Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/ab8545-f8b7-4c5e-98ff-25035c1d14dc/1/GLZql0j8l5dVzBiWLSg6okkouy4.roa
File: GLZql0j8l5dVzBiWLSg6okkouy4.roa (raw, json)
Hash identifier: 2QhZNGky13xFrQaNvOTG9ju0z/hiOEG7m+2BypxDyUs=
Subject key identifier: 18:B6:6A:97:48:FC:97:97:55:CC:18:96:2D:28:3A:A2:49:28:BB:2E
Certificate issuer: /CN=c52aa9ea84db41ad9f045049d8e146f975e42fcb
Certificate serial: 018CC793374D71F7ACD95181DB26386E5F81
Authority key identifier: C5:2A:A9:EA:84:DB:41:AD:9F:04:50:49:D8:E1:46:F9:75:E4:2F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xSqp6oTbQa2fBFBJ2OFG-XXkL8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/ab8545-f8b7-4c5e-98ff-25035c1d14dc/1/GLZql0j8l5dVzBiWLSg6okkouy4.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49101
IP address blocks: 82.144.128.0/19 maxlen: 24
2a02:d00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:37:4d:71:f7:ac:d9:51:81:db:26:38:6e:5f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c52aa9ea84db41ad9f045049d8e146f975e42fcb
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18b66a9748fc979755cc18962d283aa24928bb2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:23:02:fc:58:2d:c0:a1:1f:89:13:1b:31:09:
6c:61:0b:cd:20:fb:ab:88:1c:f2:e0:36:f5:2e:5e:
58:a7:de:6a:04:de:61:da:77:c7:f6:80:c0:92:0c:
42:63:1a:8b:83:e6:e6:2c:48:54:38:1d:81:15:fb:
c7:2c:27:4a:e5:6e:65:6b:56:cf:1f:73:b4:78:5b:
74:95:a8:28:df:21:ca:7d:c1:87:3c:ce:e4:ff:2c:
61:dd:8c:5c:42:ad:3f:c1:d3:14:bf:d3:e2:17:c0:
9d:e9:5f:8b:15:f3:03:5a:32:ec:8c:be:6f:e8:2d:
85:2f:45:0b:bc:4d:9b:4f:cd:64:04:87:35:6b:3a:
f9:b5:52:f2:37:37:f7:75:dc:8d:a1:ae:e3:94:ca:
55:d8:45:c4:e0:23:11:29:1c:d7:46:35:7e:5f:1f:
b3:cb:c3:38:83:67:d2:96:41:fb:55:f1:70:2f:68:
8b:f6:ec:0d:b4:b8:c7:3f:ec:62:0c:a6:84:ab:db:
9c:0c:62:c1:e2:12:7c:92:81:cc:79:10:f0:a9:2e:
83:17:88:c7:98:99:9a:23:f1:88:b7:13:6d:f4:23:
af:f9:aa:d2:3c:a7:3f:53:2d:81:25:e7:7d:b4:31:
a6:96:26:f6:9f:5a:9f:f5:82:e1:b7:ec:d2:5e:bc:
49:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B6:6A:97:48:FC:97:97:55:CC:18:96:2D:28:3A:A2:49:28:BB:2E
X509v3 Authority Key Identifier:
keyid:C5:2A:A9:EA:84:DB:41:AD:9F:04:50:49:D8:E1:46:F9:75:E4:2F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xSqp6oTbQa2fBFBJ2OFG-XXkL8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/ab8545-f8b7-4c5e-98ff-25035c1d14dc/1/GLZql0j8l5dVzBiWLSg6okkouy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/ab8545-f8b7-4c5e-98ff-25035c1d14dc/1/xSqp6oTbQa2fBFBJ2OFG-XXkL8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.144.128.0/19
IPv6:
2a02:d00::/32
Signature Algorithm: sha256WithRSAEncryption
85:f9:9f:41:6a:1a:cb:b7:cc:a8:39:c4:87:49:0d:58:f8:17:
04:f7:0b:59:02:e2:3d:eb:ab:ad:06:5b:7c:aa:a3:53:ba:d8:
17:e4:5c:f0:68:15:68:60:f4:a7:58:c8:e9:e7:38:9d:c5:0a:
16:3e:91:9e:70:9c:27:10:9e:16:33:6f:50:04:5f:fb:57:c6:
2e:56:07:5c:b8:9a:82:4c:8b:ab:87:23:12:4b:ca:38:e6:fb:
03:a0:e1:2a:ce:c9:9f:09:57:28:9c:7d:2b:8d:55:ae:cd:70:
72:20:0f:c4:ce:29:08:e5:be:e6:dd:0c:36:29:f7:6f:a6:6a:
54:9b:ba:62:5d:8a:65:f8:2d:60:5e:c8:53:95:42:e0:1b:2b:
b4:53:cc:30:3b:59:2f:e2:85:58:1a:ed:c9:5d:c6:ce:79:da:
b9:da:41:1b:b8:e8:e1:6f:8d:1a:c3:3d:43:c1:7a:1b:b5:05:
dd:36:21:d9:47:cf:d1:62:66:97:f6:a8:71:1f:41:94:b7:d1:
b4:bd:2d:b1:e6:72:40:8f:40:2b:e2:1c:d5:81:6e:1c:10:fe:
34:36:a9:2c:ba:1c:fc:1c:4e:07:9a:cc:9d:04:8a:57:06:dc:
50:19:4f:6a:31:30:c1:6f:9e:7b:f6:e1:4e:ed:8e:30:63:09:
64:ac:bf:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHkzdNcfes2VGB2yY4bl+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MmFhOWVhODRkYjQxYWQ5ZjA0NTA0OWQ4ZTE0NmY5NzVl
NDJmY2IwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGI2NmE5NzQ4ZmM5Nzk3NTVjYzE4OTYyZDI4M2FhMjQ5MjhiYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SMC/FgtwKEfiRMbMQlsYQvNIPur
iBzy4Db1Ll5Yp95qBN5h2nfH9oDAkgxCYxqLg+bmLEhUOB2BFfvHLCdK5W5la1bP
H3O0eFt0lago3yHKfcGHPM7k/yxh3YxcQq0/wdMUv9PiF8Cd6V+LFfMDWjLsjL5v
6C2FL0ULvE2bT81kBIc1azr5tVLyNzf3ddyNoa7jlMpV2EXE4CMRKRzXRjV+Xx+z
y8M4g2fSlkH7VfFwL2iL9uwNtLjHP+xiDKaEq9ucDGLB4hJ8koHMeRDwqS6DF4jH
mJmaI/GItxNt9COv+arSPKc/Uy2BJed9tDGmlib2n1qf9YLht+zSXrxJ7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBi2apdI/JeXVcwYli0oOqJJKLsuMB8GA1UdIwQY
MBaAFMUqqeqE20GtnwRQSdjhRvl15C/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFNxcDZvVGJRYTJmQkZCSjJPRkctWFhrTDhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hYjg1NDUtZjhiNy00YzVlLTk4ZmYt
MjUwMzVjMWQxNGRjLzEvR0xacWwwajhsNWRWekJpV0xTZzZva2tvdXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hYjg1NDUtZjhiNy00YzVlLTk4ZmYtMjUwMzVjMWQxNGRj
LzEveFNxcDZvVGJRYTJmQkZCSjJPRkctWFhrTDhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFUpCAMA0E
AgACMAcDBQAqAg0AMA0GCSqGSIb3DQEBCwUAA4IBAQCF+Z9BahrLt8yoOcSHSQ1Y
+BcE9wtZAuI966utBlt8qqNTutgX5FzwaBVoYPSnWMjp5zidxQoWPpGecJwnEJ4W
M29QBF/7V8YuVgdcuJqCTIurhyMSS8o45vsDoOEqzsmfCVconH0rjVWuzXByIA/E
zikI5b7m3Qw2KfdvpmpUm7piXYpl+C1gXshTlULgGyu0U8wwO1kv4oVYGu3JXcbO
edq52kEbuOjhb40awz1DwXobtQXdNiHZR8/RYmaX9qhxH0GUt9G0vS2x5nJAj0Ar
4hzVgW4cEP40Nqksuhz8HE4HmsydBIpXBtxQGU9qMTDBb5579uFO7Y4wYwlkrL8w
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:52:07 2025 by rpki-client