Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/gZDp52mLrD3ehIfvaLEKrYEhWcQ.roa
File: gZDp52mLrD3ehIfvaLEKrYEhWcQ.roa (raw, json)
Hash identifier: lMeWSoR4Q0LSVLDwL3afCOVFcb7LlthyPkKF4b1TRIQ=
Subject key identifier: 81:90:E9:E7:69:8B:AC:3D:DE:84:87:EF:68:B1:0A:AD:81:21:59:C4
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 018CC94DC2BE8697ADBC880253EF9DE398F1
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/gZDp52mLrD3ehIfvaLEKrYEhWcQ.roa
Signing time: Tue 02 Jan 2024 08:32:45 +0000
ROA not before: Tue 02 Jan 2024 08:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 195.216.182.0/23 maxlen: 32
195.216.182.0/24 maxlen: 32
195.216.183.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c2:be:86:97:ad:bc:88:02:53:ef:9d:e3:98:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 2 08:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8190e9e7698bac3dde8487ef68b10aad812159c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1d:50:b0:3f:1e:1e:b7:a3:fe:21:1a:20:72:
71:8b:08:04:65:f1:e2:4d:e7:36:da:bd:cf:79:be:
7f:ba:ef:ed:e3:5a:84:3c:23:85:80:bf:9d:c3:d5:
65:4f:a5:c1:af:c2:cf:06:9a:42:3a:8d:03:b4:ec:
b4:ed:b7:82:f7:e0:f4:c4:9e:70:33:17:ab:f5:f7:
d4:6c:da:34:cc:8f:a9:f0:48:c4:64:79:68:88:9e:
7a:94:53:50:a6:2e:de:aa:75:b0:26:da:a4:95:a4:
0d:11:e0:6f:5c:17:95:c9:08:45:34:43:7f:82:04:
7c:95:ef:61:f5:53:0f:8e:37:4d:0b:8e:2d:a8:f4:
3d:9f:89:2c:63:e3:c7:ca:ec:6b:4a:f3:54:52:cc:
aa:03:04:99:17:a4:d5:76:92:9d:4b:aa:31:3b:5c:
49:6d:56:3e:8f:d8:07:89:bd:33:ff:d6:41:ca:0a:
57:7b:20:ce:32:99:9d:13:dc:0a:fc:5e:c5:4b:19:
5c:2d:5d:43:9b:47:2c:63:61:6e:20:b8:60:8b:6f:
79:9e:10:1a:49:81:c5:6c:2d:d5:db:5c:ea:44:85:
06:e1:2d:50:b3:a2:ec:25:b5:94:8a:c8:10:44:c9:
42:4c:26:d1:bd:66:ce:1d:df:18:6d:e1:76:b7:f7:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:90:E9:E7:69:8B:AC:3D:DE:84:87:EF:68:B1:0A:AD:81:21:59:C4
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/gZDp52mLrD3ehIfvaLEKrYEhWcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.182.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:4d:f0:df:b8:38:6c:78:24:ab:8f:39:b4:87:cd:f9:fc:6e:
dd:e6:52:72:4d:45:36:0d:b6:e2:86:5f:44:89:67:51:ac:ec:
ba:36:2e:91:2b:ed:a3:41:ac:a7:32:28:f0:03:3e:51:5d:3a:
61:fe:51:74:0b:62:e0:51:59:eb:13:39:e8:9f:bb:74:ad:b3:
f0:41:c9:29:76:9b:84:07:de:ae:dd:fc:b1:ea:e6:c3:7c:eb:
f1:41:41:7b:2a:26:4c:04:fb:08:72:8b:ce:8c:35:4e:4d:7c:
eb:4a:b7:6a:c2:c5:de:89:31:50:d1:14:ec:67:e8:23:7b:c3:
c6:18:19:ef:16:7a:44:05:17:18:c7:1f:ba:a0:7a:bb:b4:b4:
99:7f:9a:26:23:1a:cd:00:d4:43:92:bd:06:c2:82:58:6a:d1:
a9:47:7d:b6:0d:2a:43:9e:8f:96:00:b6:f1:f7:8f:fc:f6:a2:
57:ae:cc:c3:8b:8a:c0:43:3a:e4:e0:b4:b4:f8:90:81:fc:b3:
0f:e0:a0:c1:fd:4a:19:5a:4f:b1:3b:cf:25:ec:b7:f1:7e:55:
74:d4:b6:26:bd:aa:87:20:c9:b8:ca:a1:25:54:7b:50:39:e9:
54:28:92:c5:fd:36:66:1b:c3:9b:9b:04:77:8a:95:92:9d:d9:
2f:a3:00:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTcK+hpetvIgCU++d45jxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwMTAyMDgzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTkwZTllNzY5OGJhYzNkZGU4NDg3ZWY2OGIxMGFhZDgxMjE1OWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB1QsD8eHrej/iEaIHJxiwgEZfHi
Tec22r3Peb5/uu/t41qEPCOFgL+dw9VlT6XBr8LPBppCOo0DtOy07beC9+D0xJ5w
Mxer9ffUbNo0zI+p8EjEZHloiJ56lFNQpi7eqnWwJtqklaQNEeBvXBeVyQhFNEN/
ggR8le9h9VMPjjdNC44tqPQ9n4ksY+PHyuxrSvNUUsyqAwSZF6TVdpKdS6oxO1xJ
bVY+j9gHib0z/9ZBygpXeyDOMpmdE9wK/F7FSxlcLV1Dm0csY2FuILhgi295nhAa
SYHFbC3V21zqRIUG4S1Qs6LsJbWUisgQRMlCTCbRvWbOHd8YbeF2t/cEIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGQ6edpi6w93oSH72ixCq2BIVnEMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvZ1pEcDUybUxyRDNlaElmdmFMRUtyWUVoV2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9i2MA0G
CSqGSIb3DQEBCwUAA4IBAQA+TfDfuDhseCSrjzm0h835/G7d5lJyTUU2Dbbihl9E
iWdRrOy6Ni6RK+2jQaynMijwAz5RXTph/lF0C2LgUVnrEznon7t0rbPwQckpdpuE
B96u3fyx6ubDfOvxQUF7KiZMBPsIcovOjDVOTXzrSrdqwsXeiTFQ0RTsZ+gje8PG
GBnvFnpEBRcYxx+6oHq7tLSZf5omIxrNANRDkr0GwoJYatGpR322DSpDno+WALbx
94/89qJXrszDi4rAQzrk4LS0+JCB/LMP4KDB/UoZWk+xO88l7LfxflV01LYmvaqH
IMm4yqElVHtQOelUKJLF/TZmG8ObmwR3ipWSndkvowCD
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:31 2025 by rpki-client