Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/GLJeo9OJokvwxntYXa9z6VAuKG4.roa
File: GLJeo9OJokvwxntYXa9z6VAuKG4.roa (raw, json)
Hash identifier: HFGNk8CsHwNqx59cjE1x3l22X4IZlzGeQQ9JRhMno5U=
Subject key identifier: 18:B2:5E:A3:D3:89:A2:4B:F0:C6:7B:58:5D:AF:73:E9:50:2E:28:6E
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 0194282537478E9E316921054718043EC497
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/GLJeo9OJokvwxntYXa9z6VAuKG4.roa
Signing time: Thu 02 Jan 2025 17:51:55 +0000
ROA not before: Thu 02 Jan 2025 17:51:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6696
IP address blocks: 109.69.218.0/24 maxlen: 24
128.127.180.0/24 maxlen: 24
185.99.48.0/24 maxlen: 24
185.99.49.0/24 maxlen: 24
185.99.50.0/24 maxlen: 24
185.192.44.0/22 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.45.0/24 maxlen: 24
193.105.133.0/24 maxlen: 24
193.138.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 08:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:37:47:8e:9e:31:69:21:05:47:18:04:3e:c4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 2 17:51:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18b25ea3d389a24bf0c67b585daf73e9502e286e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:92:c3:e8:b7:d6:88:21:96:99:53:24:92:53:
aa:18:b5:d5:26:81:bd:98:20:70:35:f6:be:5f:5d:
98:d0:f2:36:0c:d0:9b:a4:3d:d9:fc:be:0b:bb:e7:
63:c5:33:17:e7:ac:41:70:70:99:53:2f:a5:ac:ec:
31:47:e0:c4:71:37:66:55:2c:7b:d0:47:11:68:13:
dd:94:47:c0:ad:dd:49:ee:3d:05:96:9b:44:72:88:
b2:ea:0a:d8:51:46:22:66:26:7d:46:36:6e:6c:e9:
44:d9:57:26:75:dc:ae:57:12:91:e0:30:08:79:87:
f1:ce:9c:0c:9e:5e:45:ec:63:09:03:7e:43:19:30:
c6:04:e9:73:2a:ac:9a:33:07:60:ae:68:31:1b:c8:
b2:4d:82:fd:94:62:31:bc:ac:a8:67:92:69:95:e4:
a5:64:35:b0:ef:b1:44:bd:fe:10:4d:79:7d:c0:78:
71:e9:96:1e:75:3c:09:96:70:de:6b:92:3d:48:23:
d4:77:5e:ee:40:b1:11:1e:a2:6b:89:d6:9a:85:99:
0d:09:df:19:65:ed:7e:96:aa:2a:50:b8:54:2e:8c:
d2:ee:f6:17:24:f0:31:25:5d:04:25:64:67:0c:36:
f6:46:8f:d4:0f:72:69:cc:bc:16:88:73:fc:86:c2:
8a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B2:5E:A3:D3:89:A2:4B:F0:C6:7B:58:5D:AF:73:E9:50:2E:28:6E
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/GLJeo9OJokvwxntYXa9z6VAuKG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.218.0/24
128.127.180.0/24
185.99.48.0-185.99.50.255
185.192.44.0/22
193.105.133.0/24
193.138.101.0/24
Signature Algorithm: sha256WithRSAEncryption
87:78:29:69:8c:c1:fa:bd:d4:d9:89:31:d7:b7:6d:71:f3:8d:
5f:3c:37:2c:73:79:b7:15:d6:a4:30:b2:c2:a3:a3:bd:42:b5:
12:13:49:29:aa:d0:cd:b5:82:31:6b:40:ed:7f:5e:0e:db:bc:
08:91:af:ce:2a:c1:b0:d7:21:5f:98:f2:1d:c0:c8:a5:4f:f3:
51:b5:49:b7:5f:4b:3f:69:10:5e:cf:5e:fe:13:4e:22:2a:57:
bd:4c:5f:9a:3c:03:1d:15:17:91:55:56:6b:aa:12:0e:62:78:
21:69:ec:12:22:bf:33:2d:f6:a7:d6:89:7f:93:df:bf:9b:f4:
5c:22:df:f9:d1:78:fc:15:9f:3f:79:df:0f:4b:76:27:58:9f:
62:20:b0:dd:8c:f5:0b:10:5f:49:6c:47:15:43:74:45:ee:c3:
75:cd:dd:21:0b:35:94:58:fa:6d:f9:8a:a5:19:dd:be:4b:5c:
8c:e0:f3:65:f7:8e:a6:ac:07:e8:f7:4c:85:cf:31:f9:bf:d0:
6f:78:65:4f:1f:9c:96:e7:be:fb:f6:66:5f:9e:58:ae:9c:84:
73:fd:f2:6b:06:01:5c:b6:bc:37:c2:da:9d:b0:92:bf:b2:81:
ef:9c:b8:61:eb:ce:ff:61:a5:37:26:3d:2b:cc:8f:e0:9b:6b:
5b:ac:e5:48
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQoJTdHjp4xaSEFRxgEPsSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjUwMTAyMTc1MTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGIyNWVhM2QzODlhMjRiZjBjNjdiNTg1ZGFmNzNlOTUwMmUyODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pLD6LfWiCGWmVMkklOqGLXVJoG9
mCBwNfa+X12Y0PI2DNCbpD3Z/L4Lu+djxTMX56xBcHCZUy+lrOwxR+DEcTdmVSx7
0EcRaBPdlEfArd1J7j0FlptEcoiy6grYUUYiZiZ9RjZubOlE2VcmddyuVxKR4DAI
eYfxzpwMnl5F7GMJA35DGTDGBOlzKqyaMwdgrmgxG8iyTYL9lGIxvKyoZ5JpleSl
ZDWw77FEvf4QTXl9wHhx6ZYedTwJlnDea5I9SCPUd17uQLERHqJridaahZkNCd8Z
Ze1+lqoqULhULozS7vYXJPAxJV0EJWRnDDb2Ro/UD3JpzLwWiHP8hsKK1QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBiyXqPTiaJL8MZ7WF2vc+lQLihuMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvR0xKZW85T0pva3Z3eG50WVhhOXo2VkF1S0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAbUXaAwQA
gH+0MAwDBAS5YzADBAC5YzIDBAK5wCwDBADBaYUDBADBimUwDQYJKoZIhvcNAQEL
BQADggEBAId4KWmMwfq91NmJMde3bXHzjV88NyxzebcV1qQwssKjo71CtRITSSmq
0M21gjFrQO1/Xg7bvAiRr84qwbDXIV+Y8h3AyKVP81G1SbdfSz9pEF7PXv4TTiIq
V71MX5o8Ax0VF5FVVmuqEg5ieCFp7BIivzMt9qfWiX+T37+b9Fwi3/nRePwVnz95
3w9LdidYn2IgsN2M9QsQX0lsRxVDdEXuw3XN3SELNZRY+m35iqUZ3b5LXIzg82X3
jqasB+j3TIXPMfm/0G94ZU8fnJbnvvv2Zl+eWK6chHP98msGAVy2vDfC2p2wkr+y
ge+cuGHrzv9hpTcmPSvMj+Cba1us5Ug=
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:18:51 2025 by rpki-client