:e7:78:4f:ba:93:e8:91:a4:
c5:e9:8f:4a:05:24:aa:81:1f:b6:68:cd:01:dc:39:
ef:db:4d:e8:a2:09:05:f3:0d:5f:3d:dc:f9:32:f7:
7d:52:c3:7a:00:74:ac:e1:83:1a:db:6e:e1:ec:72:
b5:1f:fc:a3:75:06:a5:83:3a:61:ef:f5:2d:66:9b:
b1:14:bd:3b:ad:59:e3:e8:40:9d:f8:e1:71:ed:a4:
45:5c:7c:e1:0b:06:e3:02:de:59:78:04:40:23:79:
b9:70:65:56:f2:6f:d1:de:7d:63:c2:dc:ef:45:e3:
71:58:0c:61:78:45:09:c5:54:d2:da:35:c7:90:a9:
f8:30:fb:d4:3f:b4:39:f1:61:60:91:a7:52:c7:6c:
dc:0b:6f:7c:b6:a2:ec:ab:b1:a9:be:b6:fd:8a:0a:
e2:ac:57:c3:25:60:aa:a1:7c:69:7d:6f:eb:c0:c2:
02:4d:2a:d1:bf:f7:c8:6e:03:02:0f:37:28:8f:23:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:0F:15:3B:AE:E4:59:73:48:DF:FF:24:90:4E:04:7E:5E:64:E1:E2
X509v3 Authority Key Identifier:
keyid:39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Gw8VO67kWXNI3_8kkE4Efl5k4eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/OUiGnOVLnTsvPjmu4snI6xnLWw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.120.0/22
82.163.132.0/22
185.72.208.0/22
IPv6:
2a05:3950::/31
Signature Algorithm: sha256WithRSAEncryption
23:14:e9:8d:3f:ec:d5:7d:27:ac:49:d6:e5:28:1c:47:49:18:
af:86:10:a9:e9:d4:d2:bf:7b:4c:74:c0:4e:43:78:b3:3a:85:
d7:75:f6:b3:f5:79:ad:25:76:08:c0:16:d2:27:db:c8:4e:db:
98:b5:fa:d8:27:e4:45:8f:f9:97:04:43:4e:bc:bf:a8:da:4c:
06:99:ca:95:b2:43:f8:61:3d:52:5d:09:5a:e2:42:b0:86:73:
22:33:6b:62:2a:73:87:c9:90:7a:b4:5c:5e:1a:25:ed:03:26:
32:0b:ab:e3:43:b4:6f:6e:3d:aa:ff:7e:c7:e1:1f:85:22:bb:
f0:10:2a:91:35:ad:5a:b5:49:7d:69:78:4e:45:67:96:ea:e6:
3a:e7:58:6e:2f:e2:f3:31:56:d8:94:43:c0:a8:7a:9c:52:e2:
2e:47:1f:24:f1:37:f4:e7:42:32:e3:d7:c1:fb:98:7f:6b:71:
12:e5:e7:1b:eb:c9:2a:de:fe:9b:00:aa:25:6e:21:9c:a8:ac:
c2:f2:a3:a1:82:77:9d:36:7f:d1:e5:bf:e0:d1:6c:64:61:ca:
21:74:50:be:79:26:a4:ae:c4:f2:6a:60:d0:6c:9d:38:eb:0e:
1a:70:e1:be:24:4a:61:ef:df:13:2d:6d:43:65:10:0b:7d:a9:
73:77:4f:6e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHky+TX/cIUiAnXcnPYnOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDg4NjljZTU0YjlkM2IyZjNlMzlhZWUyYzljOGViMTlj
YjViMGYwHhcNMjQwMTAyMDAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjBmMTUzYmFlZTQ1OTczNDhkZmZmMjQ5MDRlMDQ3ZTVlNjRlMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF1pnNjmTULI1A1CZVlYc+U+7FaM
lzLUfqRflzoMMvcADSqMx51EAoBhPgC3XKDuYhrRRJWipuGlXN5BWqypt0r453hP
upPokaTF6Y9KBSSqgR+2aM0B3Dnv203oogkF8w1fPdz5Mvd9UsN6AHSs4YMa227h
7HK1H/yjdQalgzph7/UtZpuxFL07rVnj6ECd+OFx7aRFXHzhCwbjAt5ZeARAI3m5
cGVW8m/R3n1jwtzvReNxWAxheEUJxVTS2jXHkKn4MPvUP7Q58WFgkadSx2zcC298
tqLsq7Gpvrb9igrirFfDJWCqoXxpfW/rwMICTSrRv/fIbgMCDzcojyPfqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBsPFTuu5FlzSN//JJBOBH5eZOHiMB8GA1UdIwQY
MBaAFDlIhpzlS507Lz45ruLJyOsZy1sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1VpR25PVkxuVHN2UGptdTRzbkk2eG5MV3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kZDAxODktNzk2OS00ZmQ1LTk3NDct
MjhiZGFiY2E3MGNiLzEvR3c4Vk82N2tXWE5JM184a2tFNEVmbDVrNGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kZDAxODktNzk2OS00ZmQ1LTk3NDctMjhiZGFiY2E3MGNi
LzEvT1VpR25PVkxuVHN2UGptdTRzbkk2eG5MV3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCUqN4AwQC
UqOEAwQCuUjQMA0EAgACMAcDBQEqBTlQMA0GCSqGSIb3DQEBCwUAA4IBAQAjFOmN
P+zVfSesSdblKBxHSRivhhCp6dTSv3tMdMBOQ3izOoXXdfaz9XmtJXYIwBbSJ9vI
TtuYtfrYJ+RFj/mXBENOvL+o2kwGmcqVskP4YT1SXQla4kKwhnMiM2tiKnOHyZB6
tFxeGiXtAyYyC6vjQ7Rvbj2q/37H4R+FIrvwECqRNa1atUl9aXhORWeW6uY651hu
L+LzMVbYlEPAqHqcUuIuRx8k8Tf050Iy49fB+5h/a3ES5ecb68kq3v6bAKolbiGc
qKzC8qOhgnedNn/R5b/g0WxkYcohdFC+eSakrsTyamDQbJ046w4acOG+JEph798T
LW1DZRALfalzd09u
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:26 2025 by rpki-client