Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/gbIc_bvjAm4XrVtEykfwi366soo.roa
File: gbIc_bvjAm4XrVtEykfwi366soo.roa (raw, json)
Hash identifier: cHi3jdu8qR9GC7dhCYr95Z/38HVlkJcGyK5d8lmF9QU=
Subject key identifier: 81:B2:1C:FD:BB:E3:02:6E:17:AD:5B:44:CA:47:F0:8B:7E:BA:B2:8A
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018CC5DD14524BCEC408B210B0A1B06A4778
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/gbIc_bvjAm4XrVtEykfwi366soo.roa
Signing time: Mon 01 Jan 2024 16:30:49 +0000
ROA not before: Mon 01 Jan 2024 16:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48336
IP address blocks: 45.135.226.0/23 maxlen: 24
45.86.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:14:52:4b:ce:c4:08:b2:10:b0:a1:b0:6a:47:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 16:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81b21cfdbbe3026e17ad5b44ca47f08b7ebab28a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:17:1b:08:ab:4e:61:0d:3e:b1:9b:1c:64:
a8:da:a1:69:83:f2:ca:90:90:f3:54:4e:6a:f4:77:
f4:d5:2a:df:f4:8b:06:b0:7d:54:a1:b4:6d:7f:9a:
95:db:49:c6:7d:78:ad:6b:d2:79:05:8f:eb:e7:ec:
9c:d6:f0:46:06:eb:b5:ed:84:a5:42:66:b9:fe:82:
e0:79:72:d5:d6:fb:88:b4:83:7d:46:2f:85:63:30:
76:03:67:bc:f4:01:58:a0:78:17:99:62:90:a3:9d:
75:6b:f9:3a:8a:30:b8:78:91:aa:14:17:04:04:61:
bd:2c:36:98:74:93:5c:ee:a4:f9:4f:9b:27:42:26:
3e:d6:83:3a:0f:84:ba:85:bc:43:88:30:c6:75:eb:
6c:0e:a3:11:15:07:dc:c9:b4:76:7b:e1:cd:b2:cc:
5b:7b:2f:74:65:e1:60:d7:b3:1a:6f:37:8f:35:8c:
1b:96:dc:cd:e4:89:8c:63:d7:21:4b:23:70:ca:73:
52:11:49:5a:03:20:27:61:62:37:4d:d2:0e:4e:49:
3e:2b:45:ce:04:0d:11:7b:2b:e1:af:a0:fa:aa:2f:
e7:92:b7:20:ed:03:66:b4:dc:bd:bc:4d:51:62:47:
75:38:fa:3b:47:70:a4:1e:b7:fa:db:2d:ce:ee:c1:
41:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B2:1C:FD:BB:E3:02:6E:17:AD:5B:44:CA:47:F0:8B:7E:BA:B2:8A
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/gbIc_bvjAm4XrVtEykfwi366soo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.240.0/24
45.135.226.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:3e:c9:09:53:dd:c8:a9:9a:5b:80:aa:cd:1e:f6:27:1d:43:
fc:16:88:17:7e:8c:ca:69:bb:01:5b:33:87:2e:81:a8:d8:d2:
e5:dd:61:eb:a1:4e:fd:9b:69:9c:5d:79:85:73:3b:17:17:9c:
37:a4:42:aa:57:b5:97:98:47:cf:98:54:0c:41:1a:9e:f2:30:
fb:ab:57:70:18:31:e1:25:e7:7c:24:93:ad:da:74:89:4e:0e:
22:04:68:a4:09:3c:7d:97:a7:4a:0c:20:de:61:da:01:d2:91:
92:6f:a4:b5:db:70:a6:9a:38:dc:cf:54:aa:e8:25:ca:69:16:
fa:02:db:ec:51:e2:b8:5d:ce:f2:d2:22:07:58:57:99:36:e1:
0b:64:9b:51:70:14:30:69:97:ca:bf:82:21:fa:7a:b9:b3:4f:
81:75:f2:44:51:86:de:b1:fd:19:df:7d:9f:95:d3:09:bd:48:
ca:e5:e1:bd:1f:ab:74:55:02:53:cb:b4:57:26:69:28:84:91:
aa:b4:ea:8c:f5:8b:fe:18:94:f9:7f:96:26:92:75:05:e1:92:
b7:60:d8:19:65:ec:97:f7:ed:af:91:ab:92:3c:d5:6f:74:b9:
5d:41:68:ca:58:78:a9:4f:1a:a4:4d:61:29:20:ee:c3:b5:47:
72:a5:91:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3RRSS87ECLIQsKGwakd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMTAxMTYzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWIyMWNmZGJiZTMwMjZlMTdhZDViNDRjYTQ3ZjA4YjdlYmFiMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdIXGwirTmENPrGbHGSo2qFpg/LK
kJDzVE5q9Hf01Srf9IsGsH1UobRtf5qV20nGfXita9J5BY/r5+yc1vBGBuu17YSl
Qma5/oLgeXLV1vuItIN9Ri+FYzB2A2e89AFYoHgXmWKQo511a/k6ijC4eJGqFBcE
BGG9LDaYdJNc7qT5T5snQiY+1oM6D4S6hbxDiDDGdetsDqMRFQfcybR2e+HNssxb
ey90ZeFg17MabzePNYwbltzN5ImMY9chSyNwynNSEUlaAyAnYWI3TdIOTkk+K0XO
BA0Reyvhr6D6qi/nkrcg7QNmtNy9vE1RYkd1OPo7R3CkHrf62y3O7sFBmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGyHP274wJuF61bRMpH8It+urKKMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvZ2JJY19idmpBbTRYclZ0RXlrZndpMzY2c29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVbwAwQB
LYfiMA0GCSqGSIb3DQEBCwUAA4IBAQAtPskJU93IqZpbgKrNHvYnHUP8FogXfozK
absBWzOHLoGo2NLl3WHroU79m2mcXXmFczsXF5w3pEKqV7WXmEfPmFQMQRqe8jD7
q1dwGDHhJed8JJOt2nSJTg4iBGikCTx9l6dKDCDeYdoB0pGSb6S123Cmmjjcz1Sq
6CXKaRb6AtvsUeK4Xc7y0iIHWFeZNuELZJtRcBQwaZfKv4Ih+nq5s0+BdfJEUYbe
sf0Z332fldMJvUjK5eG9H6t0VQJTy7RXJmkohJGqtOqM9Yv+GJT5f5YmknUF4ZK3
YNgZZeyX9+2vkauSPNVvdLldQWjKWHipTxqkTWEpIO7DtUdypZFM
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:19:47 2025 by rpki-client