Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/gMeLVRGbcAFG6YXO40nIuHbOLCY.roa
File: gMeLVRGbcAFG6YXO40nIuHbOLCY.roa (raw, json)
Hash identifier: tzpIzCFLgwpflHEnEt50exgGDjotspwuKF5IBP4QBvI=
Subject key identifier: 80:C7:8B:55:11:9B:70:01:46:E9:85:CE:E3:49:C8:B8:76:CE:2C:26
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 0191736A2937D9C00DDB927C94B710E74389
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/gMeLVRGbcAFG6YXO40nIuHbOLCY.roa
Signing time: Wed 21 Aug 2024 05:30:22 +0000
ROA not before: Wed 21 Aug 2024 05:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211970
IP address blocks: 212.126.113.0/24 maxlen: 24
212.126.115.0/24 maxlen: 24
2a04:2dc0:18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Sep 2024 08:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:6a:29:37:d9:c0:0d:db:92:7c:94:b7:10:e7:43:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Aug 21 05:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80c78b55119b700146e985cee349c8b876ce2c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:3a:2c:67:b7:70:5b:b0:3f:bc:fd:fb:36:
5f:c3:4f:50:4b:e7:1e:99:88:0f:3c:d7:0f:55:dc:
20:6b:b5:1a:31:8a:34:06:cf:d4:15:66:a6:e1:c0:
e0:28:6e:3e:53:c6:b6:51:48:b3:5d:60:41:58:3c:
81:34:0b:d8:5d:80:b4:33:a5:8c:c7:eb:8c:f8:51:
65:01:92:bf:c2:66:76:82:85:3c:cc:54:34:c0:69:
7c:39:c7:e4:35:ad:b2:11:c6:0f:97:ff:01:cf:fc:
a9:13:fa:eb:6a:f8:18:7e:02:5b:53:55:72:f4:f9:
28:1f:f2:96:9f:48:98:33:96:54:d9:3a:e2:73:76:
33:4b:d2:66:c4:1d:0f:73:d6:5a:88:b6:8e:2e:36:
41:2f:87:57:92:a5:5b:b3:4e:51:dc:a4:c3:ca:1e:
17:67:56:4d:fd:95:75:f5:e1:b3:6e:2e:be:c5:2f:
9f:22:f2:a2:3a:0a:70:5d:bf:50:8a:28:e1:1b:a6:
5f:22:31:0d:bb:8f:8d:a0:f5:01:79:6a:a6:ea:f6:
46:96:9b:f9:70:fb:57:06:70:83:9c:ed:e2:b6:5a:
de:d1:9d:e0:59:29:bc:0a:fd:64:04:6f:c9:37:64:
7d:1d:ce:98:0d:40:4b:95:73:a8:9d:86:76:ea:42:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C7:8B:55:11:9B:70:01:46:E9:85:CE:E3:49:C8:B8:76:CE:2C:26
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/gMeLVRGbcAFG6YXO40nIuHbOLCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0/24
212.126.115.0/24
IPv6:
2a04:2dc0:18::/48
Signature Algorithm: sha256WithRSAEncryption
e0:98:d8:13:da:be:f0:98:3b:e3:f9:cc:5a:9a:31:08:7e:a9:
15:c3:c0:06:64:68:e0:2a:96:be:2b:18:b5:0e:7e:60:a9:32:
39:c1:d1:26:99:97:92:52:70:3a:24:cf:c3:f6:3a:7f:e9:ad:
e1:b6:d9:04:44:14:17:7f:05:12:08:d9:9d:d1:db:89:de:e8:
6f:5d:1b:63:1f:66:4b:39:f3:ae:f5:24:35:21:86:b6:1c:ca:
0d:a2:28:33:20:ae:96:15:0d:1a:4f:cc:2d:ed:07:df:fc:d0:
c2:b9:9e:52:23:99:ef:9d:6c:f4:cd:45:c3:2a:ce:a5:a1:e7:
d4:5a:21:ad:4b:fb:95:40:94:e2:ce:45:06:83:fc:18:df:58:
00:2c:e2:f9:3c:d8:57:ac:d0:8c:51:93:2d:a8:14:35:f9:6b:
31:21:76:94:55:d0:11:2c:28:21:4b:f7:27:eb:0f:2f:84:59:
6d:e8:d3:b9:c3:af:3e:7b:ab:14:99:15:61:76:90:2d:92:ca:
f0:ab:84:f3:f3:fa:4e:05:4f:89:f9:b0:ec:4c:f4:e8:f6:f2:
11:89:ee:2c:b1:83:39:83:75:9c:fd:a6:8f:52:b4:40:b6:7f:
d0:83:d4:1a:2f:16:ca:ce:3f:b2:b7:7f:7a:35:85:88:78:9c:
a3:b7:ac:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZFzaik32cAN25J8lLcQ50OJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwODIxMDUzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGM3OGI1NTExOWI3MDAxNDZlOTg1Y2VlMzQ5YzhiODc2Y2UyYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxI6LGe3cFuwP7z9+zZfw09QS+ce
mYgPPNcPVdwga7UaMYo0Bs/UFWam4cDgKG4+U8a2UUizXWBBWDyBNAvYXYC0M6WM
x+uM+FFlAZK/wmZ2goU8zFQ0wGl8OcfkNa2yEcYPl/8Bz/ypE/rravgYfgJbU1Vy
9PkoH/KWn0iYM5ZU2Tric3YzS9JmxB0Pc9ZaiLaOLjZBL4dXkqVbs05R3KTDyh4X
Z1ZN/ZV19eGzbi6+xS+fIvKiOgpwXb9QiijhG6ZfIjENu4+NoPUBeWqm6vZGlpv5
cPtXBnCDnO3itlre0Z3gWSm8Cv1kBG/JN2R9Hc6YDUBLlXOonYZ26kJj3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDHi1URm3ABRumFzuNJyLh2ziwmMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL2dNZUxWUkdiY0FGRzZZWE80MG5JdUhiT0xDWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBADUfnED
BADUfnMwDwQCAAIwCQMHACoELcAAGDANBgkqhkiG9w0BAQsFAAOCAQEA4JjYE9q+
8Jg74/nMWpoxCH6pFcPABmRo4CqWvisYtQ5+YKkyOcHRJpmXklJwOiTPw/Y6f+mt
4bbZBEQUF38FEgjZndHbid7ob10bYx9mSznzrvUkNSGGthzKDaIoMyCulhUNGk/M
Le0H3/zQwrmeUiOZ751s9M1FwyrOpaHn1FohrUv7lUCU4s5FBoP8GN9YACzi+TzY
V6zQjFGTLagUNflrMSF2lFXQESwoIUv3J+sPL4RZbejTucOvPnurFJkVYXaQLZLK
8KuE8/P6TgVPifmw7Ez06PbyEYnuLLGDOYN1nP2mj1K0QLZ/0IPUGi8Wys4/srd/
ejWFiHico7es2Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:00:35 2025 by rpki-client