Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/gpUahE8ot1OfShVfTx4JZXnfcdI.roa
File: gpUahE8ot1OfShVfTx4JZXnfcdI.roa (raw, json)
Hash identifier: PtppsDX/VdpVDnfsHkVdWfbjFqRiCFizl72SaRk6qz8=
Subject key identifier: 82:95:1A:84:4F:28:B7:53:9F:4A:15:5F:4F:1E:09:65:79:DF:71:D2
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D6526450E71E6273037EC807F559BF
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/gpUahE8ot1OfShVfTx4JZXnfcdI.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.247.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 00:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:52:64:50:e7:1e:62:73:03:7e:c8:07:f5:59:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82951a844f28b7539f4a155f4f1e096579df71d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7a:46:8b:0e:b4:59:65:4a:f0:81:d2:a1:7e:
44:63:16:60:bc:99:02:38:19:a0:c7:b3:45:30:b7:
de:b8:77:1f:ec:6c:26:3f:e4:7c:5e:45:7a:be:c3:
ce:10:c8:1c:00:05:54:1c:45:d5:5d:62:bb:da:dd:
61:55:21:92:c2:b9:f1:7a:a1:ae:14:c8:52:31:fb:
93:b4:ba:55:27:20:33:ff:b5:b6:be:db:25:45:48:
fd:a6:52:33:0c:33:cf:65:9a:5e:93:59:ad:a0:e5:
c8:b6:74:49:49:ee:ce:98:ee:a8:57:20:81:f8:9d:
23:56:13:75:74:27:40:6e:b1:22:f9:33:ad:a1:6a:
e6:d7:3f:79:48:6d:16:99:de:10:62:1e:af:69:06:
20:08:64:07:fa:51:c2:2e:ae:58:67:b3:89:cb:1d:
55:56:f9:c6:49:d0:90:c9:b5:70:94:65:9b:4f:64:
30:ae:82:ec:81:6b:12:14:e8:b6:76:3f:85:41:b8:
b4:ef:a0:f3:a3:a8:6d:e1:b8:5c:32:3f:94:b6:8d:
57:4d:34:69:4b:d5:f5:a7:90:48:4d:07:1e:d9:3f:
b6:45:9a:e8:55:b3:a9:c9:e6:71:81:87:df:f6:48:
1e:50:e4:d1:3e:fa:04:c9:26:ca:b4:ec:fb:7a:2f:
34:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:95:1A:84:4F:28:B7:53:9F:4A:15:5F:4F:1E:09:65:79:DF:71:D2
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/gpUahE8ot1OfShVfTx4JZXnfcdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
79:2a:b4:ea:65:5d:8a:d3:97:0b:9f:2f:c1:4b:ac:86:9a:73:
c1:00:19:d6:29:fe:38:42:dd:af:8d:a8:65:8d:eb:c2:0d:d7:
ec:f3:e8:7f:72:33:da:08:df:4d:d7:1c:c6:20:78:aa:70:fe:
98:5c:c1:57:8a:b3:5b:1b:25:89:a8:b8:dc:f6:fa:a9:e7:08:
f6:12:cd:50:d2:53:70:4d:7a:d8:dd:ec:ba:5e:f9:04:5a:60:
6a:4c:0d:c7:c7:c5:4a:ab:b7:82:cc:42:44:77:67:8e:d8:1e:
0b:0b:29:83:7b:ac:af:60:4b:0e:5f:51:3f:c8:8e:12:47:9d:
98:db:38:4a:17:21:21:6b:04:3a:f0:b7:28:95:c5:88:87:59:
8e:18:20:c8:54:22:58:1d:f7:da:2f:ce:b7:16:3f:85:83:a4:
6d:72:48:7d:8c:d9:e8:81:53:a4:f7:0d:81:6d:86:54:72:e0:
df:6b:ad:99:d7:2e:8e:13:e8:d0:89:fe:f9:bd:92:6d:1f:c3:
86:30:fa:20:eb:b3:76:e8:70:01:82:c1:14:01:fb:e0:7d:79:
a1:8b:d1:68:53:be:93:70:d4:2b:12:7c:26:72:9c:49:88:5f:
a5:27:c2:f4:11:ed:43:c1:e2:1a:9a:3c:3f:83:a2:f0:6f:d4:
09:cc:5b:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1lJkUOceYnMDfsgH9Vm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjk1MWE4NDRmMjhiNzUzOWY0YTE1NWY0ZjFlMDk2NTc5ZGY3MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXpGiw60WWVK8IHSoX5EYxZgvJkC
OBmgx7NFMLfeuHcf7GwmP+R8XkV6vsPOEMgcAAVUHEXVXWK72t1hVSGSwrnxeqGu
FMhSMfuTtLpVJyAz/7W2vtslRUj9plIzDDPPZZpek1mtoOXItnRJSe7OmO6oVyCB
+J0jVhN1dCdAbrEi+TOtoWrm1z95SG0Wmd4QYh6vaQYgCGQH+lHCLq5YZ7OJyx1V
VvnGSdCQybVwlGWbT2QwroLsgWsSFOi2dj+FQbi076Dzo6ht4bhcMj+Uto1XTTRp
S9X1p5BITQce2T+2RZroVbOpyeZxgYff9kgeUOTRPvoEySbKtOz7ei80TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKVGoRPKLdTn0oVX08eCWV533HSMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvZ3BVYWhFOG90MU9mU2hWZlR4NEpaWG5mY2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPc7MA0G
CSqGSIb3DQEBCwUAA4IBAQB5KrTqZV2K05cLny/BS6yGmnPBABnWKf44Qt2vjahl
jevCDdfs8+h/cjPaCN9N1xzGIHiqcP6YXMFXirNbGyWJqLjc9vqp5wj2Es1Q0lNw
TXrY3ey6XvkEWmBqTA3Hx8VKq7eCzEJEd2eO2B4LCymDe6yvYEsOX1E/yI4SR52Y
2zhKFyEhawQ68LcolcWIh1mOGCDIVCJYHffaL863Fj+Fg6Rtckh9jNnogVOk9w2B
bYZUcuDfa62Z1y6OE+jQif75vZJtH8OGMPog67N26HABgsEUAfvgfXmhi9FoU76T
cNQrEnwmcpxJiF+lJ8L0Ee1DweIamjw/g6Lwb9QJzFvL
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:58:15 2025 by rpki-client