Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/gdKdbpLgbehMpGdc87t4lOjETCw.roa
File: gdKdbpLgbehMpGdc87t4lOjETCw.roa (raw, json)
Hash identifier: M09vgI2xm17zN2JCQ8wXKS3g6P3hxXVWsyHtgLyKWxI=
Subject key identifier: 81:D2:9D:6E:92:E0:6D:E8:4C:A4:67:5C:F3:BB:78:94:E8:C4:4C:2C
Certificate issuer: /CN=63082d6d3a1dc501795737537ca74d27a80265a2
Certificate serial: 0192C3B5B0D8D77549C743052258A040FDF1
Authority key identifier: 63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/gdKdbpLgbehMpGdc87t4lOjETCw.roa
Signing time: Fri 25 Oct 2024 12:45:17 +0000
ROA not before: Fri 25 Oct 2024 12:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62205
IP address blocks: 79.174.184.0/21 maxlen: 21
91.209.128.0/23 maxlen: 23
91.209.130.0/24 maxlen: 24
185.44.164.0/22 maxlen: 24
185.77.228.0/22 maxlen: 22
185.77.240.0/22 maxlen: 22
2a01:72a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Nov 2024 14:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:b5:b0:d8:d7:75:49:c7:43:05:22:58:a0:40:fd:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63082d6d3a1dc501795737537ca74d27a80265a2
Validity
Not Before: Oct 25 12:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81d29d6e92e06de84ca4675cf3bb7894e8c44c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2e:8e:e1:fb:b3:7f:ac:6b:3d:33:dd:db:ba:
31:4e:00:c3:44:d2:81:b5:86:3b:38:d1:ba:77:3f:
c7:89:dd:63:10:41:bd:71:3c:83:3f:4b:7c:74:04:
bb:53:a1:58:10:cb:f6:c0:0c:28:e8:98:78:95:81:
57:23:45:63:15:24:9b:57:3a:54:b1:b3:3e:b1:cc:
31:ce:b7:c5:7d:eb:ca:f6:95:65:23:7c:cd:e0:84:
8b:8f:cb:52:53:e6:46:e7:4c:ea:d8:22:1d:84:f6:
0a:c3:00:6a:1d:b5:b1:f3:4a:b9:e9:c8:0c:f1:84:
8e:ee:0d:79:da:63:21:22:16:ca:f7:a0:47:b8:a0:
95:8f:36:4f:fe:9e:32:22:e7:33:d3:e1:e7:a2:2a:
c9:3b:ca:2c:27:03:4e:cd:54:e4:fc:a2:e5:38:bb:
80:49:5f:bf:f7:9f:9e:3b:c7:95:d5:63:31:81:d0:
89:0e:34:8d:3b:73:07:e5:86:2b:8b:2f:68:43:f7:
08:c9:e6:9d:a7:5b:5e:fc:59:23:a7:4b:49:04:6f:
54:17:db:1d:db:78:50:f0:3b:23:87:1c:bc:37:2a:
bb:93:b9:4a:24:35:77:39:71:d9:ec:d8:48:85:c4:
b9:ec:48:d4:bd:f5:a6:5b:b3:15:76:a4:ca:fe:86:
84:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D2:9D:6E:92:E0:6D:E8:4C:A4:67:5C:F3:BB:78:94:E8:C4:4C:2C
X509v3 Authority Key Identifier:
keyid:63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/gdKdbpLgbehMpGdc87t4lOjETCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.184.0/21
91.209.128.0-91.209.130.255
185.44.164.0/22
185.77.228.0/22
185.77.240.0/22
IPv6:
2a01:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
25:c8:4e:5e:0c:2f:aa:79:7c:cb:b0:53:5f:a1:a8:d4:9b:4d:
0e:ab:df:d9:00:9d:d6:34:a0:a5:e9:96:8e:76:c5:45:44:09:
35:7a:53:ae:08:72:63:b0:69:c1:60:d9:da:c7:fc:bf:f9:d3:
dc:0d:ba:b3:ac:90:6a:bf:3f:4a:e4:44:7d:08:c2:6d:a4:2a:
1f:79:93:78:1c:bc:91:9c:d2:39:f8:a6:c6:ef:6c:ea:9d:1e:
dd:51:df:e5:20:76:f2:86:87:b2:5a:1b:39:56:0e:0b:71:bb:
54:b3:8b:50:79:d1:3c:25:22:f7:dd:09:65:84:91:12:75:fa:
8b:88:c9:4e:12:38:a1:57:24:f1:3c:f0:0a:c8:a8:b1:9d:4e:
1c:18:4b:78:bb:5a:97:2a:96:5c:ed:59:59:50:a1:43:48:3c:
09:63:07:ec:aa:fe:58:8e:06:f1:17:a5:49:d1:23:16:d7:d3:
0b:2a:f9:db:3d:05:62:6c:52:8c:f7:e1:22:3f:71:85:9b:d1:
66:b4:14:f7:c9:96:1a:b2:6b:cf:0d:39:8f:74:fa:eb:49:5a:
59:cb:98:7b:2f:99:ae:71:e4:99:19:1f:c3:0a:5c:7d:2f:0a:
7f:78:03:e7:88:e7:d7:8b:ec:aa:74:ae:1a:d9:1b:c6:bc:da:
9a:c9:05:07
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZLDtbDY13VJx0MFIligQP3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDgyZDZkM2ExZGM1MDE3OTU3Mzc1MzdjYTc0ZDI3YTgw
MjY1YTIwHhcNMjQxMDI1MTI0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQyOWQ2ZTkyZTA2ZGU4NGNhNDY3NWNmM2JiNzg5NGU4YzQ0YzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS6O4fuzf6xrPTPd27oxTgDDRNKB
tYY7ONG6dz/Hid1jEEG9cTyDP0t8dAS7U6FYEMv2wAwo6Jh4lYFXI0VjFSSbVzpU
sbM+scwxzrfFfevK9pVlI3zN4ISLj8tSU+ZG50zq2CIdhPYKwwBqHbWx80q56cgM
8YSO7g152mMhIhbK96BHuKCVjzZP/p4yIucz0+HnoirJO8osJwNOzVTk/KLlOLuA
SV+/95+eO8eV1WMxgdCJDjSNO3MH5YYriy9oQ/cIyeadp1te/Fkjp0tJBG9UF9sd
23hQ8Dsjhxy8Nyq7k7lKJDV3OXHZ7NhIhcS57EjUvfWmW7MVdqTK/oaE9QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIHSnW6S4G3oTKRnXPO7eJToxEwsMB8GA1UdIwQY
MBaAFGMILW06HcUBeVc3U3ynTSeoAmWiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMt
YzE4YWQzNmE3YjMwLzEvZ2RLZGJwTGdiZWhNcEdkYzg3dDRsT2pFVEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMtYzE4YWQzNmE3YjMw
LzEvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDT664MAwD
BAdb0YADBABb0YIDBAK5LKQDBAK5TeQDBAK5TfAwDQQCAAIwBwMFACoBcqAwDQYJ
KoZIhvcNAQELBQADggEBACXITl4ML6p5fMuwU1+hqNSbTQ6r39kAndY0oKXplo52
xUVECTV6U64IcmOwacFg2drH/L/509wNurOskGq/P0rkRH0Iwm2kKh95k3gcvJGc
0jn4psbvbOqdHt1R3+UgdvKGh7JaGzlWDgtxu1Szi1B50TwlIvfdCWWEkRJ1+ouI
yU4SOKFXJPE88ArIqLGdThwYS3i7WpcqllztWVlQoUNIPAljB+yq/liOBvEXpUnR
IxbX0wsq+ds9BWJsUoz34SI/cYWb0Wa0FPfJlhqya88NOY90+utJWlnLmHsvma5x
5JkZH8MKXH0vCn94A+eI59eL7Kp0rhrZG8a82prJBQc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:14 2025 by rpki-client