Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gXm1RotTp52kLhoE7qf12hFrxmg.roa
File: gXm1RotTp52kLhoE7qf12hFrxmg.roa (raw, json)
Hash identifier: GX8WaBD/B7l/KxvODoc8phrLG7y89yHeX0dZPgFO/Q0=
Subject key identifier: 81:79:B5:46:8B:53:A7:9D:A4:2E:1A:04:EE:A7:F5:DA:11:6B:C6:68
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019715E6C88BDFDC899FA904DAA3E5B90206
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gXm1RotTp52kLhoE7qf12hFrxmg.roa
Signing time: Wed 28 May 2025 07:58:55 +0000
ROA not before: Wed 28 May 2025 07:58:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214202
IP address blocks: 192.121.255.0/24 maxlen: 24
193.234.16.0/24 maxlen: 24
194.68.238.0/24 maxlen: 24
2a01:280:310::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 May 2025 12:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:15:e6:c8:8b:df:dc:89:9f:a9:04:da:a3:e5:b9:02:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 28 07:58:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8179b5468b53a79da42e1a04eea7f5da116bc668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:e3:84:79:0e:4b:c6:47:d2:54:17:b0:4d:
a4:e6:c7:2e:0c:df:9e:7e:e8:02:1b:99:ca:68:0c:
40:fd:aa:56:a1:be:09:11:82:8a:a7:04:a1:d1:5f:
93:9d:6a:34:60:3c:6b:12:68:12:e9:19:3e:37:75:
5a:7a:ac:98:c4:12:c4:77:ec:0b:b0:ca:2f:16:47:
d5:0d:1c:3f:18:a5:b7:5d:af:ea:69:99:35:02:b3:
b6:d3:d4:7e:28:9d:a2:44:69:1d:52:6f:dc:fb:2f:
9b:12:ca:c7:e4:af:79:f0:5e:9f:3d:7f:06:c4:27:
0f:c2:fd:1a:b7:8a:b6:03:75:35:08:28:a9:ca:65:
48:c3:da:0b:c8:94:f4:76:29:36:c5:6c:59:d0:4e:
7c:b5:f8:03:a1:f3:35:d1:ed:3f:be:10:f7:fb:8a:
7c:33:d7:ef:de:1a:5f:47:a5:f9:fc:ad:07:e4:9c:
b0:c0:76:e1:62:cf:d0:4b:27:7d:3c:34:75:f9:f9:
6a:53:03:f3:59:9a:e9:b9:a2:03:b9:e3:7c:27:eb:
72:a8:c3:0c:89:47:6c:24:18:24:c8:5e:73:d9:33:
b1:f4:c0:05:7a:74:bc:77:d0:34:7a:be:33:22:d1:
20:e2:98:b7:6a:11:81:e0:19:86:18:42:95:f9:e5:
5f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:79:B5:46:8B:53:A7:9D:A4:2E:1A:04:EE:A7:F5:DA:11:6B:C6:68
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gXm1RotTp52kLhoE7qf12hFrxmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.255.0/24
193.234.16.0/24
194.68.238.0/24
IPv6:
2a01:280:310::/48
Signature Algorithm: sha256WithRSAEncryption
75:20:ea:e0:36:10:fc:17:ca:05:5d:f8:16:73:65:7d:1d:0a:
0e:2f:ba:3d:3d:61:88:d6:5f:c2:30:33:a5:ec:ba:e2:7c:fc:
ba:d8:96:a4:0c:c7:ff:b9:f6:c5:d8:e8:aa:29:01:3f:ff:98:
b0:e8:64:90:25:f4:fe:f1:90:da:a9:94:78:7f:5d:44:0b:2e:
5b:14:61:97:53:02:6f:97:12:24:98:ad:6d:76:a7:8d:80:c7:
67:33:ff:46:41:f4:6c:b5:77:a5:85:db:e2:3d:13:4b:c0:c5:
71:a7:96:b5:c1:cc:56:63:54:2d:8f:ef:03:fb:7d:2c:37:0e:
fd:d3:6f:01:81:93:49:9b:7f:7b:d0:f3:08:c8:32:52:45:e2:
4d:0e:2a:44:b4:c6:6e:ea:b0:07:9c:34:cd:76:6b:06:51:63:
69:fa:ad:90:80:90:2c:a4:b3:36:c2:36:7e:28:95:84:7c:9f:
37:d5:48:7a:47:a3:90:ad:4a:96:ec:93:21:3d:0d:26:8f:82:
5b:a2:29:4b:64:7d:46:41:3e:e7:5b:02:52:b0:70:9f:0a:70:
6d:8c:ae:f2:63:75:d4:b8:ed:6a:bf:d4:ee:6e:1f:0d:fb:64:
d2:98:1e:57:27:42:57:25:94:27:ba:6e:04:91:d1:98:a7:72:
48:7a:e7:94
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZcV5siL39yJn6kE2qPluQIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNTI4MDc1ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTc5YjU0NjhiNTNhNzlkYTQyZTFhMDRlZWE3ZjVkYTExNmJjNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufbjhHkOS8ZH0lQXsE2k5scuDN+e
fugCG5nKaAxA/apWob4JEYKKpwSh0V+TnWo0YDxrEmgS6Rk+N3VaeqyYxBLEd+wL
sMovFkfVDRw/GKW3Xa/qaZk1ArO209R+KJ2iRGkdUm/c+y+bEsrH5K958F6fPX8G
xCcPwv0at4q2A3U1CCipymVIw9oLyJT0dik2xWxZ0E58tfgDofM10e0/vhD3+4p8
M9fv3hpfR6X5/K0H5JywwHbhYs/QSyd9PDR1+flqUwPzWZrpuaIDueN8J+tyqMMM
iUdsJBgkyF5z2TOx9MAFenS8d9A0er4zItEg4pi3ahGB4BmGGEKV+eVf1QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIF5tUaLU6edpC4aBO6n9doRa8ZoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZ1htMVJvdFRwNTJrTGhvRTdxZjEyaEZyeG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwHn/AwQA
weoQAwQAwkTuMA8EAgACMAkDBwAqAQKAAxAwDQYJKoZIhvcNAQELBQADggEBAHUg
6uA2EPwXygVd+BZzZX0dCg4vuj09YYjWX8IwM6XsuuJ8/LrYlqQMx/+59sXY6Kop
AT//mLDoZJAl9P7xkNqplHh/XUQLLlsUYZdTAm+XEiSYrW12p42Ax2cz/0ZB9Gy1
d6WF2+I9E0vAxXGnlrXBzFZjVC2P7wP7fSw3Dv3TbwGBk0mbf3vQ8wjIMlJF4k0O
KkS0xm7qsAecNM12awZRY2n6rZCAkCykszbCNn4olYR8nzfVSHpHo5CtSpbskyE9
DSaPgluiKUtkfUZBPudbAlKwcJ8KcG2MrvJjddS47Wq/1O5uHw37ZNKYHlcnQlcl
lCe6bgSR0Zinckh655Q=
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:29:38 2025 by rpki-client