Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/GuVGT_xfKsZYZqMIEAGaZoEBdeA.roa
File: GuVGT_xfKsZYZqMIEAGaZoEBdeA.roa (raw, json)
Hash identifier: Uoqqy2XlMT3sZZ67x5OUp1ph1MHeeFIy6vhCUfKuQ2Y=
Subject key identifier: 1A:E5:46:4F:FC:5F:2A:C6:58:66:A3:08:10:01:9A:66:81:01:75:E0
Certificate issuer: /CN=b425771f992fd74dfb0736e695aeb59c6af67e93
Certificate serial: 018CC94E533C7D8993070B3566BAC16ACACC
Authority key identifier: B4:25:77:1F:99:2F:D7:4D:FB:07:36:E6:95:AE:B5:9C:6A:F6:7E:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCV3H5kv1037Bzbmla61nGr2fpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/GuVGT_xfKsZYZqMIEAGaZoEBdeA.roa
Signing time: Tue 02 Jan 2024 08:33:22 +0000
ROA not before: Tue 02 Jan 2024 08:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51438
IP address blocks: 194.77.158.0/24 maxlen: 24
2a13:b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:53:3c:7d:89:93:07:0b:35:66:ba:c1:6a:ca:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b425771f992fd74dfb0736e695aeb59c6af67e93
Validity
Not Before: Jan 2 08:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ae5464ffc5f2ac65866a30810019a66810175e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ce:c1:a6:72:6e:95:69:cb:3f:e6:b1:4f:f1:
84:26:c4:73:e3:fb:73:bb:06:6b:84:10:9d:7f:26:
33:0e:c8:a5:0e:02:e9:7f:fc:49:07:be:2a:60:f1:
8d:57:70:ec:df:b7:c8:9a:20:fd:d3:2a:02:d1:ab:
1d:b9:ca:9d:41:a3:a8:15:e8:46:81:cd:d6:5a:de:
e1:74:ea:e3:0d:95:17:83:3f:32:72:81:87:db:e8:
3a:16:db:19:df:ed:75:f2:53:ad:5a:97:9b:16:1b:
9d:ea:6b:39:5c:bd:12:59:06:9b:fa:39:d9:4d:ea:
9b:e0:e2:c0:f1:aa:34:9a:cd:9b:0e:12:7d:68:dc:
de:b7:dd:1c:55:f0:92:0b:ab:e4:bf:25:10:a9:03:
30:9e:34:9e:df:2f:47:07:c1:65:6f:42:50:cb:f2:
09:ce:39:ae:6b:c6:3d:4f:a3:f4:24:eb:38:e5:de:
1f:62:4a:1c:1c:3e:ee:fa:07:b5:ad:82:33:c9:41:
aa:a7:44:dc:fa:38:52:79:70:63:14:7a:51:ca:27:
ca:9b:48:5b:96:09:8f:9e:e2:fd:a0:34:1e:fc:25:
51:0b:50:8d:00:9d:0a:c3:b3:2a:5d:36:2b:96:b3:
f2:b8:31:82:51:47:a9:83:e9:1d:4e:15:6f:6d:c9:
d7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E5:46:4F:FC:5F:2A:C6:58:66:A3:08:10:01:9A:66:81:01:75:E0
X509v3 Authority Key Identifier:
keyid:B4:25:77:1F:99:2F:D7:4D:FB:07:36:E6:95:AE:B5:9C:6A:F6:7E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCV3H5kv1037Bzbmla61nGr2fpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/GuVGT_xfKsZYZqMIEAGaZoEBdeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e8f95d-ad38-4b5c-b090-8a8564ba3c8c/1/tCV3H5kv1037Bzbmla61nGr2fpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.77.158.0/24
IPv6:
2a13:b00::/29
Signature Algorithm: sha256WithRSAEncryption
79:79:d2:d3:1d:d7:8a:6c:6d:93:ab:4e:29:a5:53:aa:37:f9:
41:bf:9a:93:01:8a:cf:cc:25:b2:7d:c8:14:a2:56:e7:61:4e:
53:7d:58:9d:4e:4e:13:d9:19:98:e1:a7:53:9c:45:67:a8:e4:
74:7c:c1:b8:e4:61:7d:4e:39:22:d3:3d:ed:d7:bf:32:f2:e3:
2f:59:4c:01:64:c8:41:54:76:7c:d0:00:28:ac:0c:cf:00:12:
11:76:db:c7:e1:74:4c:4e:59:97:9f:8d:de:89:69:67:63:54:
28:af:2b:aa:e4:75:98:36:ca:5d:11:7e:18:c9:fa:c3:8a:9a:
5c:42:90:81:32:f7:d3:c3:c6:79:5d:83:23:99:a8:43:80:3f:
67:20:e4:78:1b:48:5b:65:c8:2d:19:48:57:75:fa:03:95:0e:
b4:75:dd:5d:f5:e5:56:0e:48:91:22:b4:dc:9e:e6:b8:e0:6c:
bc:c6:0a:9b:5a:fe:e5:bd:cf:55:3b:e0:2e:6b:b6:28:5f:4d:
83:57:9c:c9:d1:2c:cf:6e:03:3f:0c:49:18:84:67:6c:cf:7a:
d2:67:1b:06:cf:3a:90:b5:df:c3:8d:76:65:53:65:99:1b:60:
74:24:6d:d5:59:50:01:68:b4:87:02:3f:6d:ec:fe:45:0b:d7:
9a:0a:45:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTlM8fYmTBws1ZrrBasrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjU3NzFmOTkyZmQ3NGRmYjA3MzZlNjk1YWViNTljNmFm
NjdlOTMwHhcNMjQwMTAyMDgzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU1NDY0ZmZjNWYyYWM2NTg2NmEzMDgxMDAxOWE2NjgxMDE3NWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM7BpnJulWnLP+axT/GEJsRz4/tz
uwZrhBCdfyYzDsilDgLpf/xJB74qYPGNV3Ds37fImiD90yoC0asducqdQaOoFehG
gc3WWt7hdOrjDZUXgz8ycoGH2+g6FtsZ3+118lOtWpebFhud6ms5XL0SWQab+jnZ
Teqb4OLA8ao0ms2bDhJ9aNzet90cVfCSC6vkvyUQqQMwnjSe3y9HB8Flb0JQy/IJ
zjmua8Y9T6P0JOs45d4fYkocHD7u+ge1rYIzyUGqp0Tc+jhSeXBjFHpRyifKm0hb
lgmPnuL9oDQe/CVRC1CNAJ0Kw7MqXTYrlrPyuDGCUUepg+kdThVvbcnXqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBrlRk/8XyrGWGajCBABmmaBAXXgMB8GA1UdIwQY
MBaAFLQldx+ZL9dN+wc25pWutZxq9n6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENWM0g1a3YxMDM3QnpibWxhNjFuR3IyZnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9lOGY5NWQtYWQzOC00YjVjLWIwOTAt
OGE4NTY0YmEzYzhjLzEvR3VWR1RfeGZLc1pZWnFNSUVBR2Fab0VCZGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9lOGY5NWQtYWQzOC00YjVjLWIwOTAtOGE4NTY0YmEzYzhj
LzEvdENWM0g1a3YxMDM3QnpibWxhNjFuR3IyZnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwk2eMA0E
AgACMAcDBQMqEwsAMA0GCSqGSIb3DQEBCwUAA4IBAQB5edLTHdeKbG2Tq04ppVOq
N/lBv5qTAYrPzCWyfcgUolbnYU5TfVidTk4T2RmY4adTnEVnqOR0fMG45GF9Tjki
0z3t178y8uMvWUwBZMhBVHZ80AAorAzPABIRdtvH4XRMTlmXn43eiWlnY1Qoryuq
5HWYNspdEX4YyfrDippcQpCBMvfTw8Z5XYMjmahDgD9nIOR4G0hbZcgtGUhXdfoD
lQ60dd1d9eVWDkiRIrTcnua44Gy8xgqbWv7lvc9VO+Aua7YoX02DV5zJ0SzPbgM/
DEkYhGdsz3rSZxsGzzqQtd/DjXZlU2WZG2B0JG3VWVABaLSHAj9t7P5FC9eaCkX8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:07 2025 by rpki-client