Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gFwub2iP2TIwQHImQXIJo_DUPwE.roa
File: gFwub2iP2TIwQHImQXIJo_DUPwE.roa (raw, json)
Hash identifier: SIDv3xir99H3ZNK/NIngM23og8Kg52ZnjoACnRJTODs=
Subject key identifier: 80:5C:2E:6F:68:8F:D9:32:30:40:72:26:41:72:09:A3:F0:D4:3F:01
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019598CE456BBE97C5898106961D67D3F82F
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gFwub2iP2TIwQHImQXIJo_DUPwE.roa
Signing time: Sat 15 Mar 2025 07:56:49 +0000
ROA not before: Sat 15 Mar 2025 07:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 93.190.13.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 17:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:98:ce:45:6b:be:97:c5:89:81:06:96:1d:67:d3:f8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 15 07:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=805c2e6f688fd93230407226417209a3f0d43f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8a:21:09:d1:0b:b8:6c:78:f9:78:9e:6b:7a:
31:48:c3:8d:d1:0d:a5:e5:15:14:ee:d2:48:a6:20:
b6:4f:7c:c2:46:be:e5:50:4e:7a:f7:bd:8b:8b:64:
98:66:22:d2:4c:d9:19:1a:e5:d6:a7:e1:76:26:e6:
70:c9:59:ce:38:2e:4d:f5:0d:09:14:17:31:ba:ac:
75:4b:41:42:9c:0f:40:34:ed:6a:cc:44:d9:39:4e:
1a:01:d6:99:65:05:5a:dc:4f:97:82:d5:bc:d4:63:
f8:ab:97:1f:2f:2e:83:8f:98:3c:c9:b9:76:a0:9d:
ae:40:5a:e5:82:47:08:30:17:5c:f8:5e:d3:54:cb:
5a:2f:17:5a:5a:07:fa:6c:27:78:d9:cb:c6:af:0a:
bb:e6:ba:63:e5:23:f0:46:bf:7c:ca:3a:29:a0:5a:
3c:9f:17:49:07:2c:2b:56:8d:10:29:e7:d6:73:14:
27:aa:94:a6:a9:5d:be:85:ab:6b:7f:a7:68:80:3e:
a3:6e:11:38:7d:02:37:d7:e0:df:c9:c1:69:7f:72:
62:35:1b:db:2a:62:d3:c5:2f:38:4d:f5:03:3b:b5:
d0:f5:66:94:e7:f8:dc:c3:06:8e:3d:4b:6e:08:a9:
31:cd:ff:05:38:e8:b0:f1:10:fa:d5:46:88:7e:23:
c5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5C:2E:6F:68:8F:D9:32:30:40:72:26:41:72:09:A3:F0:D4:3F:01
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gFwub2iP2TIwQHImQXIJo_DUPwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.13.0/24
160.20.108.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:82:a2:3b:8e:3c:60:b7:e0:45:6d:4d:1a:d5:a5:e4:06:d8:
9d:a0:59:fc:11:68:c8:42:2a:9b:53:6c:7f:78:ad:10:c4:5f:
d7:64:cb:d0:c9:44:cb:16:6f:8d:3c:bf:e2:90:14:29:3b:b1:
49:f6:82:f7:04:f2:14:05:2d:5d:31:15:b5:a1:55:c8:e0:2a:
e3:73:ef:73:e3:0b:5c:f4:66:47:80:fa:3a:0c:56:31:cf:1d:
7c:4a:18:7d:df:30:30:27:5e:c7:f2:0b:ca:7d:5d:f5:86:41:
d8:13:7a:c3:b8:3d:38:c6:36:66:9e:d9:bf:01:57:dd:84:0d:
ae:e6:d4:44:ae:11:f2:91:cc:26:55:8d:1f:48:09:93:34:b8:
20:83:89:40:c0:ef:be:90:7e:83:41:d7:05:62:68:4d:de:88:
a6:48:bd:ea:34:08:3c:a0:6e:ef:f2:c6:c5:e1:e9:83:09:19:
06:b9:bb:d5:2e:31:ff:ac:a0:86:d8:63:fa:1f:b3:1a:65:5a:
85:c6:9b:4c:4d:38:06:24:3a:c1:0d:2e:12:d8:25:5a:6e:d1:
12:ed:46:46:fb:88:d2:74:a8:95:5c:21:65:c9:8c:dc:16:bb:
35:b3:21:fb:a5:44:93:5d:96:91:12:8a:34:f7:36:49:7a:3f:
b6:5e:d7:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWYzkVrvpfFiYEGlh1n0/gvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMzE1MDc1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVjMmU2ZjY4OGZkOTMyMzA0MDcyMjY0MTcyMDlhM2YwZDQzZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYohCdELuGx4+Xiea3oxSMON0Q2l
5RUU7tJIpiC2T3zCRr7lUE56972Li2SYZiLSTNkZGuXWp+F2JuZwyVnOOC5N9Q0J
FBcxuqx1S0FCnA9ANO1qzETZOU4aAdaZZQVa3E+XgtW81GP4q5cfLy6Dj5g8ybl2
oJ2uQFrlgkcIMBdc+F7TVMtaLxdaWgf6bCd42cvGrwq75rpj5SPwRr98yjopoFo8
nxdJBywrVo0QKefWcxQnqpSmqV2+hatrf6dogD6jbhE4fQI31+DfycFpf3JiNRvb
KmLTxS84TfUDO7XQ9WaU5/jcwwaOPUtuCKkxzf8FOOiw8RD61UaIfiPFSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIBcLm9oj9kyMEByJkFyCaPw1D8BMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZ0Z3dWIyaVAyVEl3UUhJbVFYSUpvX0RVUHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXb4NAwQB
oBRsMA0GCSqGSIb3DQEBCwUAA4IBAQArgqI7jjxgt+BFbU0a1aXkBtidoFn8EWjI
QiqbU2x/eK0QxF/XZMvQyUTLFm+NPL/ikBQpO7FJ9oL3BPIUBS1dMRW1oVXI4Crj
c+9z4wtc9GZHgPo6DFYxzx18Shh93zAwJ17H8gvKfV31hkHYE3rDuD04xjZmntm/
AVfdhA2u5tRErhHykcwmVY0fSAmTNLggg4lAwO++kH6DQdcFYmhN3oimSL3qNAg8
oG7v8sbF4emDCRkGubvVLjH/rKCG2GP6H7MaZVqFxptMTTgGJDrBDS4S2CVabtES
7UZG+4jSdKiVXCFlyYzcFrs1syH7pUSTXZaREoo09zZJej+2Xtc9
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:30:08 2025 by rpki-client