Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/GPDG7k0ObHQLI6jV0K-zyzt5Lr0.roa
File: GPDG7k0ObHQLI6jV0K-zyzt5Lr0.roa (raw, json)
Hash identifier: ZxasK+3jyy822Z8f9xxMUM43tyxz/GwhpnCOJn047NI=
Subject key identifier: 18:F0:C6:EE:4D:0E:6C:74:0B:23:A8:D5:D0:AF:B3:CB:3B:79:2E:BD
Certificate issuer: /CN=e5de0de73e73874bbc66738805d373cab833b7a5
Certificate serial: 0193445DAD5A9601C9EC32C30764973B32FC
Authority key identifier: E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/GPDG7k0ObHQLI6jV0K-zyzt5Lr0.roa
Signing time: Tue 19 Nov 2024 12:20:10 +0000
ROA not before: Tue 19 Nov 2024 12:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.137.156.0/24 maxlen: 24
2a10:a100::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:5d:ad:5a:96:01:c9:ec:32:c3:07:64:97:3b:32:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5de0de73e73874bbc66738805d373cab833b7a5
Validity
Not Before: Nov 19 12:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18f0c6ee4d0e6c740b23a8d5d0afb3cb3b792ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6a:c6:65:14:7d:7a:7c:0e:e4:cc:e2:bd:93:
47:74:2b:c4:77:e4:5e:3e:20:40:2f:1e:c4:b2:28:
30:37:f2:13:ec:49:59:93:7b:a8:05:02:0f:43:4f:
5d:2f:4a:86:a5:61:9a:9d:6f:95:f2:a1:33:12:b0:
d4:57:41:3b:6c:9b:b3:87:8c:43:66:1f:7e:6d:73:
24:ee:2e:74:1d:4f:ff:09:36:a3:86:b0:1f:3d:da:
58:3f:0e:55:e4:92:f0:70:45:52:f7:e0:49:42:12:
49:fd:c3:d4:e6:08:e6:bd:52:2a:a2:8a:0f:76:43:
62:b2:36:e1:02:33:89:89:ad:94:0e:4c:d8:fb:a6:
8b:10:0c:07:ce:0c:5c:e7:c8:12:7e:81:ef:50:95:
4d:da:87:7b:56:44:4d:63:f6:45:4c:48:6f:fa:5c:
1a:39:54:4a:53:ea:91:bb:27:92:4e:d4:13:4b:81:
0e:1c:86:65:f3:05:80:8c:6a:23:d1:89:bb:02:01:
95:9d:43:9b:e4:97:33:14:45:23:58:b3:b4:92:14:
a1:82:84:53:b6:a4:f6:c3:ac:8f:18:a5:6c:b5:6f:
4f:9c:09:39:38:06:2a:cd:36:39:dd:36:0a:43:ca:
26:9d:7d:24:cd:9c:79:c4:3b:b4:74:34:60:29:9c:
ab:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F0:C6:EE:4D:0E:6C:74:0B:23:A8:D5:D0:AF:B3:CB:3B:79:2E:BD
X509v3 Authority Key Identifier:
keyid:E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/GPDG7k0ObHQLI6jV0K-zyzt5Lr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.156.0/24
IPv6:
2a10:a100::/40
Signature Algorithm: sha256WithRSAEncryption
53:6c:51:c5:57:27:da:fc:2e:8e:4e:1d:be:f5:f6:52:8e:61:
a0:49:8b:9f:b5:21:d1:78:0f:e5:9c:3c:d3:6b:e1:16:10:7c:
15:4a:24:03:37:ce:1a:be:22:15:db:b6:b7:ee:c7:4e:f3:d5:
27:28:62:c4:bc:70:4c:8c:5b:30:7d:64:0a:3a:25:c1:6c:47:
ff:19:e0:9d:2b:50:92:7f:f3:bf:93:73:32:72:d7:a0:4d:af:
72:d2:76:dd:b1:b0:f7:b1:8d:0c:50:1d:bd:db:91:1a:fb:52:
d6:7f:8f:ee:27:41:f5:21:9d:c7:15:9e:bb:cb:df:49:2a:4c:
60:68:68:b4:ca:d7:bf:70:bb:f2:e4:7e:c4:39:2f:0e:1d:93:
b8:c2:49:5a:ef:bf:ef:85:01:83:24:61:e0:53:29:f2:91:72:
68:d4:69:ae:8b:82:42:9b:fa:11:a1:0a:18:0b:a9:fe:2e:8d:
cb:39:13:db:39:e1:61:44:3c:c2:b3:81:c8:df:37:77:a2:31:
26:22:ea:a6:09:02:59:00:6d:b0:d6:3a:26:74:58:c8:8a:dd:
1f:4f:8c:58:2f:9a:f3:7c:74:9e:df:25:67:ee:ed:d6:e3:45:
69:97:1f:4f:9d:cd:29:04:ab:e4:09:b7:48:97:9c:19:e5:38:
6d:5c:06:59
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZNEXa1algHJ7DLDB2SXOzL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZGUwZGU3M2U3Mzg3NGJiYzY2NzM4ODA1ZDM3M2NhYjgz
M2I3YTUwHhcNMjQxMTE5MTIyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGYwYzZlZTRkMGU2Yzc0MGIyM2E4ZDVkMGFmYjNjYjNiNzkyZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmrGZRR9enwO5MzivZNHdCvEd+Re
PiBALx7EsigwN/IT7ElZk3uoBQIPQ09dL0qGpWGanW+V8qEzErDUV0E7bJuzh4xD
Zh9+bXMk7i50HU//CTajhrAfPdpYPw5V5JLwcEVS9+BJQhJJ/cPU5gjmvVIqoooP
dkNisjbhAjOJia2UDkzY+6aLEAwHzgxc58gSfoHvUJVN2od7VkRNY/ZFTEhv+lwa
OVRKU+qRuyeSTtQTS4EOHIZl8wWAjGoj0Ym7AgGVnUOb5JczFEUjWLO0khShgoRT
tqT2w6yPGKVstW9PnAk5OAYqzTY53TYKQ8omnX0kzZx5xDu0dDRgKZyrZwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBjwxu5NDmx0CyOo1dCvs8s7eS69MB8GA1UdIwQY
MBaAFOXeDec+c4dLvGZziAXTc8q4M7elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMt
MTA1MzRjNjdiYmI4LzEvR1BERzdrME9iSFFMSTZqVjBLLXp5enQ1THIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMtMTA1MzRjNjdiYmI4
LzEvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuYmcMA4E
AgACMAgDBgAqEKEAADANBgkqhkiG9w0BAQsFAAOCAQEAU2xRxVcn2vwujk4dvvX2
Uo5hoEmLn7Uh0XgP5Zw802vhFhB8FUokAzfOGr4iFdu2t+7HTvPVJyhixLxwTIxb
MH1kCjolwWxH/xngnStQkn/zv5NzMnLXoE2vctJ23bGw97GNDFAdvduRGvtS1n+P
7idB9SGdxxWeu8vfSSpMYGhotMrXv3C78uR+xDkvDh2TuMJJWu+/74UBgyRh4FMp
8pFyaNRprouCQpv6EaEKGAup/i6NyzkT2znhYUQ8wrOByN83d6IxJiLqpgkCWQBt
sNY6JnRYyIrdH0+MWC+a83x0nt8lZ+7t1uNFaZcfT53NKQSr5Am3SJecGeU4bVwG
WQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:10 2025 by rpki-client