Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/Gbkd7yh5afEEeF8eRcoPwvCyzG4.roa
File: Gbkd7yh5afEEeF8eRcoPwvCyzG4.roa (raw, json)
Hash identifier: /jQaqMKwTlvEOIZPiT01Tw5K9ldMxhH23Dpc9MsW9IQ=
Subject key identifier: 19:B9:1D:EF:28:79:69:F1:04:78:5F:1E:45:CA:0F:C2:F0:B2:CC:6E
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 01941FFA0DFDFA192A8AD43A7F9E9C080FEB
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/Gbkd7yh5afEEeF8eRcoPwvCyzG4.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 91.196.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Feb 2025 00:13:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0d:fd:fa:19:2a:8a:d4:3a:7f:9e:9c:08:0f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19b91def287969f104785f1e45ca0fc2f0b2cc6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:41:5a:80:20:d0:ec:10:6c:25:6d:ee:6f:
bb:93:a7:76:19:61:f7:33:b5:b7:06:e1:f4:a6:98:
89:2d:69:2d:12:ab:20:24:d3:e2:e7:4d:1f:d5:0a:
d4:db:71:94:0a:b7:b2:28:18:ac:8a:9f:a0:73:2f:
ba:34:88:f7:40:01:d7:04:dc:90:fa:dc:9e:33:df:
ee:b6:3d:08:0a:16:69:50:ee:b4:27:0e:cc:68:f5:
ff:c0:1f:5d:f1:ed:dc:00:c3:07:b1:0b:36:5c:ce:
83:e2:6f:d3:44:61:bc:19:4c:5f:3d:60:46:be:ea:
8e:d9:a4:33:3e:e1:72:18:cc:7e:b9:c2:c1:2a:7e:
00:ea:43:ab:72:f0:7d:65:65:e3:0c:df:fe:35:af:
a5:88:34:f4:27:72:fa:6d:73:6f:97:78:78:c6:5e:
fa:7b:62:18:43:95:3d:19:d3:78:e2:43:25:16:33:
37:05:95:86:b4:d5:11:de:e0:cc:20:d4:f8:ba:0a:
37:1d:53:00:c2:94:40:f0:3c:48:02:85:1c:b0:1a:
3d:f6:0f:c1:bb:24:c7:d3:7f:8e:8e:ae:cf:3e:fd:
59:a3:f7:4e:31:9d:68:72:bb:ae:39:16:36:f2:77:
57:1f:29:92:8a:98:aa:58:c7:35:65:de:62:cf:f1:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B9:1D:EF:28:79:69:F1:04:78:5F:1E:45:CA:0F:C2:F0:B2:CC:6E
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/Gbkd7yh5afEEeF8eRcoPwvCyzG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/24
Signature Algorithm: sha256WithRSAEncryption
63:8a:44:4c:25:99:74:8e:f4:d0:6c:22:97:f2:ca:f9:3c:d2:
e4:79:68:c3:ae:f2:f9:bb:35:85:61:d7:a6:5b:ba:62:4c:89:
a9:91:75:62:92:7e:d3:15:a5:39:cb:ff:fa:95:f9:5d:35:20:
54:47:10:00:f4:11:fe:fc:89:c7:fc:ea:51:37:68:8e:a0:2a:
1a:16:25:24:34:66:11:34:8c:5a:d5:e0:18:f6:26:a4:a6:db:
4b:a5:e2:de:78:fd:19:fd:8f:a3:72:29:dc:00:6b:9a:a4:58:
1f:fb:5c:c2:f3:9d:84:d8:f3:16:fb:95:c1:a6:94:29:98:24:
f3:91:6a:ee:21:61:82:53:de:b4:28:2d:db:e9:f0:ce:79:4e:
dd:4a:1a:0d:c3:25:62:d5:07:0c:02:ef:de:63:6f:ae:61:17:
2a:23:12:f8:0a:b8:a7:f7:b6:86:cd:de:56:d7:75:b7:91:2d:
c8:b0:a1:ed:2d:6a:8c:94:97:72:3c:60:b5:32:2d:20:32:aa:
cf:97:ec:02:1c:92:ab:ae:7f:c7:8c:0a:5f:e9:01:2e:41:af:
09:fd:06:33:5a:8e:68:f5:73:eb:d3:6d:65:31:c6:77:41:f5:
76:b9:b8:dd:75:c6:fa:4b:b8:e8:82:a5:9f:95:04:c7:f3:0d:
b4:59:40:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+g39+hkqitQ6f56cCA/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI5MWRlZjI4Nzk2OWYxMDQ3ODVmMWU0NWNhMGZjMmYwYjJjYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgBBWoAg0OwQbCVt7m+7k6d2GWH3
M7W3BuH0ppiJLWktEqsgJNPi500f1QrU23GUCreyKBisip+gcy+6NIj3QAHXBNyQ
+tyeM9/utj0IChZpUO60Jw7MaPX/wB9d8e3cAMMHsQs2XM6D4m/TRGG8GUxfPWBG
vuqO2aQzPuFyGMx+ucLBKn4A6kOrcvB9ZWXjDN/+Na+liDT0J3L6bXNvl3h4xl76
e2IYQ5U9GdN44kMlFjM3BZWGtNUR3uDMINT4ugo3HVMAwpRA8DxIAoUcsBo99g/B
uyTH03+Ojq7PPv1Zo/dOMZ1ocruuORY28ndXHymSipiqWMc1Zd5iz/HJTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBm5He8oeWnxBHhfHkXKD8LwssxuMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvR2JrZDd5aDVhZkVFZUY4ZVJjb1B3dkN5ekc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQBjikRMJZl0jvTQbCKX8sr5PNLkeWjDrvL5uzWFYdem
W7piTImpkXVikn7TFaU5y//6lfldNSBURxAA9BH+/InH/OpRN2iOoCoaFiUkNGYR
NIxa1eAY9iakpttLpeLeeP0Z/Y+jcincAGuapFgf+1zC852E2PMW+5XBppQpmCTz
kWruIWGCU960KC3b6fDOeU7dShoNwyVi1QcMAu/eY2+uYRcqIxL4Crin97aGzd5W
13W3kS3IsKHtLWqMlJdyPGC1Mi0gMqrPl+wCHJKrrn/HjApf6QEuQa8J/QYzWo5o
9XPr021lMcZ3QfV2ubjddcb6S7jogqWflQTH8w20WUCb
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:08 2025 by rpki-client