Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/GjcqSLHOsT5Di3hlh2KBuL0hzwA.roa
File: GjcqSLHOsT5Di3hlh2KBuL0hzwA.roa (raw, json)
Hash identifier: UKR2k3hKJJi43fTUyQgIBsninnUiFDPVg9DXjlIqYqY=
Subject key identifier: 1A:37:2A:48:B1:CE:B1:3E:43:8B:78:65:87:62:81:B8:BD:21:CF:00
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018DC66E185735EA91BEAD7BD95A82F2BFAE
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/GjcqSLHOsT5Di3hlh2KBuL0hzwA.roa
Signing time: Tue 20 Feb 2024 12:12:00 +0000
ROA not before: Tue 20 Feb 2024 12:12:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 152.89.28.0/22 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:6e:18:57:35:ea:91:be:ad:7b:d9:5a:82:f2:bf:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Feb 20 12:12:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a372a48b1ceb13e438b7865876281b8bd21cf00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:72:cb:f0:42:2f:8f:12:1c:54:90:1f:0a:4a:
6c:80:8a:dd:6b:12:df:a6:1d:1b:b2:31:41:23:33:
50:e5:bf:53:a4:97:28:53:66:32:5e:52:8e:58:1a:
b0:e0:ae:16:b9:79:70:7e:c6:9a:06:f6:7d:4a:72:
75:68:d9:b6:ff:31:55:44:46:dc:c2:94:ed:a2:d6:
6a:a7:57:b2:66:1e:46:15:f2:ab:7f:7a:3f:2e:39:
b5:89:9c:f3:a2:dc:10:7b:4c:24:0a:67:90:f5:29:
5a:46:ff:7d:76:39:5d:08:45:a8:4a:43:e5:05:cd:
81:41:83:bb:00:27:7c:27:77:61:da:9c:de:66:30:
f8:5e:02:ed:f0:01:6e:78:9d:de:64:ce:73:32:c0:
d9:eb:78:c6:1d:d6:ca:3c:1e:f4:3c:a9:57:ac:1a:
22:76:f8:d3:5e:08:6f:fd:d4:92:26:c6:78:6b:d3:
9d:ac:58:9f:fc:62:6a:a6:de:24:56:01:e3:2c:7d:
f8:ca:f4:8b:83:6f:0d:01:c5:b1:42:11:ff:7f:36:
dc:aa:f7:42:7f:0e:3e:fb:a9:e1:7b:56:a5:00:93:
e6:e6:6d:90:47:82:66:bc:93:dd:64:bd:11:0c:b9:
aa:0d:e1:f5:86:dd:9f:f7:c8:48:96:4d:d4:ea:a0:
a7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:37:2A:48:B1:CE:B1:3E:43:8B:78:65:87:62:81:B8:BD:21:CF:00
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/GjcqSLHOsT5Di3hlh2KBuL0hzwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:32:35:07:53:da:b2:6d:7b:0d:2f:28:dc:0f:1f:27:bd:ca:
91:e5:19:bb:af:c4:c3:92:03:b2:fa:e3:93:46:c8:db:34:98:
67:e3:5e:5b:f7:bc:5c:76:03:8a:7e:b5:d5:ed:74:1d:78:98:
63:02:1e:7b:97:11:fe:bc:ec:95:b7:92:bd:e3:7f:2e:e5:73:
50:4c:61:98:4d:dd:f8:18:8a:2d:43:93:a5:ae:4d:7f:c0:d0:
34:d6:42:6f:b4:a8:e1:c1:ab:b8:e0:7d:0e:46:fb:79:b6:13:
6d:40:f8:f9:bb:0e:65:1b:bb:19:95:c9:b7:bd:44:5e:b9:cb:
79:8c:4b:bf:b3:f8:43:b4:c5:ee:98:23:11:b2:e4:73:49:4c:
e0:1d:d5:59:a9:4c:31:fb:c8:3b:ff:01:c0:d6:b9:40:40:27:
5c:4e:30:6e:2d:7e:52:19:9d:a6:59:bc:41:39:84:e7:62:cb:
47:be:a1:95:03:25:0d:ef:82:1d:66:e3:5a:fd:0c:b8:6f:7f:
b9:5f:55:f2:67:e9:97:83:75:a5:7b:a7:ea:f1:73:91:63:18:
77:d8:f2:6c:d7:a1:7b:9b:ad:bc:ac:28:85:fc:0a:e9:71:d0:
1b:8a:50:2a:32:3c:0e:20:77:3c:62:89:f4:e1:ec:73:a8:fc:
7d:7c:0f:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3GbhhXNeqRvq172VqC8r+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwMjIwMTIxMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTM3MmE0OGIxY2ViMTNlNDM4Yjc4NjU4NzYyODFiOGJkMjFjZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXLL8EIvjxIcVJAfCkpsgIrdaxLf
ph0bsjFBIzNQ5b9TpJcoU2YyXlKOWBqw4K4WuXlwfsaaBvZ9SnJ1aNm2/zFVREbc
wpTtotZqp1eyZh5GFfKrf3o/Ljm1iZzzotwQe0wkCmeQ9SlaRv99djldCEWoSkPl
Bc2BQYO7ACd8J3dh2pzeZjD4XgLt8AFueJ3eZM5zMsDZ63jGHdbKPB70PKlXrBoi
dvjTXghv/dSSJsZ4a9OdrFif/GJqpt4kVgHjLH34yvSLg28NAcWxQhH/fzbcqvdC
fw4++6nhe1alAJPm5m2QR4JmvJPdZL0RDLmqDeH1ht2f98hIlk3U6qCnaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBo3KkixzrE+Q4t4ZYdigbi9Ic8AMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvR2pjcVNMSE9zVDVEaTNobGgyS0J1TDBoendBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFkcAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQAfMjUHU9qybXsNLyjcDx8nvcqR5Rm7r8TD
kgOy+uOTRsjbNJhn415b97xcdgOKfrXV7XQdeJhjAh57lxH+vOyVt5K9438u5XNQ
TGGYTd34GIotQ5Olrk1/wNA01kJvtKjhwau44H0ORvt5thNtQPj5uw5lG7sZlcm3
vUReuct5jEu/s/hDtMXumCMRsuRzSUzgHdVZqUwx+8g7/wHA1rlAQCdcTjBuLX5S
GZ2mWbxBOYTnYstHvqGVAyUN74IdZuNa/Qy4b3+5X1XyZ+mXg3Wle6fq8XORYxh3
2PJs16F7m628rCiF/ArpcdAbilAqMjwOIHc8Yon04exzqPx9fA+w
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:46 2025 by rpki-client