Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/GO0tuk2adX6AaUHhQCqgAvB5syc.roa
File: GO0tuk2adX6AaUHhQCqgAvB5syc.roa (raw, json)
Hash identifier: HnE1wC9r1JsZ4QYlzr6unV/YFqNInui6UZpOMulkneA=
Subject key identifier: 18:ED:2D:BA:4D:9A:75:7E:80:69:41:E1:40:2A:A0:02:F0:79:B3:27
Certificate issuer: /CN=dac71030fe081e02bab4823d0568ffb2a33265e1
Certificate serial: 01932A174B5473FEACC5AA05F888B610D2A9
Authority key identifier: DA:C7:10:30:FE:08:1E:02:BA:B4:82:3D:05:68:FF:B2:A3:32:65:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/GO0tuk2adX6AaUHhQCqgAvB5syc.roa
Signing time: Thu 14 Nov 2024 09:53:09 +0000
ROA not before: Thu 14 Nov 2024 09:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205285
IP address blocks: 45.11.224.0/22 maxlen: 22
185.223.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 15 Nov 2024 14:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:17:4b:54:73:fe:ac:c5:aa:05:f8:88:b6:10:d2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac71030fe081e02bab4823d0568ffb2a33265e1
Validity
Not Before: Nov 14 09:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18ed2dba4d9a757e806941e1402aa002f079b327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e1:df:22:4a:bb:78:f2:05:cc:d5:50:60:b6:
47:0d:15:3c:21:1c:38:97:3f:1d:4d:5b:c1:de:68:
65:7f:35:3e:18:d2:0e:28:b5:94:89:94:17:e0:f3:
9f:64:33:9d:82:de:49:fa:08:8d:d2:cc:44:80:9f:
fb:14:11:00:b2:f6:9d:b1:ad:81:fd:64:c7:22:67:
e5:6f:46:ef:bc:ee:ce:8c:dd:e0:1c:85:6e:09:0b:
bb:b9:cf:95:91:21:ab:e6:62:3d:08:92:b6:1c:01:
24:83:fc:a1:d0:d6:cb:79:2a:9e:f6:f9:ed:f6:38:
f5:13:f5:c9:10:90:aa:1d:dc:a1:b0:f7:72:91:d5:
98:2d:62:02:06:04:56:ad:db:3c:d5:74:78:dc:30:
b8:38:1f:5f:cc:62:40:45:0c:9f:a0:10:8c:33:e8:
9a:4b:d4:6b:09:46:73:c4:98:c8:d6:de:1b:30:26:
fb:b7:ba:0b:a7:3b:10:46:b3:e0:60:58:5b:9c:1f:
51:8c:a7:ad:6f:4d:07:3d:01:5b:bd:6f:61:68:91:
20:cb:eb:6f:0a:87:41:e9:26:9b:f9:2a:46:08:65:
89:c4:ec:d6:a5:42:e1:9b:18:2e:e3:18:53:90:1e:
74:9c:fc:4c:82:a6:56:fb:81:58:88:77:3d:e2:fc:
f1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:ED:2D:BA:4D:9A:75:7E:80:69:41:E1:40:2A:A0:02:F0:79:B3:27
X509v3 Authority Key Identifier:
keyid:DA:C7:10:30:FE:08:1E:02:BA:B4:82:3D:05:68:FF:B2:A3:32:65:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/GO0tuk2adX6AaUHhQCqgAvB5syc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/2scQMP4IHgK6tII9BWj_sqMyZeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.224.0/22
185.223.4.0/22
Signature Algorithm: sha256WithRSAEncryption
39:54:b3:9a:dd:0a:22:33:f8:85:1d:e3:0a:2f:0f:ef:2a:4a:
27:8e:28:56:4d:b8:e7:1f:7e:52:0d:1d:83:ed:e2:e4:71:1c:
cb:29:b2:53:85:b9:a6:7e:f0:a1:1a:9e:f9:3d:46:25:5e:0a:
46:bb:d5:a5:9c:27:44:4b:90:3a:cd:ac:d4:41:12:2d:b7:d1:
45:a8:43:b3:29:e6:e6:cb:cd:ed:42:78:53:ac:85:98:02:32:
8f:42:db:68:b0:e0:73:d1:56:dc:aa:12:97:af:1f:ee:66:6c:
fd:c5:9b:05:a0:83:3e:b0:66:d7:b8:cf:d3:be:63:dc:5b:ee:
d7:ad:c6:ad:27:e6:d6:dd:f9:b6:36:3c:e1:98:9a:1e:8e:c7:
15:eb:97:61:a2:85:ce:a0:13:ae:e1:40:52:54:a4:02:da:84:
da:f7:58:54:be:a8:63:10:68:3f:74:88:01:be:d2:95:a5:35:
e6:03:39:6d:80:38:08:5f:b7:d8:ee:4c:a2:cc:2f:5d:6d:e2:
3c:91:fa:c3:17:2f:42:aa:1e:f9:fb:75:66:af:04:3f:a7:bd:
46:0a:04:b7:06:8e:ec:3e:d2:ce:40:6e:b8:84:98:1e:2e:eb:
9c:b7:6a:7f:b6:47:ae:74:68:8a:95:fc:56:d7:f5:f1:78:b7:
0b:12:4c:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMqF0tUc/6sxaoF+Ii2ENKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzcxMDMwZmUwODFlMDJiYWI0ODIzZDA1NjhmZmIyYTMz
MjY1ZTEwHhcNMjQxMTE0MDk1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGVkMmRiYTRkOWE3NTdlODA2OTQxZTE0MDJhYTAwMmYwNzliMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeHfIkq7ePIFzNVQYLZHDRU8IRw4
lz8dTVvB3mhlfzU+GNIOKLWUiZQX4POfZDOdgt5J+giN0sxEgJ/7FBEAsvadsa2B
/WTHImflb0bvvO7OjN3gHIVuCQu7uc+VkSGr5mI9CJK2HAEkg/yh0NbLeSqe9vnt
9jj1E/XJEJCqHdyhsPdykdWYLWICBgRWrds81XR43DC4OB9fzGJARQyfoBCMM+ia
S9RrCUZzxJjI1t4bMCb7t7oLpzsQRrPgYFhbnB9RjKetb00HPQFbvW9haJEgy+tv
CodB6Sab+SpGCGWJxOzWpULhmxgu4xhTkB50nPxMgqZW+4FYiHc94vzxAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBjtLbpNmnV+gGlB4UAqoALwebMnMB8GA1UdIwQY
MBaAFNrHEDD+CB4CurSCPQVo/7KjMmXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNjUU1QNElIZ0s2dElJOUJXal9zcU15WmVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNWU2ZDgtNGU3Mi00YWMyLWI2ZTUt
YzgyMDFiOTFhZWMzLzEvR08wdHVrMmFkWDZBYVVIaFFDcWdBdkI1c3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNWU2ZDgtNGU3Mi00YWMyLWI2ZTUtYzgyMDFiOTFhZWMz
LzEvMnNjUU1QNElIZ0s2dElJOUJXal9zcU15WmVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQvgAwQC
ud8EMA0GCSqGSIb3DQEBCwUAA4IBAQA5VLOa3QoiM/iFHeMKLw/vKkonjihWTbjn
H35SDR2D7eLkcRzLKbJThbmmfvChGp75PUYlXgpGu9WlnCdES5A6zazUQRItt9FF
qEOzKebmy83tQnhTrIWYAjKPQttosOBz0VbcqhKXrx/uZmz9xZsFoIM+sGbXuM/T
vmPcW+7XrcatJ+bW3fm2NjzhmJoejscV65dhooXOoBOu4UBSVKQC2oTa91hUvqhj
EGg/dIgBvtKVpTXmAzltgDgIX7fY7kyizC9dbeI8kfrDFy9Cqh75+3VmrwQ/p71G
CgS3Bo7sPtLOQG64hJgeLuuct2p/tkeudGiKlfxW1/XxeLcLEkwo
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:03:51 2025 by rpki-client