Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/G-5B3UjPGcgfcPNC_o-9K8M82yg.roa
File: G-5B3UjPGcgfcPNC_o-9K8M82yg.roa (raw, json)
Hash identifier: kgTz0yveLRWpEIynxk+2XNovqCyxvAk9otjdX1mPDR8=
Subject key identifier: 1B:EE:41:DD:48:CF:19:C8:1F:70:F3:42:FE:8F:BD:2B:C3:3C:DB:28
Certificate issuer: /CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Certificate serial: 018CC7951319D45491ADA4D0E01BCEC59080
Authority key identifier: D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/G-5B3UjPGcgfcPNC_o-9K8M82yg.roa
Signing time: Tue 02 Jan 2024 00:31:24 +0000
ROA not before: Tue 02 Jan 2024 00:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5517
IP address blocks: 194.245.0.0/16 maxlen: 16
194.176.0.0/19 maxlen: 19
159.25.0.0/16 maxlen: 24
2a01:4fc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:13:19:d4:54:91:ad:a4:d0:e0:1b:ce:c5:90:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Validity
Not Before: Jan 2 00:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bee41dd48cf19c81f70f342fe8fbd2bc33cdb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:37:b0:c3:a3:72:11:02:eb:8a:e4:81:bd:6c:
2c:ff:47:1c:db:7c:9c:77:ab:a9:21:73:ec:0d:38:
8b:4a:b8:4c:41:4f:c1:eb:66:21:97:13:55:a1:0b:
48:1a:34:7a:fb:9f:ca:94:09:4d:cf:47:98:80:87:
5e:27:08:78:67:42:5c:4b:c7:b8:a0:69:70:14:20:
2d:02:2b:58:ef:52:f5:4f:2d:90:75:6f:25:00:1c:
ff:98:7c:ab:2b:c5:1e:30:84:07:83:ef:43:e1:64:
89:98:05:71:1b:97:39:5a:30:24:64:23:c8:c9:7a:
ed:4c:f2:e0:ee:6e:4e:8f:b3:04:19:92:e1:ea:6d:
2f:15:57:b6:8f:6b:9a:f3:e5:49:5a:64:ee:ce:31:
db:5a:88:2f:1f:59:1c:c1:75:8c:d0:d5:7e:7f:a9:
01:ea:aa:66:45:52:8d:a0:46:a6:9c:cc:58:83:09:
ed:1a:bb:fc:94:c6:d2:f1:1f:25:6d:18:b1:77:9c:
e5:78:6c:26:6d:af:a2:17:38:82:34:ee:95:8f:8c:
da:ab:9c:7e:b9:10:1d:80:89:73:4f:bf:c6:e4:64:
62:3f:1d:bd:a2:02:0a:1a:ac:c4:12:30:8d:cc:05:
8c:5b:b6:b2:dd:7d:8e:c7:41:30:c7:fb:22:ce:79:
08:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:EE:41:DD:48:CF:19:C8:1F:70:F3:42:FE:8F:BD:2B:C3:3C:DB:28
X509v3 Authority Key Identifier:
keyid:D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/G-5B3UjPGcgfcPNC_o-9K8M82yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/0H3_VH6svoHcNGVZhEbTsCfct20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.25.0.0/16
194.176.0.0/19
194.245.0.0/16
IPv6:
2a01:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
69:b3:38:b2:02:82:6a:b2:b2:42:1b:22:fe:8d:ce:1a:b0:28:
6d:88:6b:f8:bf:3f:2a:2b:f1:4e:a4:4e:73:73:e8:47:a1:87:
a8:9a:fb:f5:d7:11:5f:c0:b4:08:ca:ba:0c:e1:63:c1:2d:bf:
86:e1:7c:a6:76:a0:2f:86:3c:1a:29:b0:a6:ef:2a:f6:92:0b:
9b:8e:fd:4d:0d:db:f0:73:bb:95:52:49:94:43:7f:95:e4:23:
41:86:f4:02:91:34:78:26:64:71:6d:aa:97:70:38:aa:13:2d:
ec:c7:e0:a8:c1:a6:a7:da:cb:0d:37:c8:b7:3e:da:62:29:28:
c3:00:5c:d9:51:7d:34:5c:c9:12:1f:de:90:ab:fc:e5:a7:fe:
f2:c4:af:b0:95:64:48:97:64:e2:d1:02:f3:78:86:a8:ee:c2:
be:33:2f:84:e9:96:37:f0:72:2b:ad:8c:ba:b6:ec:5a:03:fb:
31:bc:d8:6c:2f:dd:2e:8e:05:ea:63:ac:4c:88:45:54:f9:da:
36:67:45:e4:a1:8d:03:28:36:4b:32:9c:fc:77:a7:75:d3:a5:
ee:a7:c2:77:45:67:df:34:81:2e:90:3b:e6:cc:c6:99:c6:f3:
64:75:25:03:cc:75:42:f5:0d:3e:81:8f:07:d3:d5:22:a4:1e:
34:3c:8a:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzHlRMZ1FSRraTQ4BvOxZCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RmZjU0N2VhY2JlODFkYzM0NjU1OTg0NDZkM2IwMjdk
Y2I3NmQwHhcNMjQwMTAyMDAzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmVlNDFkZDQ4Y2YxOWM4MWY3MGYzNDJmZThmYmQyYmMzM2NkYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjeww6NyEQLriuSBvWws/0cc23yc
d6upIXPsDTiLSrhMQU/B62YhlxNVoQtIGjR6+5/KlAlNz0eYgIdeJwh4Z0JcS8e4
oGlwFCAtAitY71L1Ty2QdW8lABz/mHyrK8UeMIQHg+9D4WSJmAVxG5c5WjAkZCPI
yXrtTPLg7m5Oj7MEGZLh6m0vFVe2j2ua8+VJWmTuzjHbWogvH1kcwXWM0NV+f6kB
6qpmRVKNoEamnMxYgwntGrv8lMbS8R8lbRixd5zleGwmba+iFziCNO6Vj4zaq5x+
uRAdgIlzT7/G5GRiPx29ogIKGqzEEjCNzAWMW7ay3X2Ox0Ewx/siznkIiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvuQd1IzxnIH3DzQv6PvSvDPNsoMB8GA1UdIwQY
MBaAFNB9/1R+rL6B3DRlWYRG07An3LdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgt
Nzg1YWMxOTFiMzFhLzEvRy01QjNValBHY2dmY1BOQ19vLTlLOE04MnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgtNzg1YWMxOTFiMzFh
LzEvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwMAnxkDBAXC
sAADAwDC9TANBAIAAjAHAwUAKgFPwDANBgkqhkiG9w0BAQsFAAOCAQEAabM4sgKC
arKyQhsi/o3OGrAobYhr+L8/KivxTqROc3PoR6GHqJr79dcRX8C0CMq6DOFjwS2/
huF8pnagL4Y8Gimwpu8q9pILm479TQ3b8HO7lVJJlEN/leQjQYb0ApE0eCZkcW2q
l3A4qhMt7MfgqMGmp9rLDTfItz7aYikowwBc2VF9NFzJEh/ekKv85af+8sSvsJVk
SJdk4tEC83iGqO7CvjMvhOmWN/ByK62MurbsWgP7MbzYbC/dLo4F6mOsTIhFVPna
NmdF5KGNAyg2SzKc/HenddOl7qfCd0Vn3zSBLpA75szGmcbzZHUlA8x1QvUNPoGP
B9PVIqQeNDyKVw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:09:19 2025 by rpki-client