Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/guRstSWC4_9gua8FMQo6vyVl260.roa
File: guRstSWC4_9gua8FMQo6vyVl260.roa (raw, json)
Hash identifier: dHf2V2b4JMIXlXCnLkeve+1h1gpvMzmYpUhnWdHo3a0=
Subject key identifier: 82:E4:6C:B5:25:82:E3:FF:60:B9:AF:05:31:0A:3A:BF:25:65:DB:AD
Certificate issuer: /CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Certificate serial: 018CC870AB2A60CBFDAC19213CA3A6FE03ED
Authority key identifier: 6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/guRstSWC4_9gua8FMQo6vyVl260.roa
Signing time: Tue 02 Jan 2024 04:31:16 +0000
ROA not before: Tue 02 Jan 2024 04:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1835
IP address blocks: 192.38.32.0/19 maxlen: 24
130.226.0.0/16 maxlen: 24
192.38.64.0/18 maxlen: 24
192.38.0.0/17 maxlen: 24
192.38.4.0/22 maxlen: 24
192.38.8.0/21 maxlen: 24
192.38.16.0/20 maxlen: 24
130.225.0.0/16 maxlen: 24
2001:878::/30 maxlen: 48
2001:7f8:1f::/48 maxlen: 64
2001:878::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:ab:2a:60:cb:fd:ac:19:21:3c:a3:a6:fe:03:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Validity
Not Before: Jan 2 04:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82e46cb52582e3ff60b9af05310a3abf2565dbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d0:0c:91:5b:7c:b8:04:69:18:2e:4f:0b:4c:
0a:7d:96:4f:22:b7:e1:c4:61:2d:7d:2a:ad:42:ad:
13:70:c3:eb:77:bb:d5:50:5e:8d:9f:d6:ec:69:fa:
82:e8:89:c0:3d:b5:8b:a7:ca:a4:6b:70:55:81:67:
6c:07:8b:54:7b:05:4b:2e:71:8b:82:72:6e:7a:5d:
d9:42:0b:85:de:96:55:a7:e0:3b:b7:87:cf:c1:89:
2d:65:49:5f:75:54:5b:89:48:35:49:97:64:68:1c:
fd:75:42:cf:14:9c:c7:0f:a7:08:89:04:67:ed:d8:
54:65:d2:73:f8:98:8c:82:8c:92:15:92:8c:95:b7:
8d:9a:cf:e9:8b:d9:ba:ae:53:dd:40:08:b4:e4:4c:
fe:01:40:6d:43:9e:33:e2:82:95:eb:a6:d5:a4:93:
8c:c0:4f:15:fb:0c:2f:39:66:eb:ef:a6:08:77:fc:
05:a5:6f:d8:01:6f:b7:b4:8a:2f:e5:42:90:49:c0:
53:c2:44:df:f8:3d:50:93:89:db:6a:21:97:7f:d4:
94:ac:48:d0:3e:d7:8a:8b:6f:1d:f6:7e:df:fb:a6:
67:79:9b:b9:8c:61:cc:cc:b1:17:42:15:a6:22:90:
c2:d0:20:f8:cc:e1:54:c1:12:29:c4:bd:51:dc:72:
ce:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E4:6C:B5:25:82:E3:FF:60:B9:AF:05:31:0A:3A:BF:25:65:DB:AD
X509v3 Authority Key Identifier:
keyid:6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/guRstSWC4_9gua8FMQo6vyVl260.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/bd2PHjjJH1sXw9GnI05JyccNwyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.225.0.0-130.226.255.255
192.38.0.0/17
IPv6:
2001:7f8:1f::/48
2001:878::/29
Signature Algorithm: sha256WithRSAEncryption
8d:1a:aa:fb:99:e1:09:6b:89:56:86:70:4f:07:5e:3f:e7:a8:
f8:63:05:bd:9a:1b:4b:38:f9:c9:c8:97:9d:f6:62:b7:7f:76:
fe:a0:9d:ad:1b:d8:af:15:e9:c4:89:7f:92:82:c9:2b:cd:af:
e7:0a:ba:7c:04:c5:08:5d:4c:a0:f8:0f:64:41:bb:8d:b1:f0:
9f:aa:cb:6b:27:99:b3:89:e8:b0:c8:17:4c:84:c1:0e:e3:bf:
bc:3d:d2:35:2d:73:f3:96:13:2c:02:89:84:4d:a0:66:4c:5b:
57:8d:12:d1:69:f1:d2:7e:b4:b2:81:48:70:ed:82:c4:36:4a:
ed:d2:4f:4f:eb:4b:9c:f5:d3:28:61:b8:b8:55:58:5d:3c:8a:
52:69:59:0c:f1:f5:d7:04:be:85:da:ca:cd:f4:c1:17:a6:f5:
63:a5:ce:d0:b0:9d:89:68:49:0a:74:b8:9b:fc:1b:98:2a:02:
6e:fc:2a:6c:00:38:2f:cc:51:c9:a5:5a:8b:e7:3c:5f:62:63:
26:26:3f:53:e3:73:a4:f6:9b:7e:79:7b:4b:4a:bd:44:3a:d4:
47:b8:cf:f3:8c:0a:dd:70:32:3f:d7:0b:49:45:a4:05:92:d6:
b8:7f:75:d8:9c:be:5a:5a:a5:d5:c6:e5:30:d7:96:47:40:a8:
30:99:84:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIcKsqYMv9rBkhPKOm/gPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ4ZjFlMzhjOTFmNWIxN2MzZDFhNzIzNGU0OWM5Yzcw
ZGMzMjQwHhcNMjQwMTAyMDQzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmU0NmNiNTI1ODJlM2ZmNjBiOWFmMDUzMTBhM2FiZjI1NjVkYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9AMkVt8uARpGC5PC0wKfZZPIrfh
xGEtfSqtQq0TcMPrd7vVUF6Nn9bsafqC6InAPbWLp8qka3BVgWdsB4tUewVLLnGL
gnJuel3ZQguF3pZVp+A7t4fPwYktZUlfdVRbiUg1SZdkaBz9dULPFJzHD6cIiQRn
7dhUZdJz+JiMgoySFZKMlbeNms/pi9m6rlPdQAi05Ez+AUBtQ54z4oKV66bVpJOM
wE8V+wwvOWbr76YId/wFpW/YAW+3tIov5UKQScBTwkTf+D1Qk4nbaiGXf9SUrEjQ
PteKi28d9n7f+6ZneZu5jGHMzLEXQhWmIpDC0CD4zOFUwRIpxL1R3HLO5wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFILkbLUlguP/YLmvBTEKOr8lZdutMB8GA1UdIwQY
MBaAFG3djx44yR9bF8PRpyNOScnHDcMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUt
ZjYyOTdhNzdhMzdiLzEvZ3VSc3RTV0M0XzlndWE4Rk1RbzZ2eVZsMjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUtZjYyOTdhNzdhMzdi
LzEvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASMAoDAwCC4QMD
AILiAwQHwCYAMBYEAgACMBADBwAgAQf4AB8DBQMgAQh4MA0GCSqGSIb3DQEBCwUA
A4IBAQCNGqr7meEJa4lWhnBPB14/56j4YwW9mhtLOPnJyJed9mK3f3b+oJ2tG9iv
FenEiX+Sgskrza/nCrp8BMUIXUyg+A9kQbuNsfCfqstrJ5mzieiwyBdMhMEO47+8
PdI1LXPzlhMsAomETaBmTFtXjRLRafHSfrSygUhw7YLENkrt0k9P60uc9dMoYbi4
VVhdPIpSaVkM8fXXBL6F2srN9MEXpvVjpc7QsJ2JaEkKdLib/BuYKgJu/CpsADgv
zFHJpVqL5zxfYmMmJj9T43Ok9pt+eXtLSr1EOtRHuM/zjArdcDI/1wtJRaQFkta4
f3XYnL5aWqXVxuUw15ZHQKgwmYR4
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:57 2025 by rpki-client