Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/gGNDydExXawK92_dfDIgh-FkfKg.roa
File: gGNDydExXawK92_dfDIgh-FkfKg.roa (raw, json)
Hash identifier: LoGerMEUS4RC48RvTQM3Pgw1At8q26SA1veQABn3NCI=
Subject key identifier: 80:63:43:C9:D1:31:5D:AC:0A:F7:6F:DD:7C:32:20:87:E1:64:7C:A8
Certificate issuer: /CN=b5253c2552d4403f43b83c25e762238df12dae81
Certificate serial: 018CC42502BCC57737850454EB63116C2155
Authority key identifier: B5:25:3C:25:52:D4:40:3F:43:B8:3C:25:E7:62:23:8D:F1:2D:AE:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/gGNDydExXawK92_dfDIgh-FkfKg.roa
Signing time: Mon 01 Jan 2024 08:30:08 +0000
ROA not before: Mon 01 Jan 2024 08:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203419
IP address blocks: 185.135.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:02:bc:c5:77:37:85:04:54:eb:63:11:6c:21:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5253c2552d4403f43b83c25e762238df12dae81
Validity
Not Before: Jan 1 08:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=806343c9d1315dac0af76fdd7c322087e1647ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9e:f9:08:ad:68:e3:a4:8f:96:a1:56:03:9a:
5e:2f:c7:ab:67:18:06:9a:c2:32:c9:bb:f0:15:01:
89:cc:c5:02:fb:a9:f0:4b:d5:e7:8f:95:fb:3b:6f:
e7:c1:66:67:e8:de:bb:38:73:ef:37:32:ef:73:46:
b3:8a:6f:3f:ae:3c:37:e7:94:1e:bc:02:cf:d7:53:
79:d3:f6:b7:5e:52:98:46:7a:f6:a4:53:ba:67:99:
c9:e5:3b:68:10:ff:59:e9:77:3e:ff:4c:13:ba:9d:
e2:d3:ef:ac:ef:92:76:9a:0b:d6:3a:35:92:71:4b:
34:c7:5a:e0:3e:29:df:ff:0b:d9:51:16:d5:f8:aa:
52:f9:00:61:84:0b:0f:54:0d:2c:f3:f7:f1:37:30:
17:4d:4d:9d:84:c6:eb:5e:12:36:00:14:e9:5c:03:
5a:2e:cb:62:8d:f3:58:9b:6a:d8:c3:af:8c:60:2a:
94:03:0f:21:6b:6c:83:66:df:17:1c:96:e6:97:c1:
4f:29:8c:f2:17:6e:4b:da:e1:d5:bc:bc:45:2c:25:
11:70:60:5e:8f:cc:3e:85:a6:d7:21:8f:31:ec:cb:
ef:7d:b4:01:85:8b:e6:38:8a:8d:1d:58:ab:03:d6:
82:95:7e:3a:50:51:c4:30:19:2b:4c:2d:8c:66:b3:
a8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:63:43:C9:D1:31:5D:AC:0A:F7:6F:DD:7C:32:20:87:E1:64:7C:A8
X509v3 Authority Key Identifier:
keyid:B5:25:3C:25:52:D4:40:3F:43:B8:3C:25:E7:62:23:8D:F1:2D:AE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/gGNDydExXawK92_dfDIgh-FkfKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.112.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:b9:3e:18:e7:74:4f:c1:5d:6f:92:8a:7b:bf:b8:70:0e:88:
bd:57:07:ed:2a:00:56:78:8d:d9:d3:60:60:d7:a6:5f:64:da:
61:b3:73:92:42:eb:2e:b2:ad:7d:94:98:c3:2c:bc:d3:2c:d7:
24:5a:1c:28:12:20:f2:71:70:07:bb:c5:69:b7:41:3e:58:a7:
fb:58:2c:f3:ac:70:78:d9:2d:25:28:bf:2e:1e:ff:3a:c1:f4:
7d:e5:6a:2e:d9:55:38:cc:1c:0a:60:05:de:4c:72:98:e0:0a:
a0:92:b8:26:91:e5:6d:78:ea:c6:fc:08:14:78:d6:86:82:a4:
01:fe:fb:d3:eb:0f:b6:67:93:d6:29:36:31:86:8a:5b:fe:26:
3c:b4:f8:2d:be:6a:51:4c:af:0a:c1:25:80:25:e3:62:4f:5d:
b7:c1:0b:f3:10:6e:d4:46:45:80:7c:d0:ac:0f:5f:87:77:2f:
d7:9a:e8:e4:0a:15:72:4f:a6:07:82:19:9e:8e:ec:a6:1b:2e:
26:ee:80:59:03:55:ec:d3:14:1e:36:48:98:f9:f7:69:9f:ff:
00:cf:13:6f:ea:35:36:ad:80:ea:cf:a2:18:9b:96:59:eb:8c:
ce:c1:6e:aa:5e:87:65:5f:53:a8:ef:26:80:2f:96:b8:b8:2d:
a2:23:56:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQK8xXc3hQRU62MRbCFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjUzYzI1NTJkNDQwM2Y0M2I4M2MyNWU3NjIyMzhkZjEy
ZGFlODEwHhcNMjQwMTAxMDgzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDYzNDNjOWQxMzE1ZGFjMGFmNzZmZGQ3YzMyMjA4N2UxNjQ3Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ75CK1o46SPlqFWA5peL8erZxgG
msIyybvwFQGJzMUC+6nwS9Xnj5X7O2/nwWZn6N67OHPvNzLvc0azim8/rjw355Qe
vALP11N50/a3XlKYRnr2pFO6Z5nJ5TtoEP9Z6Xc+/0wTup3i0++s75J2mgvWOjWS
cUs0x1rgPinf/wvZURbV+KpS+QBhhAsPVA0s8/fxNzAXTU2dhMbrXhI2ABTpXANa
LstijfNYm2rYw6+MYCqUAw8ha2yDZt8XHJbml8FPKYzyF25L2uHVvLxFLCURcGBe
j8w+habXIY8x7MvvfbQBhYvmOIqNHVirA9aClX46UFHEMBkrTC2MZrOojQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBjQ8nRMV2sCvdv3XwyIIfhZHyoMB8GA1UdIwQY
MBaAFLUlPCVS1EA/Q7g8JediI43xLa6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS84MjA5OGItMGM1My00ZGYyLThhMzIt
ZmJjMWUzZjdlOTJiLzEvZ0dORHlkRXhYYXdLOTJfZGZESWdoLUZrZktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS84MjA5OGItMGM1My00ZGYyLThhMzItZmJjMWUzZjdlOTJi
LzEvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYdwMA0G
CSqGSIb3DQEBCwUAA4IBAQCeuT4Y53RPwV1vkop7v7hwDoi9VwftKgBWeI3Z02Bg
16ZfZNphs3OSQususq19lJjDLLzTLNckWhwoEiDycXAHu8Vpt0E+WKf7WCzzrHB4
2S0lKL8uHv86wfR95Wou2VU4zBwKYAXeTHKY4AqgkrgmkeVteOrG/AgUeNaGgqQB
/vvT6w+2Z5PWKTYxhopb/iY8tPgtvmpRTK8KwSWAJeNiT123wQvzEG7URkWAfNCs
D1+Hdy/XmujkChVyT6YHghmejuymGy4m7oBZA1Xs0xQeNkiY+fdpn/8AzxNv6jU2
rYDqz6IYm5ZZ64zOwW6qXodlX1Oo7yaAL5a4uC2iI1Z+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:31 2025 by rpki-client