Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/Gtx_TpwAOtLROjRcp6hX1EJNfE0.roa
File: Gtx_TpwAOtLROjRcp6hX1EJNfE0.roa (raw, json)
Hash identifier: /iOOv00wWAmFQz/ul0DNRUMFLJhad15tW3lPX3wKb3s=
Subject key identifier: 1A:DC:7F:4E:9C:00:3A:D2:D1:3A:34:5C:A7:A8:57:D4:42:4D:7C:4D
Certificate issuer: /CN=5534e9bb0ee4d30c31e76afa691adc9279b3f356
Certificate serial: 0195C8AD8675D2DE90E2128389CB87275018
Authority key identifier: 55:34:E9:BB:0E:E4:D3:0C:31:E7:6A:FA:69:1A:DC:92:79:B3:F3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/Gtx_TpwAOtLROjRcp6hX1EJNfE0.roa
Signing time: Mon 24 Mar 2025 15:02:50 +0000
ROA not before: Mon 24 Mar 2025 15:02:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20878
IP address blocks: 176.74.0.0/21 maxlen: 21
176.74.1.0/24 maxlen: 24
176.74.3.0/24 maxlen: 24
176.74.6.0/24 maxlen: 24
176.74.7.0/24 maxlen: 24
185.66.32.0/22 maxlen: 22
185.66.33.0/24 maxlen: 24
185.66.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 10:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:ad:86:75:d2:de:90:e2:12:83:89:cb:87:27:50:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5534e9bb0ee4d30c31e76afa691adc9279b3f356
Validity
Not Before: Mar 24 15:02:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1adc7f4e9c003ad2d13a345ca7a857d4424d7c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:db:16:e8:b8:da:e5:9c:6b:0d:15:7b:e1:f4:
c8:dc:4a:1e:c9:99:8d:15:6a:23:43:6d:07:b4:d2:
1e:d6:6e:7a:f8:f8:19:3d:8d:29:99:5e:c4:53:41:
3d:5c:c5:55:37:e2:b7:e8:02:7b:f6:33:06:e6:96:
28:9f:1b:c9:a2:ee:b7:d5:4f:6e:c3:cb:fb:f6:f9:
cc:ed:59:a2:81:f7:f7:4f:d6:f9:78:32:9f:e8:8c:
79:a0:f7:29:ec:8e:eb:47:14:32:ee:bd:f7:03:62:
a0:58:5c:df:07:88:5a:b1:52:49:67:29:92:7a:c3:
c9:e8:4c:7e:a9:4a:55:2a:3d:c2:fb:ac:27:79:06:
c2:b0:9e:b3:d1:41:13:45:8c:60:d2:d5:ad:00:65:
8c:7d:29:bd:ef:64:0e:a1:23:d4:36:9e:6f:99:db:
6c:37:1f:41:cc:24:0c:93:0b:7c:7f:5f:4c:fe:39:
41:0d:4d:6e:4f:bb:02:85:9c:51:a5:19:97:a0:6c:
02:e8:42:7d:28:f0:4e:fb:ea:c1:bd:30:c1:cf:21:
12:ef:ac:7d:5c:df:a3:9a:81:10:f4:35:e2:a6:a8:
14:d1:46:40:70:4a:b5:1a:5b:c0:28:11:6b:bc:82:
d8:d6:9f:3e:40:45:e6:60:35:68:6e:9b:d4:ed:e3:
59:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DC:7F:4E:9C:00:3A:D2:D1:3A:34:5C:A7:A8:57:D4:42:4D:7C:4D
X509v3 Authority Key Identifier:
keyid:55:34:E9:BB:0E:E4:D3:0C:31:E7:6A:FA:69:1A:DC:92:79:B3:F3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/Gtx_TpwAOtLROjRcp6hX1EJNfE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/VTTpuw7k0wwx52r6aRrcknmz81Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.0.0/21
185.66.32.0/22
Signature Algorithm: sha256WithRSAEncryption
14:ae:94:25:78:35:3a:2e:4e:b6:d3:d5:d3:74:96:43:e1:e0:
a7:b3:9c:f4:c7:ff:06:46:84:40:c5:3a:ce:ca:60:f0:46:1b:
e4:d6:d3:26:6e:8d:6c:8f:76:d0:46:40:02:c4:b3:1d:50:fa:
3d:cd:51:d4:92:f6:9f:27:e4:92:92:05:f6:2a:81:09:fc:3c:
c7:6a:4e:39:bf:0c:d3:a9:1b:60:c9:7f:03:2f:d8:4b:04:e0:
90:45:20:2f:d9:bc:2f:cc:b6:66:f8:af:67:1e:a3:c6:f7:a4:
6c:94:3e:f8:34:4c:35:6e:f9:db:7d:5e:0b:e4:11:09:a7:16:
a3:38:da:a9:71:b2:36:ed:f2:b9:93:22:cf:26:e6:22:ef:9f:
8a:40:db:fc:11:12:a7:d4:22:32:1d:15:9c:2d:17:d7:fc:52:
ac:23:71:0b:6d:d7:8c:2f:72:b5:79:8e:4a:3b:f0:e3:c4:d1:
97:ef:78:bc:d1:23:cc:11:50:64:f2:68:aa:4a:79:b5:cd:a1:
07:b2:ca:a9:ef:df:f0:ec:d5:c6:45:45:c5:03:0e:be:10:6a:
6e:ec:19:f6:96:12:35:17:3e:3f:35:3c:bd:41:33:d8:91:7f:
8b:2f:a9:00:27:1d:a8:41:30:05:b9:b5:5f:d1:55:b5:7d:69:
11:5b:e8:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXIrYZ10t6Q4hKDicuHJ1AYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MzRlOWJiMGVlNGQzMGMzMWU3NmFmYTY5MWFkYzkyNzli
M2YzNTYwHhcNMjUwMzI0MTUwMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWRjN2Y0ZTljMDAzYWQyZDEzYTM0NWNhN2E4NTdkNDQyNGQ3YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tsW6Lja5ZxrDRV74fTI3EoeyZmN
FWojQ20HtNIe1m56+PgZPY0pmV7EU0E9XMVVN+K36AJ79jMG5pYonxvJou631U9u
w8v79vnM7Vmigff3T9b5eDKf6Ix5oPcp7I7rRxQy7r33A2KgWFzfB4hasVJJZymS
esPJ6Ex+qUpVKj3C+6wneQbCsJ6z0UETRYxg0tWtAGWMfSm972QOoSPUNp5vmdts
Nx9BzCQMkwt8f19M/jlBDU1uT7sChZxRpRmXoGwC6EJ9KPBO++rBvTDBzyES76x9
XN+jmoEQ9DXipqgU0UZAcEq1GlvAKBFrvILY1p8+QEXmYDVobpvU7eNZUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBrcf06cADrS0To0XKeoV9RCTXxNMB8GA1UdIwQY
MBaAFFU06bsO5NMMMedq+mka3JJ5s/NWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlRUcHV3N2swd3d4NTJyNmFScmNrbm16ODFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNGJhNjMtY2Q5YS00MzExLWI0MTYt
NjRmMjMxZGQ0MDQyLzEvR3R4X1Rwd0FPdExST2pSY3A2aFgxRUpOZkUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNGJhNjMtY2Q5YS00MzExLWI0MTYtNjRmMjMxZGQ0MDQy
LzEvVlRUcHV3N2swd3d4NTJyNmFScmNrbm16ODFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsEoAAwQC
uUIgMA0GCSqGSIb3DQEBCwUAA4IBAQAUrpQleDU6Lk6209XTdJZD4eCns5z0x/8G
RoRAxTrOymDwRhvk1tMmbo1sj3bQRkACxLMdUPo9zVHUkvafJ+SSkgX2KoEJ/DzH
ak45vwzTqRtgyX8DL9hLBOCQRSAv2bwvzLZm+K9nHqPG96RslD74NEw1bvnbfV4L
5BEJpxajONqpcbI27fK5kyLPJuYi75+KQNv8ERKn1CIyHRWcLRfX/FKsI3ELbdeM
L3K1eY5KO/DjxNGX73i80SPMEVBk8miqSnm1zaEHssqp79/w7NXGRUXFAw6+EGpu
7Bn2lhI1Fz4/NTy9QTPYkX+LL6kAJx2oQTAFubVf0VW1fWkRW+hR
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:32 2025 by rpki-client