Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/GD6Y0J4BUWpQI5Et54OFSvQM30w.roa
File: GD6Y0J4BUWpQI5Et54OFSvQM30w.roa (raw, json)
Hash identifier: 5hpSfASBcYJFlwTrp4pLPyUCf4aik9a1wWCBoTFJ6Wk=
Subject key identifier: 18:3E:98:D0:9E:01:51:6A:50:23:91:2D:E7:83:85:4A:F4:0C:DF:4C
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 019214FEFEDD7C7C7E855829FD48DECC9D3C
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/GD6Y0J4BUWpQI5Et54OFSvQM30w.roa
Signing time: Sat 21 Sep 2024 14:31:48 +0000
ROA not before: Sat 21 Sep 2024 14:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203560
IP address blocks: 178.21.144.0/24 maxlen: 24
178.21.145.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
185.8.168.0/24 maxlen: 24
185.8.169.0/24 maxlen: 24
2a02:2c0::/48 maxlen: 48
2a02:2c0:1::/48 maxlen: 48
2a02:2c0:2::/48 maxlen: 48
2a02:2c0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Oct 2024 15:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:14:fe:fe:dd:7c:7c:7e:85:58:29:fd:48:de:cc:9d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Sep 21 14:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=183e98d09e01516a5023912de783854af40cdf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5b:ee:ca:bb:f1:54:80:15:68:d2:85:8a:29:
65:b2:6c:7c:49:4b:80:f4:87:49:67:f1:62:66:0d:
2e:42:4d:55:90:73:81:4c:c5:f2:df:ad:b3:7b:4c:
ce:41:b0:73:2e:dc:53:18:fb:73:52:9c:88:ea:b7:
05:91:af:91:4c:37:bf:67:ae:e6:92:99:ab:e4:cf:
48:7f:34:1c:b4:0a:ee:64:06:7b:e2:6d:93:29:6a:
31:f4:27:8c:04:be:b8:8c:13:b4:e2:98:bb:c5:38:
b4:81:15:f0:e8:d8:61:4c:0d:7d:b6:97:54:87:c1:
87:75:a9:37:37:a8:b2:b8:ac:ec:e4:61:7e:78:14:
6a:61:e4:a5:a5:16:ca:2e:4c:3e:7b:0c:bc:7f:6d:
c8:51:01:0a:91:4a:a9:cf:ba:78:88:f4:25:53:f2:
b3:a6:35:9f:31:8b:84:4a:45:26:c1:22:21:54:72:
c7:4b:3d:df:92:5e:8e:ec:4a:86:ae:85:f1:18:99:
2d:6a:dd:8c:30:7f:31:16:9f:cc:e6:0b:d5:cc:f6:
ea:19:52:5e:4b:b0:31:11:5b:37:7a:53:6d:79:2f:
e7:e5:5f:e7:4e:a5:a5:62:9a:20:21:87:0a:4a:ad:
94:e1:bc:0b:63:38:4f:75:54:0e:e1:a0:ec:f8:a3:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3E:98:D0:9E:01:51:6A:50:23:91:2D:E7:83:85:4A:F4:0C:DF:4C
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/GD6Y0J4BUWpQI5Et54OFSvQM30w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
185.8.168.0/23
IPv6:
2a02:2c0::/46
Signature Algorithm: sha256WithRSAEncryption
92:55:ec:7d:de:c6:a2:4d:61:f4:e5:5a:63:1b:84:db:23:2e:
4b:2c:b2:22:9b:de:13:09:68:ff:96:d4:e3:4e:55:fb:e7:71:
3e:4d:7a:5f:03:38:05:c1:8e:64:67:6a:67:10:66:27:72:a4:
b3:dc:a5:8d:c5:01:e4:a0:fa:8d:c2:94:f1:72:af:1c:3a:42:
23:61:68:37:c0:5a:dd:6a:7b:fe:89:7c:b6:8a:f9:0e:c0:17:
75:e0:72:a4:40:70:8c:fd:9c:37:d0:f6:b0:a3:18:cd:3e:d5:
43:04:d4:d0:ac:7b:cf:5b:c9:08:47:7b:b0:f8:85:c6:40:70:
e3:cc:91:74:f2:1b:49:cd:d5:be:6b:a1:b2:77:23:f9:b1:1e:
85:f5:20:88:73:d7:69:55:69:78:61:55:70:5c:22:26:1f:d8:
aa:79:97:e7:4b:22:93:0a:e8:9c:e9:d0:be:1d:32:db:6a:81:
4b:0b:9a:28:2b:8a:09:1c:76:3e:ae:52:1d:7c:86:bb:73:01:
db:74:3d:90:69:12:a2:1d:3c:32:28:8d:90:1e:f6:5d:b2:2e:
4e:64:4f:da:19:78:0f:81:1f:5c:99:89:71:b2:30:b6:b9:4c:
98:3a:8d:0f:63:44:85:3f:e6:5c:89:35:c1:a8:2d:90:c9:a6:
62:84:f1:1d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZIU/v7dfHx+hVgp/UjezJ08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjQwOTIxMTQzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODNlOThkMDllMDE1MTZhNTAyMzkxMmRlNzgzODU0YWY0MGNkZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1vuyrvxVIAVaNKFiillsmx8SUuA
9IdJZ/FiZg0uQk1VkHOBTMXy362ze0zOQbBzLtxTGPtzUpyI6rcFka+RTDe/Z67m
kpmr5M9IfzQctAruZAZ74m2TKWox9CeMBL64jBO04pi7xTi0gRXw6NhhTA19tpdU
h8GHdak3N6iyuKzs5GF+eBRqYeSlpRbKLkw+ewy8f23IUQEKkUqpz7p4iPQlU/Kz
pjWfMYuESkUmwSIhVHLHSz3fkl6O7EqGroXxGJktat2MMH8xFp/M5gvVzPbqGVJe
S7AxEVs3elNteS/n5V/nTqWlYpogIYcKSq2U4bwLYzhPdVQO4aDs+KM83wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBg+mNCeAVFqUCORLeeDhUr0DN9MMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvR0Q2WTBKNEJVV3BRSTVFdDU0T0ZTdlFNMzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCshWQAwQB
uQioMA8EAgACMAkDBwIqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBAJJV7H3exqJN
YfTlWmMbhNsjLksssiKb3hMJaP+W1ONOVfvncT5Nel8DOAXBjmRnamcQZidypLPc
pY3FAeSg+o3ClPFyrxw6QiNhaDfAWt1qe/6JfLaK+Q7AF3XgcqRAcIz9nDfQ9rCj
GM0+1UME1NCse89byQhHe7D4hcZAcOPMkXTyG0nN1b5robJ3I/mxHoX1IIhz12lV
aXhhVXBcIiYf2Kp5l+dLIpMK6Jzp0L4dMttqgUsLmigrigkcdj6uUh18hrtzAdt0
PZBpEqIdPDIojZAe9l2yLk5kT9oZeA+BH1yZiXGyMLa5TJg6jQ9jRIU/5lyJNcGo
LZDJpmKE8R0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:41 2025 by rpki-client