Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GpFhvQB6n7hnWUK1vGoUDLsItpk.roa
File: GpFhvQB6n7hnWUK1vGoUDLsItpk.roa (raw, json)
Hash identifier: xIiq7FzyMEL4fZFzsoyd2VwLzLjalTpLwZx3pSpG43M=
Subject key identifier: 1A:91:61:BD:00:7A:9F:B8:67:59:42:B5:BC:6A:14:0C:BB:08:B6:99
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01923DEFF6A8ADAC13673ABD8FF22EFCA412
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GpFhvQB6n7hnWUK1vGoUDLsItpk.roa
Signing time: Sun 29 Sep 2024 13:19:49 +0000
ROA not before: Sun 29 Sep 2024 13:19:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
82.152.176.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 23:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3d:ef:f6:a8:ad:ac:13:67:3a:bd:8f:f2:2e:fc:a4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 29 13:19:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a9161bd007a9fb8675942b5bc6a140cbb08b699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:67:d7:17:44:25:99:f7:34:a2:91:d1:6f:08:
87:8d:bd:df:90:55:6c:e1:18:41:48:b6:4e:51:ae:
ca:eb:88:b8:06:65:47:7f:8c:c3:91:fd:ed:d3:fe:
70:f8:cc:b7:a7:f1:99:ad:02:9b:56:a8:b0:4e:6a:
f6:c8:24:ee:81:06:7f:49:93:a3:cd:29:f3:56:e7:
9c:c9:d8:ea:8a:d3:07:b0:33:e2:94:ca:02:30:03:
18:d5:13:a2:d3:cb:a7:bc:a7:6e:26:61:84:92:b2:
06:03:87:14:65:c5:20:dd:3a:bf:07:3b:8a:a6:28:
ff:3e:f7:9a:a7:05:c4:18:42:8d:aa:d4:37:2c:d1:
78:21:c5:ef:98:51:0b:2f:18:47:7a:8c:f8:49:d4:
f7:55:32:b4:98:e5:f7:38:0b:b3:c9:ee:e0:fb:ef:
11:fa:4a:2b:db:6b:79:f8:98:7a:a7:17:eb:2a:b5:
43:57:87:d5:aa:a1:fa:13:33:df:23:0a:83:7b:33:
03:0b:69:3e:f7:9b:27:08:7a:29:3c:0e:f7:12:98:
4a:e9:16:1a:7f:a1:d3:00:b8:6a:ab:57:fb:1a:30:
0b:b0:bf:ce:27:f5:bf:88:90:3e:f8:29:55:2b:09:
23:c7:ea:82:a0:db:59:46:0d:16:55:2b:6f:77:d6:
68:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:91:61:BD:00:7A:9F:B8:67:59:42:B5:BC:6A:14:0C:BB:08:B6:99
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GpFhvQB6n7hnWUK1vGoUDLsItpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.176.0/24
89.213.146.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
89.213.212.0/24
89.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:57:8b:89:5d:e8:01:09:2e:68:4b:17:cd:79:ee:68:3e:a7:
13:53:3e:37:98:73:e5:7b:16:ac:5c:10:94:56:5b:a5:fb:a7:
d2:41:99:bd:88:92:3b:47:d0:dc:b7:41:17:34:7c:0e:5e:9e:
4e:4c:47:28:d2:d1:c2:36:e7:f0:25:b5:4f:9b:2b:f8:56:68:
79:1e:99:97:c9:9d:26:39:c9:87:a2:64:37:cb:13:99:a7:88:
48:ad:d9:c8:e6:b2:39:56:42:61:2d:4a:bb:f9:f4:89:a3:5f:
b2:9a:f7:43:7b:53:b4:df:26:32:61:29:a7:8f:63:69:01:7c:
e5:c3:91:ae:6b:0c:4f:79:11:db:2c:a2:4f:c0:30:b2:7a:dd:
00:fd:3e:f5:ca:3f:5e:a7:03:6f:fb:2f:ba:54:ba:a2:11:22:
3d:90:70:e1:38:48:2d:4a:98:ce:4d:25:09:96:db:c4:66:4c:
71:10:03:24:94:59:a8:e7:d0:76:f3:58:3e:56:86:92:f8:5f:
c1:6e:5f:11:f8:ed:83:05:e4:24:9e:10:b6:c8:c3:3c:71:8b:
a8:fa:b0:8b:6e:fd:a1:0b:1b:c2:f3:dc:c8:42:10:2b:e2:53:
7c:20:1c:b4:9e:5a:3c:bc:e4:30:5d:b6:24:57:1b:b7:66:ec:
41:8d:59:3a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZI97/aorawTZzq9j/Iu/KQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTI5MTMxOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkxNjFiZDAwN2E5ZmI4Njc1OTQyYjViYzZhMTQwY2JiMDhiNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WfXF0Qlmfc0opHRbwiHjb3fkFVs
4RhBSLZOUa7K64i4BmVHf4zDkf3t0/5w+My3p/GZrQKbVqiwTmr2yCTugQZ/SZOj
zSnzVuecydjqitMHsDPilMoCMAMY1ROi08unvKduJmGEkrIGA4cUZcUg3Tq/BzuK
pij/PveapwXEGEKNqtQ3LNF4IcXvmFELLxhHeoz4SdT3VTK0mOX3OAuzye7g++8R
+kor22t5+Jh6pxfrKrVDV4fVqqH6EzPfIwqDezMDC2k+95snCHopPA73EphK6RYa
f6HTALhqq1f7GjALsL/OJ/W/iJA++ClVKwkjx+qCoNtZRg0WVStvd9Zo0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBqRYb0Aep+4Z1lCtbxqFAy7CLaZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR3BGaHZRQjZuN2huV1VLMXZHb1VETHNJdHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUQW9AwQA
UpiwAwQAWdWSAwQAWdWYAwQAWdWwAwQAWdW3AwQAWdXUAwQAWdX5MA0GCSqGSIb3
DQEBCwUAA4IBAQCbV4uJXegBCS5oSxfNee5oPqcTUz43mHPlexasXBCUVlul+6fS
QZm9iJI7R9Dct0EXNHwOXp5OTEco0tHCNufwJbVPmyv4Vmh5HpmXyZ0mOcmHomQ3
yxOZp4hIrdnI5rI5VkJhLUq7+fSJo1+ymvdDe1O03yYyYSmnj2NpAXzlw5GuawxP
eRHbLKJPwDCyet0A/T71yj9epwNv+y+6VLqiESI9kHDhOEgtSpjOTSUJltvEZkxx
EAMklFmo59B281g+VoaS+F/Bbl8R+O2DBeQknhC2yMM8cYuo+rCLbv2hCxvC89zI
QhAr4lN8IBy0nlo8vOQwXbYkVxu3ZuxBjVk6
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:33 2025 by rpki-client