Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/GAfi6xC9W3UxLq6dLpjs2V4xoYQ.roa
File: GAfi6xC9W3UxLq6dLpjs2V4xoYQ.roa (raw, json)
Hash identifier: npwFo19gEU2UMJXI7eSSfmS0RUUGkrmr5NBwqpAElMQ=
Subject key identifier: 18:07:E2:EB:10:BD:5B:75:31:2E:AE:9D:2E:98:EC:D9:5E:31:A1:84
Certificate issuer: /CN=dac71030fe081e02bab4823d0568ffb2a33265e1
Certificate serial: 01933020B550CBDD7ED5FA2061BE5C90C165
Authority key identifier: DA:C7:10:30:FE:08:1E:02:BA:B4:82:3D:05:68:FF:B2:A3:32:65:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/GAfi6xC9W3UxLq6dLpjs2V4xoYQ.roa
Signing time: Fri 15 Nov 2024 14:01:10 +0000
ROA not before: Fri 15 Nov 2024 14:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205285
IP address blocks: 45.11.224.0/22 maxlen: 22
45.84.76.0/23 maxlen: 23
45.84.78.0/23 maxlen: 23
185.223.4.0/22 maxlen: 22
194.110.140.0/23 maxlen: 23
194.110.148.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:20:b5:50:cb:dd:7e:d5:fa:20:61:be:5c:90:c1:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac71030fe081e02bab4823d0568ffb2a33265e1
Validity
Not Before: Nov 15 14:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1807e2eb10bd5b75312eae9d2e98ecd95e31a184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:00:50:3f:bb:a0:c2:1d:49:80:a8:01:15:e2:
da:09:a8:31:90:ac:00:34:66:2e:30:85:10:44:67:
1a:9d:dd:40:a8:5c:2d:6e:7b:e0:99:77:f3:08:59:
ad:2c:1a:8a:62:39:c7:e4:11:e6:ab:55:24:e8:1f:
a8:db:3b:ac:5f:41:fc:70:b1:44:93:8d:a0:27:cd:
c1:80:fa:23:36:fc:15:5f:b0:50:59:45:2d:25:80:
c3:44:6d:db:1d:2b:df:9c:bb:f9:a3:5b:f7:a2:58:
49:5b:67:0f:a6:02:08:92:8f:c2:69:52:4e:6c:4e:
45:fe:96:0c:15:96:73:47:21:a7:52:ae:b6:26:64:
6a:88:32:f8:48:89:92:24:81:c4:0e:61:dd:63:cd:
15:9b:39:4b:3b:86:ab:a7:e4:1e:9f:7a:91:f9:f8:
6e:42:42:c4:1d:b1:dd:38:61:61:9c:ad:76:a2:e1:
d8:ba:61:e0:27:49:38:f9:6b:d2:a5:77:ec:c0:bb:
5e:bf:db:4d:3d:66:bc:1f:fe:41:ff:2a:e7:70:89:
d8:98:ac:fe:7b:ce:28:fe:48:10:9e:4a:2a:4c:fd:
7d:2e:af:1e:12:eb:71:28:b2:c8:b2:3c:da:aa:e4:
af:47:56:df:04:4a:c6:2b:b5:b5:94:27:ae:59:4c:
ec:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:07:E2:EB:10:BD:5B:75:31:2E:AE:9D:2E:98:EC:D9:5E:31:A1:84
X509v3 Authority Key Identifier:
keyid:DA:C7:10:30:FE:08:1E:02:BA:B4:82:3D:05:68:FF:B2:A3:32:65:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/GAfi6xC9W3UxLq6dLpjs2V4xoYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/2scQMP4IHgK6tII9BWj_sqMyZeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.224.0/22
45.84.76.0/22
185.223.4.0/22
194.110.140.0/23
194.110.148.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:30:f6:b4:a0:e4:5d:44:4f:82:e9:0b:52:dc:b9:50:c0:71:
aa:b0:8b:89:29:66:42:a2:1f:33:01:2d:4f:96:8b:23:43:60:
dd:0b:b6:24:22:01:a2:99:07:95:56:cd:3c:1b:46:ef:bf:7a:
c2:1e:f3:2c:c9:cd:40:9d:3d:ac:4f:0a:9d:ab:79:0e:15:43:
32:a4:a5:58:32:8d:fc:eb:d8:e1:27:a8:dc:02:bc:38:23:b3:
25:06:65:81:cf:bb:09:11:c3:b9:2c:6e:b0:56:d7:6a:02:6b:
fc:7c:a6:46:4b:f6:b0:6b:9e:28:b1:a5:74:3e:bf:c5:37:a1:
e2:2c:a6:73:c5:08:26:96:9e:3e:d1:b9:92:0e:a6:b7:1f:07:
6f:22:fd:32:97:6c:b1:fc:64:f1:d8:ba:83:44:ac:87:8d:45:
73:23:49:d7:4d:00:df:9e:17:f2:06:a0:d9:71:f3:7b:c6:d2:
ac:f0:65:a8:21:46:e6:2a:d8:c4:2f:f6:a5:7c:27:3f:a1:53:
a3:ec:f5:68:d1:c3:e1:30:b7:1e:33:b9:d4:51:3a:6a:48:89:
93:18:e3:63:d6:ac:e6:28:c7:27:1f:56:55:2f:85:a8:02:8e:
68:15:2c:c5:f8:1f:1d:9a:2f:4d:02:f6:c4:93:0f:ed:64:66:
34:98:98:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMwILVQy91+1fogYb5ckMFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzcxMDMwZmUwODFlMDJiYWI0ODIzZDA1NjhmZmIyYTMz
MjY1ZTEwHhcNMjQxMTE1MTQwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODA3ZTJlYjEwYmQ1Yjc1MzEyZWFlOWQyZTk4ZWNkOTVlMzFhMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQBQP7ugwh1JgKgBFeLaCagxkKwA
NGYuMIUQRGcand1AqFwtbnvgmXfzCFmtLBqKYjnH5BHmq1Uk6B+o2zusX0H8cLFE
k42gJ83BgPojNvwVX7BQWUUtJYDDRG3bHSvfnLv5o1v3olhJW2cPpgIIko/CaVJO
bE5F/pYMFZZzRyGnUq62JmRqiDL4SImSJIHEDmHdY80VmzlLO4arp+Qen3qR+fhu
QkLEHbHdOGFhnK12ouHYumHgJ0k4+WvSpXfswLtev9tNPWa8H/5B/yrncInYmKz+
e84o/kgQnkoqTP19Lq8eEutxKLLIsjzaquSvR1bfBErGK7W1lCeuWUzsLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBgH4usQvVt1MS6unS6Y7NleMaGEMB8GA1UdIwQY
MBaAFNrHEDD+CB4CurSCPQVo/7KjMmXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNjUU1QNElIZ0s2dElJOUJXal9zcU15WmVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNWU2ZDgtNGU3Mi00YWMyLWI2ZTUt
YzgyMDFiOTFhZWMzLzEvR0FmaTZ4QzlXM1V4THE2ZExwanMyVjR4b1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNWU2ZDgtNGU3Mi00YWMyLWI2ZTUtYzgyMDFiOTFhZWMz
LzEvMnNjUU1QNElIZ0s2dElJOUJXal9zcU15WmVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLQvgAwQC
LVRMAwQCud8EAwQBwm6MAwQBwm6UMA0GCSqGSIb3DQEBCwUAA4IBAQCjMPa0oORd
RE+C6QtS3LlQwHGqsIuJKWZCoh8zAS1PlosjQ2DdC7YkIgGimQeVVs08G0bvv3rC
HvMsyc1AnT2sTwqdq3kOFUMypKVYMo3869jhJ6jcArw4I7MlBmWBz7sJEcO5LG6w
VtdqAmv8fKZGS/awa54osaV0Pr/FN6HiLKZzxQgmlp4+0bmSDqa3HwdvIv0yl2yx
/GTx2LqDRKyHjUVzI0nXTQDfnhfyBqDZcfN7xtKs8GWoIUbmKtjEL/alfCc/oVOj
7PVo0cPhMLceM7nUUTpqSImTGONj1qzmKMcnH1ZVL4WoAo5oFSzF+B8dmi9NAvbE
kw/tZGY0mJhs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:08 2025 by rpki-client