Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G30itLhRoIPOB23rydVOm4tmI_I.roa
File: G30itLhRoIPOB23rydVOm4tmI_I.roa (raw, json)
Hash identifier: GBkXKQMcrl0qcwtEy70m0E2C5O9630JLzoYkf/pl0b8=
Subject key identifier: 1B:7D:22:B4:B8:51:A0:83:CE:07:6D:EB:C9:D5:4E:9B:8B:66:23:F2
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0192EF55F84C8A7D6CCA4BB6E74E8798B677
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G30itLhRoIPOB23rydVOm4tmI_I.roa
Signing time: Sun 03 Nov 2024 00:04:01 +0000
ROA not before: Sun 03 Nov 2024 00:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137882
IP address blocks: 185.255.152.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ef:55:f8:4c:8a:7d:6c:ca:4b:b6:e7:4e:87:98:b6:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Nov 3 00:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b7d22b4b851a083ce076debc9d54e9b8b6623f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e9:5a:99:8f:9a:cd:31:43:65:17:b1:48:3a:
e7:ba:17:59:58:ea:ed:5e:5a:13:2c:f1:2c:c0:23:
e3:c8:7d:f1:51:33:05:7c:bc:35:87:25:6b:82:ef:
46:a7:cb:c0:5e:6f:c1:f4:9c:4b:c9:7f:ab:84:73:
66:ba:dd:93:75:01:ab:87:b9:d2:93:bc:08:3c:ef:
c8:60:7a:75:ae:df:84:73:d4:e3:69:91:78:fc:ea:
bc:81:4e:35:c5:6b:54:e8:59:87:e5:35:1c:c0:f8:
43:d3:7f:85:7f:99:b6:c4:f3:0b:51:dd:8d:98:93:
c5:43:36:4d:ec:77:94:e2:7b:ab:4b:e5:f5:3b:f0:
54:16:53:d3:24:2f:a6:5d:21:89:f5:ba:87:10:e6:
c4:2d:f7:c1:b2:b1:2e:6c:8c:5d:2b:cc:1d:1c:2f:
f6:f0:c6:7c:e2:05:a8:0a:a0:d1:52:8f:ac:82:5d:
97:db:42:9c:47:12:90:07:8a:29:e4:87:02:16:86:
bf:aa:58:19:ee:f8:e7:b1:dd:71:49:3d:12:3f:60:
c5:60:d2:bd:36:1d:62:e8:70:01:31:9f:d0:64:e5:
66:a9:f3:b2:fc:cb:a7:e2:fe:b1:e7:bf:d2:61:e5:
2f:8f:34:62:a6:d2:fe:56:e7:8b:de:cd:8b:ba:52:
90:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7D:22:B4:B8:51:A0:83:CE:07:6D:EB:C9:D5:4E:9B:8B:66:23:F2
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G30itLhRoIPOB23rydVOm4tmI_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.152.0/24
Signature Algorithm: sha256WithRSAEncryption
65:6f:18:b7:2b:f1:2a:38:cf:a5:75:a8:32:3f:fa:da:e2:58:
4e:4c:8d:20:ce:c4:b5:60:b0:7b:09:fd:a2:52:53:e7:a6:7b:
3a:04:17:d5:23:ba:7a:7a:a8:1a:52:ce:6b:77:c2:f3:87:3b:
c8:93:9b:74:24:12:a7:33:b4:92:6a:22:03:43:ac:5a:c0:fe:
dd:1c:48:ee:fe:de:5f:1d:ba:32:82:1f:97:07:f4:07:2b:a5:
40:0e:8e:37:ce:b6:1f:75:70:bd:70:3d:1a:01:11:c2:22:04:
a2:f8:1d:86:c5:16:a3:02:a1:d3:54:c8:5d:b4:e6:09:e4:21:
1a:aa:55:65:1c:45:c9:65:29:27:b9:cd:cb:85:a9:9d:e1:c0:
51:c0:5f:bf:47:2c:7a:9d:34:52:e9:89:d3:0c:55:d2:3c:8b:
61:d9:99:50:c9:d9:c7:4d:b9:01:8c:e0:65:34:fd:d9:1c:70:
04:3a:cd:79:96:57:bc:01:9c:b9:8f:ed:74:2e:87:e8:b7:77:
39:88:66:26:21:b0:4a:31:37:86:01:a5:ef:58:3e:ef:ea:4a:
7d:9e:ef:a0:21:fa:d1:e4:b7:1f:31:36:b9:de:0c:a5:99:ab:
78:f5:a7:27:3b:58:77:fa:97:b7:79:3c:80:fd:bd:0c:45:9e:
2a:68:6c:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLvVfhMin1syku2506HmLZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQxMTAzMDAwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdkMjJiNGI4NTFhMDgzY2UwNzZkZWJjOWQ1NGU5YjhiNjYyM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzulamY+azTFDZRexSDrnuhdZWOrt
XloTLPEswCPjyH3xUTMFfLw1hyVrgu9Gp8vAXm/B9JxLyX+rhHNmut2TdQGrh7nS
k7wIPO/IYHp1rt+Ec9TjaZF4/Oq8gU41xWtU6FmH5TUcwPhD03+Ff5m2xPMLUd2N
mJPFQzZN7HeU4nurS+X1O/BUFlPTJC+mXSGJ9bqHEObELffBsrEubIxdK8wdHC/2
8MZ84gWoCqDRUo+sgl2X20KcRxKQB4op5IcCFoa/qlgZ7vjnsd1xST0SP2DFYNK9
Nh1i6HABMZ/QZOVmqfOy/Mun4v6x57/SYeUvjzRiptL+VueL3s2LulKQywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBt9IrS4UaCDzgdt68nVTpuLZiPyMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvRzMwaXRMaFJvSVBPQjIzcnlkVk9tNHRtSV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf+YMA0G
CSqGSIb3DQEBCwUAA4IBAQBlbxi3K/EqOM+ldagyP/ra4lhOTI0gzsS1YLB7Cf2i
UlPnpns6BBfVI7p6eqgaUs5rd8LzhzvIk5t0JBKnM7SSaiIDQ6xawP7dHEju/t5f
Hboygh+XB/QHK6VADo43zrYfdXC9cD0aARHCIgSi+B2GxRajAqHTVMhdtOYJ5CEa
qlVlHEXJZSknuc3Lhamd4cBRwF+/Ryx6nTRS6YnTDFXSPIth2ZlQydnHTbkBjOBl
NP3ZHHAEOs15lle8AZy5j+10Lofot3c5iGYmIbBKMTeGAaXvWD7v6kp9nu+gIfrR
5LcfMTa53gylmat49acnO1h3+pe3eTyA/b0MRZ4qaGzZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:39 2025 by rpki-client