Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/GZlmIX7zNhnUE5Bs0V7uleBCtiI.roa
File: GZlmIX7zNhnUE5Bs0V7uleBCtiI.roa (raw, json)
Hash identifier: Gle/qOBlp4blu51X5XoAGKyGDVOnED5Y4x6qFS81TvE=
Subject key identifier: 19:99:66:21:7E:F3:36:19:D4:13:90:6C:D1:5E:EE:95:E0:42:B6:22
Certificate issuer: /CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Certificate serial: 019252EA92DC302520B4C736359512533017
Authority key identifier: 5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/GZlmIX7zNhnUE5Bs0V7uleBCtiI.roa
Signing time: Thu 03 Oct 2024 15:05:57 +0000
ROA not before: Thu 03 Oct 2024 15:05:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16027
IP address blocks: 193.168.160.0/22 maxlen: 22
193.168.161.0/24 maxlen: 24
217.71.64.0/20 maxlen: 20
217.71.67.0/24 maxlen: 24
217.71.68.0/24 maxlen: 24
217.71.69.0/24 maxlen: 24
217.71.73.0/24 maxlen: 24
217.71.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 07:23:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:ea:92:dc:30:25:20:b4:c7:36:35:95:12:53:30:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Validity
Not Before: Oct 3 15:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=199966217ef33619d413906cd15eee95e042b622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2a:89:25:89:e7:4d:e5:1e:ef:e8:4e:24:86:
1f:95:28:35:ae:89:18:65:84:3f:90:ae:f2:ec:62:
20:6e:46:f5:c8:b1:55:d0:6b:5a:c8:69:8e:ec:62:
92:20:a2:cd:7f:07:c9:2a:31:12:9e:62:1f:23:73:
65:c6:72:c8:27:0e:f5:c5:b1:6f:eb:98:29:8d:22:
f3:5e:ba:09:f8:ba:0d:cd:94:7d:6d:cf:8e:1e:30:
f0:d2:63:00:bc:c2:7b:ba:bf:f1:e0:93:4a:86:e2:
30:fa:cb:1b:32:2a:bb:73:58:d2:ef:7c:08:d3:1f:
38:a9:49:c4:3c:e0:71:18:f5:43:0a:c8:ad:8a:0f:
55:28:cd:4b:b9:f2:1e:6a:e3:8f:07:2d:dc:1c:88:
50:e1:86:3c:52:1f:23:b3:7b:63:8e:a7:26:14:f0:
b3:4b:f6:60:46:e7:00:42:53:32:f9:1f:33:0e:ac:
89:79:96:e3:1f:ad:11:54:0d:74:d2:4d:89:4b:bd:
53:07:59:55:e4:04:f9:5c:02:d6:ef:60:7e:b3:83:
71:33:00:b2:6e:0f:c2:83:c6:7c:5d:b6:3f:b4:c3:
28:9f:7c:84:84:08:b3:ff:0c:61:8b:ae:c3:ee:06:
4a:ca:95:b2:18:94:00:24:a6:9f:40:1e:f2:24:d3:
8d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:99:66:21:7E:F3:36:19:D4:13:90:6C:D1:5E:EE:95:E0:42:B6:22
X509v3 Authority Key Identifier:
keyid:5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/GZlmIX7zNhnUE5Bs0V7uleBCtiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.160.0/22
217.71.64.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:30:4d:53:74:07:b2:e6:57:d7:b8:92:c4:a5:52:4a:d3:93:
d8:71:37:a0:2b:15:83:2a:d7:eb:ba:11:19:dc:ca:d9:d6:ed:
35:84:aa:17:8c:e2:a3:f6:92:66:1f:c6:85:18:8c:31:aa:32:
ef:ba:24:b4:cd:14:bc:12:57:74:5c:c1:f3:4b:70:e5:e7:cd:
8c:7a:8a:81:06:37:1c:4c:8c:b3:3b:f5:de:63:80:46:62:e6:
77:c4:fb:f7:60:81:ae:72:1a:74:67:f8:15:4c:78:6d:fa:b3:
b4:f5:8d:79:7b:47:5f:a7:64:71:06:80:3e:85:68:10:6c:ad:
60:fe:82:05:69:d3:28:c5:f9:0d:87:a3:43:cb:bc:d2:67:a5:
81:90:15:43:28:cf:05:07:79:78:a4:31:43:2a:88:61:02:af:
fb:56:8a:33:67:51:32:0d:c9:f3:62:00:27:32:fa:13:ef:79:
4c:fb:55:86:9d:52:a3:dd:45:a8:e0:5e:a8:92:05:d9:0e:f4:
a2:5b:2a:cc:ea:48:63:64:82:ce:dc:a4:3e:df:4b:93:ce:bb:
b1:fe:46:6f:6a:5c:87:1c:cc:82:4b:17:67:ad:c1:a1:ee:18:
fc:5e:47:2e:c9:85:a7:d9:d3:8e:7e:2b:ea:9d:1f:18:03:96:
75:0b:d3:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJS6pLcMCUgtMc2NZUSUzAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmE1N2UxNzA3ZTQzYjJmYTk3ZmNlYjA3OGE1ZDQ2MGU1
NmMxYmYwHhcNMjQxMDAzMTUwNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk5NjYyMTdlZjMzNjE5ZDQxMzkwNmNkMTVlZWU5NWUwNDJiNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCqJJYnnTeUe7+hOJIYflSg1rokY
ZYQ/kK7y7GIgbkb1yLFV0GtayGmO7GKSIKLNfwfJKjESnmIfI3NlxnLIJw71xbFv
65gpjSLzXroJ+LoNzZR9bc+OHjDw0mMAvMJ7ur/x4JNKhuIw+ssbMiq7c1jS73wI
0x84qUnEPOBxGPVDCsitig9VKM1LufIeauOPBy3cHIhQ4YY8Uh8js3tjjqcmFPCz
S/ZgRucAQlMy+R8zDqyJeZbjH60RVA100k2JS71TB1lV5AT5XALW72B+s4NxMwCy
bg/Cg8Z8XbY/tMMon3yEhAiz/wxhi67D7gZKypWyGJQAJKafQB7yJNON8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBmZZiF+8zYZ1BOQbNFe7pXgQrYiMB8GA1UdIwQY
MBaAFF66V+FwfkOy+pf86weKXUYOVsG/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2Mt
YjU5NzI3MDliYjAyLzEvR1psbUlYN3pOaG5VRTVCczBWN3VsZUJDdGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2MtYjU5NzI3MDliYjAy
LzEvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwaigAwQE
2UdAMA0GCSqGSIb3DQEBCwUAA4IBAQCxME1TdAey5lfXuJLEpVJK05PYcTegKxWD
KtfruhEZ3MrZ1u01hKoXjOKj9pJmH8aFGIwxqjLvuiS0zRS8Eld0XMHzS3Dl582M
eoqBBjccTIyzO/XeY4BGYuZ3xPv3YIGuchp0Z/gVTHht+rO09Y15e0dfp2RxBoA+
hWgQbK1g/oIFadMoxfkNh6NDy7zSZ6WBkBVDKM8FB3l4pDFDKohhAq/7VoozZ1Ey
DcnzYgAnMvoT73lM+1WGnVKj3UWo4F6okgXZDvSiWyrM6khjZILO3KQ+30uTzrux
/kZvalyHHMyCSxdnrcGh7hj8XkcuyYWn2dOOfivqnR8YA5Z1C9OA
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:23:35 2025 by rpki-client