Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/gtry2EH1lKPd9GVMPbEP38ZZazk.roa
File: gtry2EH1lKPd9GVMPbEP38ZZazk.roa (raw, json)
Hash identifier: h2THqAeI3wG8P6pwacsr02cA6IDSAQM5dR7KHU9ROIc=
Subject key identifier: 82:DA:F2:D8:41:F5:94:A3:DD:F4:65:4C:3D:B1:0F:DF:C6:59:6B:39
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018CC6B79941AC57170914BF0BED165927C1
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/gtry2EH1lKPd9GVMPbEP38ZZazk.roa
Signing time: Mon 01 Jan 2024 20:29:30 +0000
ROA not before: Mon 01 Jan 2024 20:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203214
IP address blocks: 78.109.236.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
78.109.237.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
185.52.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 10:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:99:41:ac:57:17:09:14:bf:0b:ed:16:59:27:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 1 20:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82daf2d841f594a3ddf4654c3db10fdfc6596b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fb:50:04:08:7d:71:68:5d:2e:22:6f:01:f8:
7c:c5:0d:35:95:e7:27:0d:7d:09:a2:4a:2d:72:af:
48:88:75:95:70:8d:d6:65:95:ac:2b:f5:fc:36:d8:
6e:a2:28:ed:be:7a:d4:0c:ae:03:51:0a:dd:79:92:
18:60:5f:74:76:8a:11:8a:6e:1a:97:da:e7:0e:c6:
98:e3:8e:7d:41:b9:c0:0e:7e:a0:10:5f:8d:db:a7:
c9:94:ea:ff:20:ba:6e:4c:6e:d1:ef:53:40:a6:82:
4a:56:1b:6d:4b:b6:49:b8:56:65:3a:85:8c:ae:54:
c3:b1:a9:df:80:a5:27:32:5b:e7:95:b9:e2:3e:18:
15:36:dd:ee:9a:c4:95:17:f8:fd:a7:1e:87:01:69:
41:b2:67:f4:8c:3f:7c:d4:b1:cf:03:52:6f:f5:f1:
93:ea:07:15:33:cc:86:3a:73:b2:5b:89:2f:c9:44:
46:8c:0b:a2:62:55:a6:56:a4:cb:9f:bd:d8:34:e2:
3d:5f:fa:70:b1:bb:df:0d:dc:ad:72:e4:e0:37:3e:
b6:d3:30:58:81:49:77:52:c1:98:f6:e1:6f:3a:7a:
14:01:5b:26:79:04:f7:ae:44:64:5f:c0:50:7a:a6:
cd:bd:49:55:41:d7:e0:a8:39:82:18:d0:74:40:86:
cd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DA:F2:D8:41:F5:94:A3:DD:F4:65:4C:3D:B1:0F:DF:C6:59:6B:39
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/gtry2EH1lKPd9GVMPbEP38ZZazk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.235.0-78.109.238.255
185.52.100.0/23
Signature Algorithm: sha256WithRSAEncryption
31:e6:db:26:c4:06:88:d2:af:ec:22:90:99:dc:e9:7c:ff:fd:
9c:45:d3:5f:3d:3b:18:df:44:de:a9:79:ca:d0:05:47:20:61:
13:8b:eb:26:8b:2e:71:d3:fd:7e:2d:2e:c8:6e:2c:4d:2a:ec:
43:fd:83:8e:c5:5f:ca:11:6f:a9:20:e9:b3:f7:4d:d1:74:38:
69:31:86:25:f9:ce:25:2e:84:13:14:0f:f4:5a:68:57:fb:9e:
25:e5:66:0c:43:bf:03:cb:40:1e:44:ad:d6:3f:c5:a8:f5:4f:
25:d1:12:c5:3b:5f:bf:a0:f7:19:46:e9:3f:9b:36:28:62:05:
31:8d:59:df:f0:55:7c:65:b2:4a:27:ce:89:46:df:e8:6f:38:
7b:2f:79:e7:b9:fb:59:03:01:63:ae:e5:d7:40:a8:21:1f:ef:
91:ca:23:de:13:b8:9e:fc:6d:0f:f5:27:36:93:53:96:3d:3f:
b4:22:45:b0:bf:31:84:27:8e:1f:ef:68:f7:a9:f4:92:3b:93:
05:9a:61:db:38:2c:b1:fc:05:90:fe:8d:af:23:2a:82:6e:aa:
34:e1:92:bc:88:68:94:c6:57:f1:6a:c1:a1:7b:a1:b2:b3:20:
30:06:9a:6d:60:97:f8:bd:53:3b:93:da:45:63:29:5f:23:5f:
23:10:37:9e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzGt5lBrFcXCRS/C+0WWSfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmRhZjJkODQxZjU5NGEzZGRmNDY1NGMzZGIxMGZkZmM2NTk2YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvtQBAh9cWhdLiJvAfh8xQ01lecn
DX0Jokotcq9IiHWVcI3WZZWsK/X8NthuoijtvnrUDK4DUQrdeZIYYF90dooRim4a
l9rnDsaY4459QbnADn6gEF+N26fJlOr/ILpuTG7R71NApoJKVhttS7ZJuFZlOoWM
rlTDsanfgKUnMlvnlbniPhgVNt3umsSVF/j9px6HAWlBsmf0jD981LHPA1Jv9fGT
6gcVM8yGOnOyW4kvyURGjAuiYlWmVqTLn73YNOI9X/pwsbvfDdytcuTgNz620zBY
gUl3UsGY9uFvOnoUAVsmeQT3rkRkX8BQeqbNvUlVQdfgqDmCGNB0QIbN0QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFILa8thB9ZSj3fRlTD2xD9/GWWs5MB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL2d0cnkyRUgxbEtQZDlHVk1QYkVQMzhaWmF6ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAE5t
6wMEAE5t7gMEAbk0ZDANBgkqhkiG9w0BAQsFAAOCAQEAMebbJsQGiNKv7CKQmdzp
fP/9nEXTXz07GN9E3ql5ytAFRyBhE4vrJosucdP9fi0uyG4sTSrsQ/2DjsVfyhFv
qSDps/dN0XQ4aTGGJfnOJS6EExQP9FpoV/ueJeVmDEO/A8tAHkSt1j/FqPVPJdES
xTtfv6D3GUbpP5s2KGIFMY1Z3/BVfGWySifOiUbf6G84ey9557n7WQMBY67l10Co
IR/vkcoj3hO4nvxtD/UnNpNTlj0/tCJFsL8xhCeOH+9o96n0kjuTBZph2zgssfwF
kP6NryMqgm6qNOGSvIholMZX8WrBoXuhsrMgMAaabWCX+L1TO5PaRWMpXyNfIxA3
ng==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:33 2025 by rpki-client