Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/G2Z3vl80LlImyiCwz3B7-hn-DGQ.roa
File: G2Z3vl80LlImyiCwz3B7-hn-DGQ.roa (raw, json)
Hash identifier: JD5GunHXkcvCq9ZCVGp5c3bCy6N3TR/5mwWxvrgwgDQ=
Subject key identifier: 1B:66:77:BE:5F:34:2E:52:26:CA:20:B0:CF:70:7B:FA:19:FE:0C:64
Certificate issuer: /CN=4aa6917876fd78926c1927b9fdc79658d746c84c
Certificate serial: 018CC8010CC7B40D699B455915E4095D88B3
Authority key identifier: 4A:A6:91:78:76:FD:78:92:6C:19:27:B9:FD:C7:96:58:D7:46:C8:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqaReHb9eJJsGSe5_ceWWNdGyEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/G2Z3vl80LlImyiCwz3B7-hn-DGQ.roa
Signing time: Tue 02 Jan 2024 02:29:21 +0000
ROA not before: Tue 02 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202074
IP address blocks: 185.54.152.0/22 maxlen: 24
91.189.212.0/22 maxlen: 24
185.254.168.0/22 maxlen: 24
185.125.144.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0c:c7:b4:0d:69:9b:45:59:15:e4:09:5d:88:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aa6917876fd78926c1927b9fdc79658d746c84c
Validity
Not Before: Jan 2 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b6677be5f342e5226ca20b0cf707bfa19fe0c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:46:8e:c8:5a:25:bc:8f:d1:f6:3f:05:b6:58:
ac:d0:a8:ba:e1:ad:cb:d5:63:f8:ab:2c:73:af:c6:
4d:59:5c:00:c0:9c:21:c9:90:bc:b1:56:76:a3:a0:
21:ad:a8:11:6b:0f:48:25:91:6e:12:6f:40:7e:2b:
19:59:0d:8d:5a:07:91:1f:70:18:c7:24:ec:41:85:
a3:09:ab:1b:36:de:59:13:b9:45:40:8f:83:7c:0a:
2a:19:40:04:92:91:03:94:d0:03:f2:c8:44:73:42:
b3:64:d0:40:a2:8f:eb:c2:2f:62:04:8c:88:37:26:
8d:f1:e1:b1:ef:ef:4d:5e:50:31:9c:d3:97:9e:da:
80:bb:29:0d:b0:9f:04:c0:f4:4e:39:7a:02:2f:9a:
8c:9a:45:63:13:fe:89:e7:e5:17:03:1f:f3:3e:af:
c3:ca:6c:d6:8f:95:b8:e3:d9:52:31:ea:de:97:82:
28:93:53:3a:6e:dc:11:ab:e3:5f:27:9d:6a:79:e0:
0b:a1:0e:52:28:f4:90:0f:a8:a2:bc:2b:6b:e7:a4:
5b:10:c6:0c:dc:8b:4b:c6:54:ac:cc:71:2a:ee:b1:
b7:95:55:37:31:f8:d2:66:fc:10:18:a5:8c:c5:88:
da:8d:56:c6:09:35:f3:ad:d3:3a:0a:82:b9:72:8f:
71:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:66:77:BE:5F:34:2E:52:26:CA:20:B0:CF:70:7B:FA:19:FE:0C:64
X509v3 Authority Key Identifier:
keyid:4A:A6:91:78:76:FD:78:92:6C:19:27:B9:FD:C7:96:58:D7:46:C8:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqaReHb9eJJsGSe5_ceWWNdGyEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/G2Z3vl80LlImyiCwz3B7-hn-DGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/SqaReHb9eJJsGSe5_ceWWNdGyEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.212.0/22
185.54.152.0/22
185.125.144.0/22
185.254.168.0/22
Signature Algorithm: sha256WithRSAEncryption
09:ed:a3:a3:a5:f4:1a:cf:24:3c:6e:fe:d8:c2:39:6c:df:47:
85:b7:50:a6:2f:6f:e5:d4:d3:1c:a7:67:16:a0:59:f3:1f:59:
2f:9a:47:c1:fe:c8:05:41:53:6e:ee:5b:8f:d8:3a:f6:4d:69:
c8:fc:cd:ac:fa:0c:b3:07:d4:ee:5b:b2:d7:a1:b3:b8:28:4f:
0b:38:2e:ae:ca:4d:7b:25:bc:a8:c2:7d:ff:b5:ca:4f:13:d1:
0b:b4:cd:6f:5c:1e:1d:26:76:c1:85:06:9d:ea:fc:1d:ef:34:
e4:8a:75:ae:de:34:77:62:88:b9:c2:fd:27:ee:e1:a4:05:f5:
91:df:b7:05:96:e8:59:c0:2c:ff:46:30:cd:74:09:24:04:98:
30:19:25:9b:a8:f5:2f:3d:58:b7:e7:69:b5:f4:7e:1c:32:a1:
d2:29:d3:67:8e:11:8a:f4:7c:13:3c:56:38:71:30:9c:5d:da:
61:9a:53:34:a3:b2:7d:c3:67:fd:46:72:b1:22:f2:18:00:2f:
3c:93:3b:91:2e:19:e7:15:5b:5b:67:d3:a7:86:55:31:a4:9c:
b2:a4:74:98:01:dd:af:98:d1:55:f1:60:d8:b9:44:6a:e6:fa:
ba:30:36:38:e7:82:a1:97:04:09:e0:f1:68:69:27:db:09:b4:
46:a7:38:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAQzHtA1pm0VZFeQJXYizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYTY5MTc4NzZmZDc4OTI2YzE5MjdiOWZkYzc5NjU4ZDc0
NmM4NGMwHhcNMjQwMTAyMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY2NzdiZTVmMzQyZTUyMjZjYTIwYjBjZjcwN2JmYTE5ZmUwYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0aOyFolvI/R9j8Ftlis0Ki64a3L
1WP4qyxzr8ZNWVwAwJwhyZC8sVZ2o6AhragRaw9IJZFuEm9AfisZWQ2NWgeRH3AY
xyTsQYWjCasbNt5ZE7lFQI+DfAoqGUAEkpEDlNAD8shEc0KzZNBAoo/rwi9iBIyI
NyaN8eGx7+9NXlAxnNOXntqAuykNsJ8EwPROOXoCL5qMmkVjE/6J5+UXAx/zPq/D
ymzWj5W449lSMerel4Iok1M6btwRq+NfJ51qeeALoQ5SKPSQD6iivCtr56RbEMYM
3ItLxlSszHEq7rG3lVU3MfjSZvwQGKWMxYjajVbGCTXzrdM6CoK5co9xAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBtmd75fNC5SJsogsM9we/oZ/gxkMB8GA1UdIwQY
MBaAFEqmkXh2/XiSbBknuf3HlljXRshMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3FhUmVIYjllSkpzR1NlNV9jZVdXTmRHeUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lMTFlYTMtODcwNS00MGFjLWE2OGQt
OWNlMjdjMTJiMmY0LzEvRzJaM3ZsODBMbElteWlDd3ozQjctaG4tREdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lMTFlYTMtODcwNS00MGFjLWE2OGQtOWNlMjdjMTJiMmY0
LzEvU3FhUmVIYjllSkpzR1NlNV9jZVdXTmRHeUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW73UAwQC
uTaYAwQCuX2QAwQCuf6oMA0GCSqGSIb3DQEBCwUAA4IBAQAJ7aOjpfQazyQ8bv7Y
wjls30eFt1CmL2/l1NMcp2cWoFnzH1kvmkfB/sgFQVNu7luP2Dr2TWnI/M2s+gyz
B9TuW7LXobO4KE8LOC6uyk17Jbyown3/tcpPE9ELtM1vXB4dJnbBhQad6vwd7zTk
inWu3jR3Yoi5wv0n7uGkBfWR37cFluhZwCz/RjDNdAkkBJgwGSWbqPUvPVi352m1
9H4cMqHSKdNnjhGK9HwTPFY4cTCcXdphmlM0o7J9w2f9RnKxIvIYAC88kzuRLhnn
FVtbZ9OnhlUxpJyypHSYAd2vmNFV8WDYuURq5vq6MDY454KhlwQJ4PFoaSfbCbRG
pziM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:09 2025 by rpki-client