Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gczd4bfWY65qyxd1t2z75z_ifQ0.roa
File: gczd4bfWY65qyxd1t2z75z_ifQ0.roa (raw, json)
Hash identifier: 83N7nLtSEqqFPnxHEnfjoVe/optibrSNLjfKyUNPQaQ=
Subject key identifier: 81:CC:DD:E1:B7:D6:63:AE:6A:CB:17:75:B7:6C:FB:E7:3F:E2:7D:0D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019184FC263A797A32D4DBCF98B7B6712275
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gczd4bfWY65qyxd1t2z75z_ifQ0.roa
Signing time: Sat 24 Aug 2024 15:23:22 +0000
ROA not before: Sat 24 Aug 2024 15:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 12:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:84:fc:26:3a:79:7a:32:d4:db:cf:98:b7:b6:71:22:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 24 15:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ccdde1b7d663ae6acb1775b76cfbe73fe27d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:77:cb:59:be:5d:fd:2d:cb:5a:85:75:a5:2c:
9e:68:ac:c5:d4:4b:fd:ce:3b:13:86:f1:49:1c:92:
0f:74:5b:3a:59:09:48:6e:95:4f:6c:51:13:f2:b2:
6c:ab:0a:f6:22:83:7e:b2:ad:0d:fe:48:92:70:d4:
76:cd:5b:00:ab:58:22:67:fb:8a:84:bc:29:28:3e:
15:9b:3a:e1:01:c9:9d:97:00:1f:64:fd:e1:85:77:
3c:13:03:2a:a7:44:fc:b1:90:71:86:ed:07:8a:c9:
04:cf:54:ca:b7:d9:52:7d:af:7e:ab:74:59:31:a7:
46:62:25:9a:ab:a5:67:78:f7:a6:d3:bd:b4:8a:68:
6f:15:75:e1:5c:92:91:1d:59:e3:f9:e7:19:18:81:
a4:02:e0:31:ab:55:e1:15:39:2e:60:df:ab:a2:13:
f5:64:c1:55:eb:18:70:48:e3:a7:d2:67:a8:9d:9b:
f4:43:52:0d:1e:2b:d4:35:74:90:c4:e8:d7:cd:09:
56:49:a3:2a:81:29:d5:52:c3:7f:6e:ed:d8:97:ba:
66:f9:ba:10:68:bb:29:48:46:bb:c1:ce:c5:23:7a:
35:9b:04:25:ff:e0:79:33:14:7a:94:ed:3c:f2:b0:
89:c6:c0:cd:70:3f:13:41:e4:66:84:7b:a9:ea:19:
9d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CC:DD:E1:B7:D6:63:AE:6A:CB:17:75:B7:6C:FB:E7:3F:E2:7D:0D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gczd4bfWY65qyxd1t2z75z_ifQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
36:71:81:69:f4:b4:91:0b:88:ad:18:8d:18:fe:d7:3a:24:4c:
ed:0f:7d:b6:87:cf:df:7b:4a:f9:f6:5d:9b:2e:8c:03:42:a3:
ff:7d:70:b7:82:62:0c:8b:36:ef:55:08:63:86:5d:eb:3a:fb:
3a:cb:9a:65:bc:16:a3:06:2d:03:d9:91:56:14:f3:3e:d2:ce:
82:e0:aa:2c:06:b8:90:b3:f5:c8:24:db:b3:30:7b:81:7c:29:
e5:5f:79:b2:d8:f1:31:af:1a:37:2b:87:9b:fb:66:8c:48:85:
4e:5b:5f:03:c6:0d:d0:59:6a:56:5e:58:32:b5:bc:82:a7:08:
fb:32:ba:5f:1f:22:39:99:39:2a:a5:a6:9c:db:17:8d:c2:78:
64:7e:a5:4a:c8:17:1b:b6:60:01:c3:7c:23:a3:8a:aa:ff:56:
a7:2c:a1:5a:1a:97:08:ee:b7:9b:f3:95:e3:94:4f:60:1e:9a:
71:e3:ba:f0:6d:ac:79:26:81:2e:5c:7e:7f:1b:20:d1:ae:69:
c3:c4:c4:3b:19:3a:8a:e5:75:c1:43:f0:5a:d6:df:ec:c1:cb:
e4:92:16:90:c9:cd:50:24:42:88:77:ec:35:8e:c4:62:d8:b2:
49:01:5e:9f:0d:68:92:1d:4a:80:fe:14:e4:c8:b8:a5:ab:c6:
19:2d:2f:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGE/CY6eXoy1NvPmLe2cSJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODI0MTUyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWNjZGRlMWI3ZDY2M2FlNmFjYjE3NzViNzZjZmJlNzNmZTI3ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3fLWb5d/S3LWoV1pSyeaKzF1Ev9
zjsThvFJHJIPdFs6WQlIbpVPbFET8rJsqwr2IoN+sq0N/kiScNR2zVsAq1giZ/uK
hLwpKD4VmzrhAcmdlwAfZP3hhXc8EwMqp0T8sZBxhu0HiskEz1TKt9lSfa9+q3RZ
MadGYiWaq6VnePem0720imhvFXXhXJKRHVnj+ecZGIGkAuAxq1XhFTkuYN+rohP1
ZMFV6xhwSOOn0meonZv0Q1INHivUNXSQxOjXzQlWSaMqgSnVUsN/bu3Yl7pm+boQ
aLspSEa7wc7FI3o1mwQl/+B5MxR6lO088rCJxsDNcD8TQeRmhHup6hmdPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIHM3eG31mOuassXdbds++c/4n0NMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ2N6ZDRiZldZNjVxeXhkMXQyejc1el9pZlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpiOAwQA
WdVoAwQAWdV7AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQA2cYFp9LSRC4itGI0Y
/tc6JEztD322h8/fe0r59l2bLowDQqP/fXC3gmIMizbvVQhjhl3rOvs6y5plvBaj
Bi0D2ZFWFPM+0s6C4KosBriQs/XIJNuzMHuBfCnlX3my2PExrxo3K4eb+2aMSIVO
W18Dxg3QWWpWXlgytbyCpwj7MrpfHyI5mTkqpaac2xeNwnhkfqVKyBcbtmABw3wj
o4qq/1anLKFaGpcI7reb85XjlE9gHppx47rwbax5JoEuXH5/GyDRrmnDxMQ7GTqK
5XXBQ/Ba1t/swcvkkhaQyc1QJEKId+w1jsRi2LJJAV6fDWiSHUqA/hTkyLilq8YZ
LS9+
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:44 2025 by rpki-client