Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/GNXWP4MIXXZv_Wx1SGm78mApm8Y.roa
File: GNXWP4MIXXZv_Wx1SGm78mApm8Y.roa (raw, json)
Hash identifier: PVcmbI849da9QDOtT2+f8+Zk528OedcilY7aD+CR3B4=
Subject key identifier: 18:D5:D6:3F:83:08:5D:76:6F:FD:6C:75:48:69:BB:F2:60:29:9B:C6
Certificate issuer: /CN=8fd38fb4d3b9a2c7c8fff597718c905b9e2f84cd
Certificate serial: 018CC26D24560C59BC3978CA737A74B616C7
Authority key identifier: 8F:D3:8F:B4:D3:B9:A2:C7:C8:FF:F5:97:71:8C:90:5B:9E:2F:84:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j9OPtNO5osfI__WXcYyQW54vhM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/GNXWP4MIXXZv_Wx1SGm78mApm8Y.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 193.84.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:24:56:0c:59:bc:39:78:ca:73:7a:74:b6:16:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fd38fb4d3b9a2c7c8fff597718c905b9e2f84cd
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d5d63f83085d766ffd6c754869bbf260299bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4a:c3:76:38:cc:35:f4:55:1d:d9:e9:e1:bc:
59:ac:16:d9:a0:21:8a:8d:50:cf:34:56:30:58:08:
58:1d:2a:ee:14:32:b2:9d:d8:c5:c7:e6:6d:79:85:
d0:f0:60:aa:ad:64:84:52:ed:28:b0:a2:de:ce:5f:
b5:e7:24:29:86:4d:6b:fa:98:75:fc:de:44:27:0c:
15:5b:f4:c0:0d:16:19:4d:36:10:cf:d9:40:59:6b:
e5:f8:3f:28:03:c6:0d:88:10:57:82:e7:ad:68:d5:
72:05:18:52:13:ce:06:a9:a0:1c:06:ab:66:eb:5b:
ac:13:67:36:da:65:2f:d2:94:7e:21:f6:d2:cf:0a:
7e:96:c6:36:b3:2b:b2:e2:ee:12:52:9e:72:b1:ff:
a6:dd:c4:36:8c:9a:30:ad:31:3e:f3:be:91:f5:44:
ab:bc:58:a5:f5:43:3a:ca:60:c3:d6:64:9f:56:79:
ea:28:c2:b3:3d:9c:89:ce:6b:12:93:dd:67:61:a7:
1e:07:ab:1c:26:7c:2f:be:a4:72:ee:42:fa:c4:0d:
58:52:92:ce:01:2e:d2:f2:0f:6b:9b:5a:29:8f:2f:
eb:55:c0:68:a9:d7:9e:c5:33:48:7e:ff:57:21:11:
39:4e:59:46:4e:df:ff:3a:45:2e:29:8c:0c:b5:a2:
16:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D5:D6:3F:83:08:5D:76:6F:FD:6C:75:48:69:BB:F2:60:29:9B:C6
X509v3 Authority Key Identifier:
keyid:8F:D3:8F:B4:D3:B9:A2:C7:C8:FF:F5:97:71:8C:90:5B:9E:2F:84:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9OPtNO5osfI__WXcYyQW54vhM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/GNXWP4MIXXZv_Wx1SGm78mApm8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/beaf9d-5b28-4df4-b67d-6a7fa82296c9/1/j9OPtNO5osfI__WXcYyQW54vhM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.136.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:2e:66:db:27:ee:d3:7d:80:77:6d:64:ec:dc:67:17:1e:06:
e2:3d:98:9a:08:e5:e0:3e:f3:15:68:95:7f:23:a1:04:db:db:
71:22:c3:5c:e9:7d:1b:76:fa:b9:e9:d0:cd:3e:09:30:d6:5b:
5a:6e:5e:0d:47:d0:3c:b2:a6:f0:74:7b:34:78:7b:90:42:fc:
ea:7c:a3:1b:aa:3c:32:14:64:86:21:6e:5a:62:a8:11:8e:6b:
21:63:44:3e:b4:d9:f4:f5:15:14:a6:f0:0b:1c:1d:0e:eb:df:
60:2d:c8:d2:60:b1:51:2b:c1:2d:0e:f7:d4:cb:e0:49:ed:2b:
c6:7e:c2:bd:38:14:f6:3c:23:cb:4f:ea:15:23:cd:77:17:1b:
bf:d4:1a:28:f3:9c:24:d1:9a:98:72:cc:51:0a:ca:38:f5:9d:
26:8b:aa:79:50:d2:d8:ea:7f:f4:c0:74:1c:13:2a:53:ef:f8:
15:8f:75:c9:ac:1a:46:41:21:dc:aa:db:89:c1:28:50:02:f3:
b5:87:17:3b:1e:60:7b:f1:10:df:b8:de:36:2d:48:51:35:fb:
b3:8f:05:7b:16:fd:2a:b5:1b:43:b3:96:c9:d4:4f:cb:d4:89:
5e:d1:2e:03:de:7d:1f:9b:b0:2f:ec:b4:5c:63:06:f4:fa:1c:
c3:f0:c7:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSRWDFm8OXjKc3p0thbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZDM4ZmI0ZDNiOWEyYzdjOGZmZjU5NzcxOGM5MDViOWUy
Zjg0Y2QwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ1ZDYzZjgzMDg1ZDc2NmZmZDZjNzU0ODY5YmJmMjYwMjk5YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUrDdjjMNfRVHdnp4bxZrBbZoCGK
jVDPNFYwWAhYHSruFDKyndjFx+ZteYXQ8GCqrWSEUu0osKLezl+15yQphk1r+ph1
/N5EJwwVW/TADRYZTTYQz9lAWWvl+D8oA8YNiBBXguetaNVyBRhSE84GqaAcBqtm
61usE2c22mUv0pR+IfbSzwp+lsY2syuy4u4SUp5ysf+m3cQ2jJowrTE+876R9USr
vFil9UM6ymDD1mSfVnnqKMKzPZyJzmsSk91nYaceB6scJnwvvqRy7kL6xA1YUpLO
AS7S8g9rm1opjy/rVcBoqdeexTNIfv9XIRE5TllGTt//OkUuKYwMtaIWkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjV1j+DCF12b/1sdUhpu/JgKZvGMB8GA1UdIwQY
MBaAFI/Tj7TTuaLHyP/1l3GMkFueL4TNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajlPUHROTzVvc2ZJX19XWGNZeVFXNTR2aE0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iZWFmOWQtNWIyOC00ZGY0LWI2N2Qt
NmE3ZmE4MjI5NmM5LzEvR05YV1A0TUlYWFp2X1d4MVNHbTc4bUFwbThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iZWFmOWQtNWIyOC00ZGY0LWI2N2QtNmE3ZmE4MjI5NmM5
LzEvajlPUHROTzVvc2ZJX19XWGNZeVFXNTR2aE0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwVSIMA0G
CSqGSIb3DQEBCwUAA4IBAQAOLmbbJ+7TfYB3bWTs3GcXHgbiPZiaCOXgPvMVaJV/
I6EE29txIsNc6X0bdvq56dDNPgkw1ltabl4NR9A8sqbwdHs0eHuQQvzqfKMbqjwy
FGSGIW5aYqgRjmshY0Q+tNn09RUUpvALHB0O699gLcjSYLFRK8EtDvfUy+BJ7SvG
fsK9OBT2PCPLT+oVI813Fxu/1Boo85wk0ZqYcsxRCso49Z0mi6p5UNLY6n/0wHQc
EypT7/gVj3XJrBpGQSHcqtuJwShQAvO1hxc7HmB78RDfuN42LUhRNfuzjwV7Fv0q
tRtDs5bJ1E/L1Ile0S4D3n0fm7Av7LRcYwb0+hzD8Meg
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:39 2025 by rpki-client