Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/gwRD-CUv4Moz1c2qUa7Zo1pklEM.roa
File: gwRD-CUv4Moz1c2qUa7Zo1pklEM.roa (raw, json)
Hash identifier: vodpaiMKlIvw6G8nNRchVW+W6aV/lUBQbi3WYFYFY0Y=
Subject key identifier: 83:04:43:F8:25:2F:E0:CA:33:D5:CD:AA:51:AE:D9:A3:5A:64:94:43
Certificate issuer: /CN=89d5d1288a3c2ae17f99cbb18917700189bd4720
Certificate serial: 019423D71EB50E65E4C7037A342C79C493B9
Authority key identifier: 89:D5:D1:28:8A:3C:2A:E1:7F:99:CB:B1:89:17:70:01:89:BD:47:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idXRKIo8KuF_mcuxiRdwAYm9RyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/gwRD-CUv4Moz1c2qUa7Zo1pklEM.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7155
IP address blocks: 37.99.208.0/21 maxlen: 21
37.99.208.0/24 maxlen: 24
37.99.209.0/24 maxlen: 24
37.99.210.0/24 maxlen: 24
37.99.211.0/24 maxlen: 24
37.99.212.0/24 maxlen: 24
37.99.213.0/24 maxlen: 24
37.99.214.0/24 maxlen: 24
37.99.215.0/24 maxlen: 24
185.155.196.0/24 maxlen: 24
185.155.198.0/23 maxlen: 23
185.155.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 15:51:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1e:b5:0e:65:e4:c7:03:7a:34:2c:79:c4:93:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d5d1288a3c2ae17f99cbb18917700189bd4720
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=830443f8252fe0ca33d5cdaa51aed9a35a649443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:91:1a:44:d2:db:11:90:30:76:98:03:88:8f:
d6:d0:0b:8c:ac:f9:44:e6:2c:9e:15:b1:30:0f:59:
e8:be:59:38:5e:03:fe:41:14:cb:af:f8:5d:1a:5c:
cc:8f:a0:e4:c8:46:b8:27:0a:66:49:34:c1:8d:6d:
eb:bf:46:06:4e:7e:97:e4:06:a4:9e:68:bc:03:15:
b7:7b:3f:fc:d5:30:e6:43:ff:65:ae:ec:4f:65:31:
66:75:c7:c7:a0:57:db:ea:9f:a5:26:e0:ef:bd:66:
f6:60:e6:12:53:5d:fb:4c:40:39:83:f3:68:96:17:
19:5f:bf:59:9d:2e:40:01:0f:8d:8b:b7:ce:2a:9a:
a3:99:b9:f7:89:c0:c3:e0:c2:b8:27:c2:6f:3f:de:
a3:b1:b1:c6:3d:21:a5:06:3e:e0:b1:ee:97:08:2a:
0c:74:97:77:51:14:c4:79:ee:bd:1b:57:9e:a4:33:
8f:f7:7b:be:79:62:d1:39:f8:50:a8:2e:46:b1:32:
87:57:9e:58:6c:54:5e:f9:45:b6:3f:30:d2:23:04:
60:0d:cc:90:96:0a:38:cd:d1:3e:84:a4:cf:6c:c6:
6c:6a:94:f2:77:f3:a1:92:1e:75:ff:3c:cc:94:e7:
bc:0a:a7:62:7b:c6:c4:c4:f4:72:fc:77:e9:f7:fe:
82:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:04:43:F8:25:2F:E0:CA:33:D5:CD:AA:51:AE:D9:A3:5A:64:94:43
X509v3 Authority Key Identifier:
keyid:89:D5:D1:28:8A:3C:2A:E1:7F:99:CB:B1:89:17:70:01:89:BD:47:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idXRKIo8KuF_mcuxiRdwAYm9RyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/gwRD-CUv4Moz1c2qUa7Zo1pklEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8d1756-225f-4579-b1e6-9d609770a9ea/1/idXRKIo8KuF_mcuxiRdwAYm9RyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.208.0/21
185.155.196.0/24
185.155.198.0/23
Signature Algorithm: sha256WithRSAEncryption
10:26:51:59:18:d8:b9:9e:80:96:12:0a:92:82:67:67:9d:12:
0b:8b:70:81:79:74:32:e7:77:31:3e:16:7b:1e:79:be:7c:4d:
d6:d8:0f:7a:91:b5:2a:1f:c8:3f:95:47:ca:b0:64:d6:62:a7:
d8:c2:6f:81:3a:eb:50:1c:60:e1:ce:f8:aa:e5:7d:99:ec:ca:
b9:8b:e4:24:10:d4:96:39:ad:0a:8e:df:1c:67:61:72:a1:96:
f4:54:65:61:cb:fd:5b:97:7e:c7:10:b8:0e:02:63:97:d9:e1:
7d:d0:dd:db:f5:d4:38:3e:cd:fc:68:c6:c7:cb:dd:b8:bb:b9:
94:3b:d1:46:17:01:f1:18:28:b0:7f:88:8e:d8:f0:2e:97:e0:
64:3a:19:4e:37:41:92:78:0a:f2:1e:8c:83:a3:d2:11:a1:16:
85:75:18:8c:52:7c:f1:c3:1c:19:44:45:ea:92:42:f3:d6:ac:
07:c4:36:84:41:ca:0f:f2:71:71:53:09:f6:b1:f5:83:43:a1:
93:01:a4:66:9c:f9:82:aa:41:5e:5d:5b:19:95:67:69:f6:2b:
b4:c8:86:3e:e0:a2:28:a8:80:10:ee:b4:42:17:a9:a4:5d:d1:
ed:8b:74:05:ce:df:06:fe:49:7a:0a:2e:b0:c1:c5:b4:fa:36:
34:a3:44:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj1x61DmXkxwN6NCx5xJO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDVkMTI4OGEzYzJhZTE3Zjk5Y2JiMTg5MTc3MDAxODli
ZDQ3MjAwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzA0NDNmODI1MmZlMGNhMzNkNWNkYWE1MWFlZDlhMzVhNjQ5NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpEaRNLbEZAwdpgDiI/W0AuMrPlE
5iyeFbEwD1novlk4XgP+QRTLr/hdGlzMj6DkyEa4JwpmSTTBjW3rv0YGTn6X5Aak
nmi8AxW3ez/81TDmQ/9lruxPZTFmdcfHoFfb6p+lJuDvvWb2YOYSU137TEA5g/No
lhcZX79ZnS5AAQ+Ni7fOKpqjmbn3icDD4MK4J8JvP96jsbHGPSGlBj7gse6XCCoM
dJd3URTEee69G1eepDOP93u+eWLROfhQqC5GsTKHV55YbFRe+UW2PzDSIwRgDcyQ
lgo4zdE+hKTPbMZsapTyd/Ohkh51/zzMlOe8Cqdie8bExPRy/Hfp9/6CGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIMEQ/glL+DKM9XNqlGu2aNaZJRDMB8GA1UdIwQY
MBaAFInV0SiKPCrhf5nLsYkXcAGJvUcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRYUktJbzhLdUZfbWN1eGlSZHdBWW05UnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZDE3NTYtMjI1Zi00NTc5LWIxZTYt
OWQ2MDk3NzBhOWVhLzEvZ3dSRC1DVXY0TW96MWMycVVhN1pvMXBrbEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZDE3NTYtMjI1Zi00NTc5LWIxZTYtOWQ2MDk3NzBhOWVh
LzEvaWRYUktJbzhLdUZfbWN1eGlSZHdBWW05UnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJWPQAwQA
uZvEAwQBuZvGMA0GCSqGSIb3DQEBCwUAA4IBAQAQJlFZGNi5noCWEgqSgmdnnRIL
i3CBeXQy53cxPhZ7Hnm+fE3W2A96kbUqH8g/lUfKsGTWYqfYwm+BOutQHGDhzviq
5X2Z7Mq5i+QkENSWOa0Kjt8cZ2FyoZb0VGVhy/1bl37HELgOAmOX2eF90N3b9dQ4
Ps38aMbHy924u7mUO9FGFwHxGCiwf4iO2PAul+BkOhlON0GSeAryHoyDo9IRoRaF
dRiMUnzxwxwZREXqkkLz1qwHxDaEQcoP8nFxUwn2sfWDQ6GTAaRmnPmCqkFeXVsZ
lWdp9iu0yIY+4KIoqIAQ7rRCF6mkXdHti3QFzt8G/kl6Ci6wwcW0+jY0o0Qb
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:09 2025 by rpki-client