Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gGCA5YK8NQlVJDUxgif8eyCoR3c.roa
File: gGCA5YK8NQlVJDUxgif8eyCoR3c.roa (raw, json)
Hash identifier: Oj2t06H1177plEolmRnqfDYDrRvAbNrKcCpiA25hMSs=
Subject key identifier: 80:60:80:E5:82:BC:35:09:55:24:35:31:82:27:FC:7B:20:A8:47:77
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7B348281CA7EA31899E2724C1FC44
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gGCA5YK8NQlVJDUxgif8eyCoR3c.roa
Signing time: Wed 01 Jan 2025 21:48:46 +0000
ROA not before: Wed 01 Jan 2025 21:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215181
IP address blocks: 151.242.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 05:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b3:48:28:1c:a7:ea:31:89:9e:27:24:c1:fc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=806080e582bc3509552435318227fc7b20a84777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8e:09:2e:7c:fa:ce:96:ac:99:10:18:1d:bd:
19:e1:f6:1e:02:c9:9b:a5:28:02:51:bc:35:3b:7c:
35:60:38:49:a4:53:ed:de:3f:13:f6:9b:3e:4b:39:
02:aa:7f:26:37:d7:8b:46:bc:fc:4a:f0:84:d6:c8:
ed:97:af:56:e3:b1:8e:f9:20:6c:2d:1f:25:f9:48:
61:7e:c8:69:e3:d1:79:0a:78:69:89:79:46:b5:6d:
c5:c6:6e:bd:7a:37:ce:2c:32:f3:94:d4:53:a7:8d:
aa:e0:37:d5:e1:8a:ec:1d:31:0b:e1:c4:ef:57:97:
64:a3:6a:99:95:49:77:e7:ea:e8:4e:4d:88:50:71:
79:13:10:cf:f0:32:b9:71:f8:c6:70:7c:aa:9f:d2:
71:10:cc:08:78:d7:4b:60:8c:16:db:a3:c3:3e:26:
46:17:80:35:41:23:5b:0c:d4:41:52:b7:cc:70:43:
04:31:2d:13:ca:90:35:ac:4b:fa:21:40:4f:f9:44:
dc:31:78:8f:c8:20:fa:22:c9:ec:23:71:8f:13:ae:
5e:d9:3a:b2:81:cc:29:f4:9d:e8:61:0b:d1:5f:76:
be:76:df:c9:55:ab:2b:ac:f3:17:ef:10:84:fe:19:
6c:7c:25:1a:ab:3f:bc:e0:49:76:25:70:ab:66:d5:
3b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:60:80:E5:82:BC:35:09:55:24:35:31:82:27:FC:7B:20:A8:47:77
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gGCA5YK8NQlVJDUxgif8eyCoR3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.242.0/24
Signature Algorithm: sha256WithRSAEncryption
33:7a:c2:d5:cc:97:6b:43:dc:ac:28:c8:a6:f1:61:77:3d:cb:
f5:19:c6:0d:3a:18:72:10:39:54:b0:85:25:4c:43:2e:ed:1f:
14:f6:67:c1:41:88:d7:f3:18:38:a1:b0:88:4a:ab:5c:7b:d6:
48:93:b7:34:91:57:b0:83:57:cc:21:7d:b0:0e:6e:8c:80:d7:
80:78:13:2f:5d:e5:9d:cc:43:69:02:c3:d7:c5:67:af:6b:13:
3b:de:2d:95:f9:7d:bb:f5:ee:cd:f1:62:11:8c:15:98:e4:aa:
d0:29:70:5e:6a:d3:40:9e:71:a8:63:40:7a:9b:7f:9a:db:d7:
81:f8:25:23:00:e6:19:e9:36:31:2c:ec:11:e1:45:aa:60:c7:
45:bf:50:8a:73:bb:37:8d:52:7f:17:8d:a4:6e:3f:f8:3f:55:
c4:0f:fb:d4:d5:17:41:1c:16:f9:a6:31:f8:ed:36:be:ce:c5:
5c:9b:4c:c8:b4:c7:8b:4e:d3:d0:f1:a0:07:7c:37:e5:e0:1c:
b9:ef:21:9a:4e:48:85:ff:3c:65:82:f8:26:cb:1a:d1:2a:5f:
3e:23:a2:2c:a5:db:40:ba:b6:60:60:99:c4:f0:93:c0:48:92:
ae:34:f4:a5:95:f5:b6:f2:7a:bc:ce:81:a6:35:7c:c1:15:2f:
c6:6c:7b:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17NIKByn6jGJnickwfxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDYwODBlNTgyYmMzNTA5NTUyNDM1MzE4MjI3ZmM3YjIwYTg0Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y4JLnz6zpasmRAYHb0Z4fYeAsmb
pSgCUbw1O3w1YDhJpFPt3j8T9ps+SzkCqn8mN9eLRrz8SvCE1sjtl69W47GO+SBs
LR8l+Uhhfshp49F5CnhpiXlGtW3Fxm69ejfOLDLzlNRTp42q4DfV4YrsHTEL4cTv
V5dko2qZlUl35+roTk2IUHF5ExDP8DK5cfjGcHyqn9JxEMwIeNdLYIwW26PDPiZG
F4A1QSNbDNRBUrfMcEMEMS0TypA1rEv6IUBP+UTcMXiPyCD6IsnsI3GPE65e2Tqy
gcwp9J3oYQvRX3a+dt/JVasrrPMX7xCE/hlsfCUaqz+84El2JXCrZtU77QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBggOWCvDUJVSQ1MYIn/HsgqEd3MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ0dDQTVZSzhOUWxWSkRVeGdpZjhleUNvUjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/LyMA0G
CSqGSIb3DQEBCwUAA4IBAQAzesLVzJdrQ9ysKMim8WF3Pcv1GcYNOhhyEDlUsIUl
TEMu7R8U9mfBQYjX8xg4obCISqtce9ZIk7c0kVewg1fMIX2wDm6MgNeAeBMvXeWd
zENpAsPXxWevaxM73i2V+X279e7N8WIRjBWY5KrQKXBeatNAnnGoY0B6m3+a29eB
+CUjAOYZ6TYxLOwR4UWqYMdFv1CKc7s3jVJ/F42kbj/4P1XED/vU1RdBHBb5pjH4
7Ta+zsVcm0zItMeLTtPQ8aAHfDfl4By57yGaTkiF/zxlgvgmyxrRKl8+I6IspdtA
urZgYJnE8JPASJKuNPSllfW28nq8zoGmNXzBFS/GbHt4
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:40:32 2025 by rpki-client