Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/GRyHzFYXPmB4d-ES2mzgZ1wZRw0.roa
File: GRyHzFYXPmB4d-ES2mzgZ1wZRw0.roa (raw, json)
Hash identifier: fTREcYF+GNr/giY/C5qw7MPhu5dLzla0GeQAyeWCdpw=
Subject key identifier: 19:1C:87:CC:56:17:3E:60:78:77:E1:12:DA:6C:E0:67:5C:19:47:0D
Certificate issuer: /CN=115c040ec9754320236cdca64e39390bdde3626a
Certificate serial: 018CC56E753279F87E43A71EDB6DB701A821
Authority key identifier: 11:5C:04:0E:C9:75:43:20:23:6C:DC:A6:4E:39:39:0B:DD:E3:62:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVwEDsl1QyAjbNymTjk5C93jYmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/GRyHzFYXPmB4d-ES2mzgZ1wZRw0.roa
Signing time: Mon 01 Jan 2024 14:29:59 +0000
ROA not before: Mon 01 Jan 2024 14:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30742
IP address blocks: 185.48.220.0/22 maxlen: 22
2a01:9ba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:75:32:79:f8:7e:43:a7:1e:db:6d:b7:01:a8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115c040ec9754320236cdca64e39390bdde3626a
Validity
Not Before: Jan 1 14:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191c87cc56173e607877e112da6ce0675c19470d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:88:52:d6:14:df:76:7b:f2:0f:3a:a4:fc:e3:
13:29:5b:ab:cc:10:50:a2:ba:24:59:6a:13:33:16:
14:5f:0c:88:84:24:8c:94:30:9e:50:28:7a:56:03:
2f:54:6b:fa:cf:75:ff:6d:bb:de:67:29:78:65:2c:
97:03:e1:1c:3b:44:02:a0:86:4d:f5:15:66:87:53:
49:58:95:50:3b:a4:d0:b4:a1:e8:fa:95:2d:86:d5:
98:2e:39:c3:e8:13:58:09:23:88:e7:ce:a1:20:79:
25:82:08:23:f5:6f:55:a1:69:af:09:3c:50:72:60:
c6:f5:ba:bf:79:23:8b:25:5f:a8:d2:cc:9f:fa:1e:
1d:d9:13:b8:6c:fa:07:61:4c:53:46:51:cb:50:10:
9a:39:28:72:13:f0:b0:36:f1:ea:b6:82:f9:40:e8:
85:5c:4a:0f:d8:5e:2d:3d:67:80:23:57:30:64:be:
8d:45:2a:0a:e6:f5:90:67:14:8d:17:ca:19:b3:22:
32:cc:fc:a9:7d:a0:3b:5b:08:41:a8:79:b6:31:13:
de:9e:d3:97:04:45:14:1d:eb:20:43:86:61:4d:8e:
1b:31:88:a3:bb:e3:bd:b7:25:05:cd:29:af:62:59:
30:a2:44:52:00:92:d8:d9:1c:4f:5b:08:0f:77:31:
a6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1C:87:CC:56:17:3E:60:78:77:E1:12:DA:6C:E0:67:5C:19:47:0D
X509v3 Authority Key Identifier:
keyid:11:5C:04:0E:C9:75:43:20:23:6C:DC:A6:4E:39:39:0B:DD:E3:62:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVwEDsl1QyAjbNymTjk5C93jYmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/GRyHzFYXPmB4d-ES2mzgZ1wZRw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e65152-39fb-4976-8cda-70e7d057ff2d/1/EVwEDsl1QyAjbNymTjk5C93jYmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.220.0/22
IPv6:
2a01:9ba0::/32
Signature Algorithm: sha256WithRSAEncryption
54:1e:55:bf:b8:49:87:94:e6:46:c2:4a:19:aa:43:e7:33:1b:
2a:35:36:18:26:08:0c:35:6c:b1:4b:b7:5a:58:3b:cb:db:b1:
e8:bb:3f:c8:99:2c:85:30:42:4a:eb:84:87:2c:52:df:e7:9e:
35:ad:f1:95:46:39:14:ee:cb:a5:19:73:3d:f4:43:46:cb:2f:
d6:d7:7c:fe:3f:74:dd:f1:dd:c0:de:b9:ca:15:9e:94:8f:88:
b8:23:27:48:12:b9:a9:6c:3d:58:93:b3:71:43:57:0d:2e:f4:
75:69:b0:da:12:cc:79:e4:c3:e5:a7:6a:ce:c5:97:d9:7d:26:
45:83:d2:ca:34:a0:40:97:f8:e1:bf:b8:e4:83:a6:92:c9:9e:
70:da:f6:a8:a3:f4:1d:33:5d:99:44:d6:ed:6b:9c:16:32:09:
82:ce:f5:3d:a0:3e:d6:2c:e0:d3:bd:1a:48:a5:d3:16:95:e7:
19:71:5c:9a:ec:a5:a1:2f:45:6b:43:21:a8:8a:36:fb:fb:64:
1e:99:de:0b:c1:47:f0:e3:d5:75:a6:2d:76:20:64:da:ee:1b:
c5:0d:e8:2a:34:cd:d4:d9:d9:ec:7e:f6:e2:e2:15:32:d1:7f:
4e:35:c2:b6:a6:67:24:99:f0:00:a9:e3:00:6d:7c:a0:4b:dd:
93:7c:f0:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbnUyefh+Q6ce2223AaghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWMwNDBlYzk3NTQzMjAyMzZjZGNhNjRlMzkzOTBiZGRl
MzYyNmEwHhcNMjQwMTAxMTQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFjODdjYzU2MTczZTYwNzg3N2UxMTJkYTZjZTA2NzVjMTk0NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YhS1hTfdnvyDzqk/OMTKVurzBBQ
orokWWoTMxYUXwyIhCSMlDCeUCh6VgMvVGv6z3X/bbveZyl4ZSyXA+EcO0QCoIZN
9RVmh1NJWJVQO6TQtKHo+pUthtWYLjnD6BNYCSOI586hIHklgggj9W9VoWmvCTxQ
cmDG9bq/eSOLJV+o0syf+h4d2RO4bPoHYUxTRlHLUBCaOShyE/CwNvHqtoL5QOiF
XEoP2F4tPWeAI1cwZL6NRSoK5vWQZxSNF8oZsyIyzPypfaA7WwhBqHm2MRPentOX
BEUUHesgQ4ZhTY4bMYiju+O9tyUFzSmvYlkwokRSAJLY2RxPWwgPdzGmhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBkch8xWFz5geHfhEtps4GdcGUcNMB8GA1UdIwQY
MBaAFBFcBA7JdUMgI2zcpk45OQvd42JqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZ3RURzbDFReUFqYk55bVRqazVDOTNqWW1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lNjUxNTItMzlmYi00OTc2LThjZGEt
NzBlN2QwNTdmZjJkLzEvR1J5SHpGWVhQbUI0ZC1FUzJtemdaMXdaUncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lNjUxNTItMzlmYi00OTc2LThjZGEtNzBlN2QwNTdmZjJk
LzEvRVZ3RURzbDFReUFqYk55bVRqazVDOTNqWW1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTDcMA0E
AgACMAcDBQAqAZugMA0GCSqGSIb3DQEBCwUAA4IBAQBUHlW/uEmHlOZGwkoZqkPn
MxsqNTYYJggMNWyxS7daWDvL27Houz/ImSyFMEJK64SHLFLf5541rfGVRjkU7sul
GXM99ENGyy/W13z+P3Td8d3A3rnKFZ6Uj4i4IydIErmpbD1Yk7NxQ1cNLvR1abDa
Esx55MPlp2rOxZfZfSZFg9LKNKBAl/jhv7jkg6aSyZ5w2vaoo/QdM12ZRNbta5wW
MgmCzvU9oD7WLODTvRpIpdMWlecZcVya7KWhL0VrQyGoijb7+2Qemd4LwUfw49V1
pi12IGTa7hvFDegqNM3U2dnsfvbi4hUy0X9ONcK2pmckmfAAqeMAbXygS92TfPCm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:26 2025 by rpki-client