Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/G8W3LfxkhklvMVKiX445mJTXDY4.roa
File: G8W3LfxkhklvMVKiX445mJTXDY4.roa (raw, json)
Hash identifier: w78rMf3WJRpncIA+Ug0s6Hp3Y2nz4sx0F83/yWo515c=
Subject key identifier: 1B:C5:B7:2D:FC:64:86:49:6F:31:52:A2:5F:8E:39:98:94:D7:0D:8E
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 019471101356FFBB531D912B60B7C7CF8B6A
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/G8W3LfxkhklvMVKiX445mJTXDY4.roa
Signing time: Thu 16 Jan 2025 21:41:06 +0000
ROA not before: Thu 16 Jan 2025 21:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.160.30.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 25 Jan 2025 10:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:71:10:13:56:ff:bb:53:1d:91:2b:60:b7:c7:cf:8b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Jan 16 21:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bc5b72dfc6486496f3152a25f8e399894d70d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b5:be:29:2a:fe:3a:fe:8b:54:22:49:23:4f:
d8:f5:b6:c5:0d:2c:ec:63:c7:48:4a:0b:7a:c7:b0:
df:df:4f:9d:31:52:10:8c:4f:95:e7:3e:f8:2a:88:
2f:1a:73:13:0e:c4:50:bc:7b:ae:94:3c:7a:61:a8:
24:f0:0c:7c:e7:b1:f3:dd:8a:bd:29:0b:a1:a9:b7:
fa:b1:bf:2c:e1:5c:66:62:68:a6:76:6b:4f:4e:c3:
9c:dd:30:a7:60:15:a4:70:96:70:8b:b6:fd:e0:3b:
c5:15:27:5a:c1:e5:82:89:f6:cf:2b:d5:1d:e7:f5:
33:ce:42:70:6e:1a:48:1a:8c:9e:01:e0:3b:c3:6a:
1e:10:7f:30:28:d3:88:c4:28:79:31:c7:03:aa:7b:
21:55:8f:a4:dc:7a:94:b4:94:e4:ea:0c:b5:86:f2:
0a:f1:96:d3:d7:b0:2c:aa:0d:a0:bd:95:78:0d:91:
98:e5:b0:68:16:a7:42:46:a6:96:0b:22:c2:78:c5:
8f:1d:e2:b7:b1:63:2f:22:94:47:c4:ae:63:57:c1:
31:24:01:16:41:a9:4b:41:99:95:6b:eb:6c:c9:6f:
33:89:98:5c:61:3b:23:21:f2:e4:43:b2:cb:e8:18:
8a:7f:6a:c9:59:8a:3d:b9:fa:c9:b1:3b:89:ac:6d:
df:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C5:B7:2D:FC:64:86:49:6F:31:52:A2:5F:8E:39:98:94:D7:0D:8E
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/G8W3LfxkhklvMVKiX445mJTXDY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.30.0/24
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:2e:48:86:75:9a:2c:e1:f8:b2:2e:98:ff:48:aa:58:a3:0c:
39:e0:24:c1:92:ac:83:a4:4d:ff:be:3e:13:40:c7:11:a7:7d:
82:73:21:f2:39:4c:3b:f5:a0:4e:e4:63:e3:fd:18:d1:3e:70:
06:04:04:46:b8:1f:7f:42:05:f9:41:d1:01:b8:5e:cd:a9:3c:
5e:9e:ed:14:af:2b:62:be:6e:68:03:e2:68:54:a8:d4:96:74:
47:96:1c:e2:0e:bb:ab:5d:f2:79:92:e0:9f:09:94:08:be:61:
6a:49:ce:34:12:ae:1d:c0:7b:e1:64:db:ac:c6:63:7b:3f:ad:
9d:0a:07:00:53:18:18:5c:d6:2e:f2:43:66:9d:bc:e7:f6:c2:
ad:a4:a7:64:f1:72:4d:e4:76:ec:70:bd:44:ff:93:42:b9:30:
57:f5:0d:4f:48:38:00:f6:9e:09:85:c0:00:ca:d3:04:1a:eb:
00:12:82:72:f6:ae:25:13:07:d5:8b:38:62:16:38:3b:66:b7:
b6:7b:cd:26:4e:05:43:41:db:2d:af:14:59:dd:88:d6:6c:af:
3f:b8:c5:84:e9:ec:94:05:fa:b4:09:d7:63:10:3e:06:bf:0c:
48:c0:17:90:fa:e7:d7:71:5c:9c:00:1d:0a:fa:97:84:e3:04:
ee:eb:16:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRxEBNW/7tTHZErYLfHz4tqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwMTE2MjE0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM1YjcyZGZjNjQ4NjQ5NmYzMTUyYTI1ZjhlMzk5ODk0ZDcwZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobW+KSr+Ov6LVCJJI0/Y9bbFDSzs
Y8dISgt6x7Df30+dMVIQjE+V5z74KogvGnMTDsRQvHuulDx6Yagk8Ax857Hz3Yq9
KQuhqbf6sb8s4VxmYmimdmtPTsOc3TCnYBWkcJZwi7b94DvFFSdaweWCifbPK9Ud
5/UzzkJwbhpIGoyeAeA7w2oeEH8wKNOIxCh5MccDqnshVY+k3HqUtJTk6gy1hvIK
8ZbT17Asqg2gvZV4DZGY5bBoFqdCRqaWCyLCeMWPHeK3sWMvIpRHxK5jV8ExJAEW
QalLQZmVa+tsyW8ziZhcYTsjIfLkQ7LL6BiKf2rJWYo9ufrJsTuJrG3f+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBvFty38ZIZJbzFSol+OOZiU1w2OMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvRzhXM0xmeGtoa2x2TVZLaVg0NDVtSlRYRFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaAeMA0E
AgACMAcDBQMqBavAMA0GCSqGSIb3DQEBCwUAA4IBAQA5LkiGdZos4fiyLpj/SKpY
oww54CTBkqyDpE3/vj4TQMcRp32CcyHyOUw79aBO5GPj/RjRPnAGBARGuB9/QgX5
QdEBuF7NqTxenu0Urytivm5oA+JoVKjUlnRHlhziDrurXfJ5kuCfCZQIvmFqSc40
Eq4dwHvhZNusxmN7P62dCgcAUxgYXNYu8kNmnbzn9sKtpKdk8XJN5HbscL1E/5NC
uTBX9Q1PSDgA9p4JhcAAytMEGusAEoJy9q4lEwfVizhiFjg7Zre2e80mTgVDQdst
rxRZ3YjWbK8/uMWE6eyUBfq0CddjED4GvwxIwBeQ+ufXcVycAB0K+peE4wTu6xbz
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:24 2025 by rpki-client