Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GsRvJOLBYgWhMiNYUg0czzu8nuw.roa
File: GsRvJOLBYgWhMiNYUg0czzu8nuw.roa (raw, json)
Hash identifier: jiMnzsupNmX+xR5fFHhUejqHxRcBNWKlGlJ1yvAb87s=
Subject key identifier: 1A:C4:6F:24:E2:C1:62:05:A1:32:23:58:52:0D:1C:CF:3B:BC:9E:EC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01957FBC2F6BD427B3B73715E28CF2E3E6AE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GsRvJOLBYgWhMiNYUg0czzu8nuw.roa
Signing time: Mon 10 Mar 2025 11:06:34 +0000
ROA not before: Mon 10 Mar 2025 11:06:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 10:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:bc:2f:6b:d4:27:b3:b7:37:15:e2:8c:f2:e3:e6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 10 11:06:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ac46f24e2c16205a1322358520d1ccf3bbc9eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b2:83:fe:77:2c:47:2c:7f:a2:90:ef:ec:a8:
4e:99:b7:90:8c:f9:9c:18:e9:85:ae:f2:6d:3f:84:
02:21:55:2d:9b:c0:ff:ae:47:bf:d6:47:f6:b0:b3:
e4:1d:3d:8f:01:85:9b:d9:ad:7b:c7:21:34:d3:57:
2b:07:15:da:87:21:21:7d:b1:ce:43:67:07:76:e9:
fd:ee:f9:5e:61:dc:a4:1c:db:e8:af:db:41:61:45:
7a:52:0a:3d:99:aa:98:27:d3:72:61:d9:6b:b9:d9:
0a:a0:06:20:0d:01:97:5c:17:20:cb:3e:cd:d3:18:
aa:05:d8:0e:69:23:79:48:47:5f:9f:37:89:d4:f5:
ec:5d:cb:5a:08:3b:33:4f:5d:c2:6c:d7:57:31:30:
13:14:9c:bb:2f:f5:e3:9e:76:29:c5:54:da:07:b0:
86:d9:ed:02:c6:3a:4d:3f:b2:0f:f1:2b:05:a6:38:
70:29:4a:74:95:a3:6f:80:90:9d:53:09:08:4e:18:
6f:83:1b:3b:54:fc:8c:5c:aa:be:75:5b:71:6b:4f:
7a:cb:fa:f7:30:2b:c0:6a:4a:65:68:a8:2e:86:bd:
c4:4e:a2:e8:e9:2d:ab:10:24:1f:c1:d3:6e:2d:80:
71:f6:39:fb:59:82:a7:b7:db:a5:18:a1:be:d9:94:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C4:6F:24:E2:C1:62:05:A1:32:23:58:52:0D:1C:CF:3B:BC:9E:EC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GsRvJOLBYgWhMiNYUg0czzu8nuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.209.75.0/24
185.214.108.0/24
185.218.20.0/24
185.220.248.0/24
185.220.250.0/23
185.222.28.0/24
185.223.78.0/24
185.223.80.0/24
185.225.0.0/23
185.227.146.0/23
185.228.75.0/24
193.8.112.0/23
193.58.146.0/23
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:cc:56:bc:ba:2d:00:dc:39:83:a0:96:f6:4a:14:d2:27:72:
9e:13:26:f7:6e:ac:90:37:ba:a1:f9:2c:1e:08:63:14:90:de:
ea:77:20:f7:9d:0b:44:c3:24:89:fd:c1:1e:d1:b0:99:54:14:
cd:c7:89:1c:48:ff:01:ad:3d:82:27:e4:7c:8f:58:4b:4f:7f:
a7:68:08:ee:06:fa:4b:aa:2a:ed:d5:b2:2f:2d:4c:1c:02:38:
da:c9:5f:c9:4d:39:51:77:f4:b1:27:af:3b:ae:42:fd:15:a4:
85:09:2f:08:40:76:d1:0f:13:d4:42:7e:f1:c6:53:2c:c8:29:
bd:93:a0:17:d4:35:27:ca:0c:c1:65:a6:71:e5:fb:b0:97:4b:
90:32:68:fe:a2:28:49:f5:d1:12:5c:43:65:f9:30:e7:13:85:
37:11:74:22:c9:d0:30:24:77:25:0a:9a:76:67:e3:e4:64:14:
65:5a:90:2f:08:79:f9:b8:55:4d:8a:3f:ca:8c:dc:b9:0e:30:
d6:fd:8f:d2:2b:cd:8d:e9:33:24:3d:8e:92:0c:68:5a:42:00:
bb:2f:e3:06:3e:01:cd:dd:e3:cf:cc:90:b9:50:b4:fe:65:63:
30:41:b5:0b:69:a9:0c:e2:cd:0e:f3:ce:48:53:df:d5:68:3f:
24:1f:d8:9a
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZV/vC9r1CeztzcV4ozy4+auMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzEwMTEwNjM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM0NmYyNGUyYzE2MjA1YTEzMjIzNTg1MjBkMWNjZjNiYmM5ZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLKD/ncsRyx/opDv7KhOmbeQjPmc
GOmFrvJtP4QCIVUtm8D/rke/1kf2sLPkHT2PAYWb2a17xyE001crBxXahyEhfbHO
Q2cHdun97vleYdykHNvor9tBYUV6Ugo9maqYJ9NyYdlrudkKoAYgDQGXXBcgyz7N
0xiqBdgOaSN5SEdfnzeJ1PXsXctaCDszT13CbNdXMTATFJy7L/XjnnYpxVTaB7CG
2e0CxjpNP7IP8SsFpjhwKUp0laNvgJCdUwkIThhvgxs7VPyMXKq+dVtxa096y/r3
MCvAakplaKguhr3ETqLo6S2rECQfwdNuLYBx9jn7WYKnt9ulGKG+2ZTDywIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBrEbyTiwWIFoTIjWFINHM87vJ7sMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR3NSdkpPTEJZZ1doTWlOWVVnMGN6enU4bnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAuX5SAwQA
udFLAwQAudZsAwQAudoUAwQAudz4AwQBudz6AwQAud4cAwQAud9OAwQAud9QAwQB
ueEAAwQBueOSAwQAueRLAwQBwQhwAwQBwTqSAwQAwnxFMA0GCSqGSIb3DQEBCwUA
A4IBAQCNzFa8ui0A3DmDoJb2ShTSJ3KeEyb3bqyQN7qh+SweCGMUkN7qdyD3nQtE
wySJ/cEe0bCZVBTNx4kcSP8BrT2CJ+R8j1hLT3+naAjuBvpLqirt1bIvLUwcAjja
yV/JTTlRd/SxJ687rkL9FaSFCS8IQHbRDxPUQn7xxlMsyCm9k6AX1DUnygzBZaZx
5fuwl0uQMmj+oihJ9dESXENl+TDnE4U3EXQiydAwJHclCpp2Z+PkZBRlWpAvCHn5
uFVNij/KjNy5DjDW/Y/SK82N6TMkPY6SDGhaQgC7L+MGPgHN3ePPzJC5ULT+ZWMw
QbULaakM4s0O885IU9/VaD8kH9ia
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:35:43 2025 by rpki-client