Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/GmoMgHlSyaLSnKyn0lFE3cQ-OVg.roa
File: GmoMgHlSyaLSnKyn0lFE3cQ-OVg.roa (raw, json)
Hash identifier: fOZm/fBM1SN+gHO+bScsCR3Dm1wPJaLU9Ev6bCxdZas=
Subject key identifier: 1A:6A:0C:80:79:52:C9:A2:D2:9C:AC:A7:D2:51:44:DD:C4:3E:39:58
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 018CC424A736BB99496AF606E90E31F228D2
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/GmoMgHlSyaLSnKyn0lFE3cQ-OVg.roa
Signing time: Mon 01 Jan 2024 08:29:45 +0000
ROA not before: Mon 01 Jan 2024 08:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208981
IP address blocks: 45.12.124.0/24 maxlen: 24
45.12.125.0/24 maxlen: 24
45.12.127.0/24 maxlen: 24
45.12.126.0/24 maxlen: 24
2a0e:a900::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 07 Nov 2024 15:35:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:a7:36:bb:99:49:6a:f6:06:e9:0e:31:f2:28:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Jan 1 08:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a6a0c807952c9a2d29caca7d25144ddc43e3958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d5:67:23:68:88:a2:68:7c:8b:59:9c:46:e9:
e2:94:c2:80:cc:84:83:39:78:a3:42:82:3d:d4:6a:
11:62:c7:11:6f:9a:c5:af:58:b6:58:b0:8f:12:84:
a2:15:6a:10:5b:75:0a:3d:e7:7b:f9:6a:08:de:73:
df:5d:64:0f:29:ba:09:af:79:b9:f5:21:e9:e0:cd:
ea:d3:f9:c6:3f:ba:f9:f6:30:71:9f:1c:c3:3e:e2:
69:5a:9a:4a:4a:b0:d9:e1:17:58:99:11:df:ac:25:
f7:57:26:4f:10:52:30:32:7a:ca:bd:d8:2d:70:21:
43:1f:fe:34:8e:a2:09:62:24:cd:5b:3f:15:bf:af:
b6:20:4d:bd:2e:24:0f:aa:13:99:4a:f1:42:da:a3:
82:25:d6:70:19:be:6e:06:d9:20:f8:ac:ee:e4:d6:
f1:7d:fc:c8:18:ec:9f:94:ec:4a:41:1a:e7:b8:9f:
50:0a:5a:3d:ed:c6:49:d4:98:f5:16:7c:c7:ad:8f:
6a:95:9c:c6:7c:c8:62:21:78:a4:2c:2f:93:b3:35:
90:a4:c8:39:d2:9e:14:39:cf:71:16:81:ba:c1:0f:
ad:14:95:16:8f:ce:8c:38:64:03:e3:f9:67:23:28:
2a:51:62:8a:6a:25:5a:b8:c7:ae:44:d3:00:57:33:
8d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6A:0C:80:79:52:C9:A2:D2:9C:AC:A7:D2:51:44:DD:C4:3E:39:58
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/GmoMgHlSyaLSnKyn0lFE3cQ-OVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.124.0/22
IPv6:
2a0e:a900::/29
Signature Algorithm: sha256WithRSAEncryption
b9:79:4b:b0:60:f9:c9:20:06:06:00:37:a3:d4:cb:ca:34:f1:
50:b8:08:74:90:d1:00:bb:de:f7:cb:e3:da:04:7f:b8:5e:38:
4f:26:66:3e:c9:4f:52:1c:f6:7e:b6:50:af:e3:d7:ea:10:bd:
24:15:36:28:83:08:19:63:d8:34:7b:de:90:a4:44:01:af:45:
89:ec:29:8f:57:46:c2:71:4b:4a:e9:42:e6:2e:de:98:01:da:
e7:88:82:58:88:68:cf:85:95:ba:ed:87:f4:c1:2c:b8:b0:cb:
e8:d5:49:de:84:13:8a:5d:cc:87:6e:83:6b:d3:ef:91:35:46:
b8:41:a2:2c:53:36:c7:d1:d6:f1:3c:df:49:bc:8c:24:dc:ce:
34:65:e3:49:8b:0f:b5:a6:23:85:71:81:83:5a:54:b8:d7:f3:
25:bc:dc:35:8f:6a:1b:9e:c9:19:47:76:65:91:04:7b:ae:03:
86:00:a3:58:8e:93:04:26:8c:78:be:22:5a:b2:59:8b:5b:3f:
63:44:92:93:5a:77:d3:b3:b5:97:28:0a:26:f0:a8:f7:69:6e:
cf:ef:ce:59:b4:af:04:76:7d:be:45:df:06:89:14:9a:8f:31:
9a:f5:30:90:04:98:81:a6:4f:d6:6b:5c:38:33:99:1f:f1:f2:
36:37:c7:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJKc2u5lJavYG6Q4x8ijSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjQwMTAxMDgyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTZhMGM4MDc5NTJjOWEyZDI5Y2FjYTdkMjUxNDRkZGM0M2UzOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9VnI2iIomh8i1mcRunilMKAzISD
OXijQoI91GoRYscRb5rFr1i2WLCPEoSiFWoQW3UKPed7+WoI3nPfXWQPKboJr3m5
9SHp4M3q0/nGP7r59jBxnxzDPuJpWppKSrDZ4RdYmRHfrCX3VyZPEFIwMnrKvdgt
cCFDH/40jqIJYiTNWz8Vv6+2IE29LiQPqhOZSvFC2qOCJdZwGb5uBtkg+Kzu5Nbx
ffzIGOyflOxKQRrnuJ9QClo97cZJ1Jj1FnzHrY9qlZzGfMhiIXikLC+TszWQpMg5
0p4UOc9xFoG6wQ+tFJUWj86MOGQD4/lnIygqUWKKaiVauMeuRNMAVzON9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBpqDIB5Usmi0pysp9JRRN3EPjlYMB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEvR21vTWdIbFN5YUxTbkt5bjBsRkUzY1EtT1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQx8MA0E
AgACMAcDBQMqDqkAMA0GCSqGSIb3DQEBCwUAA4IBAQC5eUuwYPnJIAYGADej1MvK
NPFQuAh0kNEAu973y+PaBH+4XjhPJmY+yU9SHPZ+tlCv49fqEL0kFTYogwgZY9g0
e96QpEQBr0WJ7CmPV0bCcUtK6ULmLt6YAdrniIJYiGjPhZW67Yf0wSy4sMvo1Une
hBOKXcyHboNr0++RNUa4QaIsUzbH0dbxPN9JvIwk3M40ZeNJiw+1piOFcYGDWlS4
1/MlvNw1j2obnskZR3ZlkQR7rgOGAKNYjpMEJox4viJaslmLWz9jRJKTWnfTs7WX
KAom8Kj3aW7P785ZtK8Edn2+Rd8GiRSajzGa9TCQBJiBpk/Wa1w4M5kf8fI2N8dI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:45 2025 by rpki-client