Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/GkGTKHETtAkitTVR34uyJJ74gmo.roa
File: GkGTKHETtAkitTVR34uyJJ74gmo.roa (raw, json)
Hash identifier: Ty7s2tNNTXLRTuCWpjqvjalI2xZiuYxx7r3PSuN8wVk=
Subject key identifier: 1A:41:93:28:71:13:B4:09:22:B5:35:51:DF:8B:B2:24:9E:F8:82:6A
Certificate issuer: /CN=efd9191978631fc955ac0f51062d5ce9844eae03
Certificate serial: 018CC493625A134AF3AB051E52D415412F7F
Authority key identifier: EF:D9:19:19:78:63:1F:C9:55:AC:0F:51:06:2D:5C:E9:84:4E:AE:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79kZGXhjH8lVrA9RBi1c6YROrgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/GkGTKHETtAkitTVR34uyJJ74gmo.roa
Signing time: Mon 01 Jan 2024 10:30:42 +0000
ROA not before: Mon 01 Jan 2024 10:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12762
IP address blocks: 185.210.12.0/22 maxlen: 22
212.51.224.0/19 maxlen: 19
2a00:40c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:62:5a:13:4a:f3:ab:05:1e:52:d4:15:41:2f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd9191978631fc955ac0f51062d5ce9844eae03
Validity
Not Before: Jan 1 10:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a4193287113b40922b53551df8bb2249ef8826a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:07:46:b6:dc:8c:4f:e9:1f:37:c4:b2:99:76:
54:d0:f5:71:a2:f5:ce:35:f5:92:79:1f:90:74:1e:
4b:fb:ac:6c:09:29:91:41:1b:5a:7d:da:39:bd:0a:
6f:1b:dd:dc:61:0a:72:95:96:f4:94:ab:65:c8:41:
40:4b:8e:11:3d:6c:8d:b1:fb:2b:21:af:1d:7a:72:
dc:b4:d4:69:3d:cb:d5:26:ad:e3:f0:27:00:ac:ed:
86:1c:23:66:89:20:d3:bb:10:89:f6:2d:fe:98:b8:
cf:d3:23:7a:33:9a:f9:4c:82:ba:27:e8:82:9d:b5:
04:96:8b:04:41:41:c9:3a:e6:8e:4d:6d:31:ad:fc:
b5:67:e2:6d:ba:97:b9:3a:fa:cc:12:81:b9:7a:11:
19:4c:b6:3c:ac:e0:bd:23:75:37:10:6f:b0:02:01:
0e:b3:1a:e3:28:7e:e2:c9:79:e7:97:0a:f0:e0:dd:
a6:e9:a7:63:d2:ac:50:dd:e7:fb:ec:19:5d:32:1c:
9e:34:8c:af:eb:ce:4c:16:6d:cc:02:2c:74:3d:be:
d4:f3:36:18:74:91:59:d6:60:5f:15:bd:e6:ba:25:
9a:0e:ed:e4:35:b6:5d:d2:5c:53:72:1c:ed:12:10:
6c:b9:bc:55:f3:e4:15:b5:74:72:94:eb:0e:5d:47:
2f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:41:93:28:71:13:B4:09:22:B5:35:51:DF:8B:B2:24:9E:F8:82:6A
X509v3 Authority Key Identifier:
keyid:EF:D9:19:19:78:63:1F:C9:55:AC:0F:51:06:2D:5C:E9:84:4E:AE:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79kZGXhjH8lVrA9RBi1c6YROrgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/GkGTKHETtAkitTVR34uyJJ74gmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9007dc-2354-4e1b-87e5-bc180dacdf05/1/79kZGXhjH8lVrA9RBi1c6YROrgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.12.0/22
212.51.224.0/19
IPv6:
2a00:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:fb:f1:80:bb:68:69:89:93:6e:b7:26:10:7c:7d:fc:10:8d:
c9:b9:d5:5e:97:7b:5a:93:43:4c:9d:c0:ff:06:6f:79:69:8a:
79:ac:20:bf:ef:cd:23:81:35:37:ad:2f:18:d0:e5:54:99:dd:
fe:78:d6:2e:b4:98:92:90:82:f2:b7:6d:8a:d0:2e:12:b2:42:
f3:6d:bf:ca:d2:95:c8:79:7d:14:ee:6d:c3:cc:3e:f2:88:16:
fa:b5:ad:90:26:09:56:62:75:60:18:f9:fc:fd:2e:87:ca:0b:
58:fd:71:a9:1b:5e:9f:cf:6b:89:e8:31:9f:23:d4:ca:5d:b2:
c6:b9:7e:65:1c:b9:fd:dd:55:34:6a:17:d5:22:c9:53:98:0a:
f1:29:05:92:1c:51:79:cf:0d:82:74:34:65:17:37:23:ac:3b:
b5:ca:8c:1c:b9:60:49:4d:22:d6:88:50:f8:60:4b:0d:ac:c8:
6f:fb:62:a6:5e:a5:da:e4:d0:34:53:d4:84:6b:de:cc:47:08:
ce:f4:33:bc:a8:b6:42:4f:47:bd:6b:3a:a7:3f:9a:56:7f:e7:
05:f0:d0:03:ed:de:85:17:88:b2:d8:50:ef:8b:3b:57:43:cd:
bd:dc:d3:6a:60:ce:60:a5:96:a9:cb:a0:49:cb:28:1f:71:95:
d4:cd:dc:a5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEk2JaE0rzqwUeUtQVQS9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDkxOTE5Nzg2MzFmYzk1NWFjMGY1MTA2MmQ1Y2U5ODQ0
ZWFlMDMwHhcNMjQwMTAxMTAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQxOTMyODcxMTNiNDA5MjJiNTM1NTFkZjhiYjIyNDllZjg4MjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QdGttyMT+kfN8SymXZU0PVxovXO
NfWSeR+QdB5L+6xsCSmRQRtafdo5vQpvG93cYQpylZb0lKtlyEFAS44RPWyNsfsr
Ia8denLctNRpPcvVJq3j8CcArO2GHCNmiSDTuxCJ9i3+mLjP0yN6M5r5TIK6J+iC
nbUElosEQUHJOuaOTW0xrfy1Z+Jtupe5OvrMEoG5ehEZTLY8rOC9I3U3EG+wAgEO
sxrjKH7iyXnnlwrw4N2m6adj0qxQ3ef77BldMhyeNIyv685MFm3MAix0Pb7U8zYY
dJFZ1mBfFb3muiWaDu3kNbZd0lxTchztEhBsubxV8+QVtXRylOsOXUcvxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBpBkyhxE7QJIrU1Ud+LsiSe+IJqMB8GA1UdIwQY
MBaAFO/ZGRl4Yx/JVawPUQYtXOmETq4DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlrWkdYaGpIOGxWckE5UkJpMWM2WVJPcmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85MDA3ZGMtMjM1NC00ZTFiLTg3ZTUt
YmMxODBkYWNkZjA1LzEvR2tHVEtIRVR0QWtpdFRWUjM0dXlKSjc0Z21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85MDA3ZGMtMjM1NC00ZTFiLTg3ZTUtYmMxODBkYWNkZjA1
LzEvNzlrWkdYaGpIOGxWckE5UkJpMWM2WVJPcmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudIMAwQF
1DPgMA0EAgACMAcDBQMqAEDAMA0GCSqGSIb3DQEBCwUAA4IBAQBx+/GAu2hpiZNu
tyYQfH38EI3JudVel3tak0NMncD/Bm95aYp5rCC/780jgTU3rS8Y0OVUmd3+eNYu
tJiSkILyt22K0C4SskLzbb/K0pXIeX0U7m3DzD7yiBb6ta2QJglWYnVgGPn8/S6H
ygtY/XGpG16fz2uJ6DGfI9TKXbLGuX5lHLn93VU0ahfVIslTmArxKQWSHFF5zw2C
dDRlFzcjrDu1yowcuWBJTSLWiFD4YEsNrMhv+2KmXqXa5NA0U9SEa97MRwjO9DO8
qLZCT0e9azqnP5pWf+cF8NAD7d6FF4iy2FDviztXQ8293NNqYM5gpZapy6BJyygf
cZXUzdyl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:09 2025 by rpki-client