Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/gaCICU3X8TlXfc4CeKtFfAvV-pM.roa
File: gaCICU3X8TlXfc4CeKtFfAvV-pM.roa (raw, json)
Hash identifier: 9Io3g6MEsVkIpntewa7kBszL4QxLWiyShgCYuzGy7lI=
Subject key identifier: 81:A0:88:09:4D:D7:F1:39:57:7D:CE:02:78:AB:45:7C:0B:D5:FA:93
Certificate issuer: /CN=885e6e65e8d74182039634566cd1fa2b2b325702
Certificate serial: 01947100836B325FCADDFEB1CB9E7D24F01B
Authority key identifier: 88:5E:6E:65:E8:D7:41:82:03:96:34:56:6C:D1:FA:2B:2B:32:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iF5uZejXQYIDljRWbNH6KysyVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/gaCICU3X8TlXfc4CeKtFfAvV-pM.roa
Signing time: Thu 16 Jan 2025 21:24:06 +0000
ROA not before: Thu 16 Jan 2025 21:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42638
IP address blocks: 91.189.200.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 22 Jan 2025 23:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:71:00:83:6b:32:5f:ca:dd:fe:b1:cb:9e:7d:24:f0:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885e6e65e8d74182039634566cd1fa2b2b325702
Validity
Not Before: Jan 16 21:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81a088094dd7f139577dce0278ab457c0bd5fa93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b9:b8:d6:2a:80:b7:f5:a4:c4:27:f8:82:74:
69:aa:1f:3f:42:4b:91:ca:c0:e3:96:b0:93:32:9c:
bb:ed:fa:99:ae:ee:75:4d:c6:70:e0:00:b8:0d:71:
15:8f:1e:5e:0c:ca:01:a8:bf:9c:d3:ad:53:68:23:
76:fd:3c:22:74:70:a6:44:82:e9:89:f5:22:2c:f1:
88:73:e5:c0:c0:fb:bc:9d:20:ec:2b:c7:43:31:6f:
97:0d:8b:a4:52:09:1d:63:a0:6c:59:f9:fb:49:f3:
ad:4a:c8:8d:47:87:4a:47:fe:d1:ee:dd:29:b6:98:
16:4d:87:ed:da:85:ba:f4:60:ac:7a:c9:e4:8f:66:
16:92:bc:8c:94:5e:60:e0:7f:f3:19:7a:b2:c6:8b:
52:93:69:06:92:ff:8d:01:0d:98:f4:4e:39:64:ce:
5b:e3:21:43:29:10:3f:c0:99:ef:04:fa:0e:cf:d1:
c6:ed:5f:63:42:a6:46:bd:be:c1:8a:c1:2d:b9:be:
53:34:13:78:ec:c6:c2:a4:00:3d:f1:5a:cd:87:57:
6d:3a:28:4f:aa:ef:7d:27:62:42:6b:1a:e6:28:72:
6e:80:3e:c0:4b:15:da:8d:9a:fe:46:a9:27:a7:50:
98:cb:d0:43:64:f3:d6:28:fa:e8:7f:1d:5c:11:94:
0a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A0:88:09:4D:D7:F1:39:57:7D:CE:02:78:AB:45:7C:0B:D5:FA:93
X509v3 Authority Key Identifier:
keyid:88:5E:6E:65:E8:D7:41:82:03:96:34:56:6C:D1:FA:2B:2B:32:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iF5uZejXQYIDljRWbNH6KysyVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/gaCICU3X8TlXfc4CeKtFfAvV-pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/iF5uZejXQYIDljRWbNH6KysyVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.200.0/21
Signature Algorithm: sha256WithRSAEncryption
01:eb:7e:11:09:b2:e1:ae:49:13:bb:31:0b:84:ec:aa:be:3d:
bf:9b:04:51:2d:3c:52:98:03:e9:66:38:2d:01:38:3a:d0:31:
49:b1:fd:ed:41:39:3d:08:9a:01:9c:6b:71:3b:f4:da:a3:cc:
85:0f:11:65:33:53:05:0d:75:4d:67:13:8d:b2:c7:ce:2b:99:
79:d3:f5:c1:5d:bc:48:b0:27:d2:67:44:f0:88:ff:58:4e:21:
98:d6:41:c6:a9:77:5a:fb:84:60:fa:e1:d8:fc:a2:33:d4:f5:
03:ac:54:e3:9b:b4:39:fb:fa:77:82:7b:34:79:bc:da:17:fe:
8a:7a:1b:22:65:59:5f:93:9d:15:52:51:0c:a8:75:d1:c6:bc:
aa:49:13:67:e2:3c:80:a7:db:19:bc:0e:53:3e:e2:2e:8b:37:
cd:94:ee:4c:72:a1:f2:ed:db:57:4f:f4:87:34:13:68:78:2b:
3f:dc:42:2d:c7:c1:8e:dd:4a:6d:ae:8c:60:f0:1c:d6:6b:30:
91:11:bb:57:34:46:f3:14:84:6e:db:72:76:67:63:f7:86:1e:
4e:40:14:2b:31:af:ec:06:95:dc:99:99:85:e7:f3:3b:ba:cc:
23:30:0e:e6:88:9e:ae:64:92:ac:fd:91:0d:21:80:72:c3:5d:
a6:fd:f4:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRxAINrMl/K3f6xy559JPAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWU2ZTY1ZThkNzQxODIwMzk2MzQ1NjZjZDFmYTJiMmIz
MjU3MDIwHhcNMjUwMTE2MjEyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWEwODgwOTRkZDdmMTM5NTc3ZGNlMDI3OGFiNDU3YzBiZDVmYTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbm41iqAt/WkxCf4gnRpqh8/QkuR
ysDjlrCTMpy77fqZru51TcZw4AC4DXEVjx5eDMoBqL+c061TaCN2/TwidHCmRILp
ifUiLPGIc+XAwPu8nSDsK8dDMW+XDYukUgkdY6BsWfn7SfOtSsiNR4dKR/7R7t0p
tpgWTYft2oW69GCsesnkj2YWkryMlF5g4H/zGXqyxotSk2kGkv+NAQ2Y9E45ZM5b
4yFDKRA/wJnvBPoOz9HG7V9jQqZGvb7BisEtub5TNBN47MbCpAA98VrNh1dtOihP
qu99J2JCaxrmKHJugD7ASxXajZr+Rqknp1CYy9BDZPPWKProfx1cEZQKPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGgiAlN1/E5V33OAnirRXwL1fqTMB8GA1UdIwQY
MBaAFIhebmXo10GCA5Y0VmzR+isrMlcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUY1dVplalhRWUlEbGpSV2JOSDZLeXN5VndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9iNWU0MzgtZTI5Mi00ZDIyLWE5MGUt
Y2VlYmRmZGUwMWZjLzEvZ2FDSUNVM1g4VGxYZmM0Q2VLdEZmQXZWLXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9iNWU0MzgtZTI5Mi00ZDIyLWE5MGUtY2VlYmRmZGUwMWZj
LzEvaUY1dVplalhRWUlEbGpSV2JOSDZLeXN5VndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW73IMA0G
CSqGSIb3DQEBCwUAA4IBAQAB634RCbLhrkkTuzELhOyqvj2/mwRRLTxSmAPpZjgt
ATg60DFJsf3tQTk9CJoBnGtxO/Tao8yFDxFlM1MFDXVNZxONssfOK5l50/XBXbxI
sCfSZ0TwiP9YTiGY1kHGqXda+4Rg+uHY/KIz1PUDrFTjm7Q5+/p3gns0ebzaF/6K
ehsiZVlfk50VUlEMqHXRxryqSRNn4jyAp9sZvA5TPuIuizfNlO5McqHy7dtXT/SH
NBNoeCs/3EItx8GO3Uptroxg8BzWazCREbtXNEbzFIRu23J2Z2P3hh5OQBQrMa/s
BpXcmZmF5/M7uswjMA7miJ6uZJKs/ZENIYByw12m/fRl
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:49:41 2025 by rpki-client