Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/girmpSCKrlTOXIu3jZHzUN9xsv0.roa
File: girmpSCKrlTOXIu3jZHzUN9xsv0.roa (raw, json)
Hash identifier: xHKJgVVA5s/UaiGZFQACJ2fNBUgUAfHYoDe0ckJ/zoM=
Subject key identifier: 82:2A:E6:A5:20:8A:AE:54:CE:5C:8B:B7:8D:91:F3:50:DF:71:B2:FD
Certificate issuer: /CN=977775ce8804695996ce77c7d3681b9c241b362f
Certificate serial: 018CC56E2AB3A53B6663A01E7E2ACE1D2F18
Authority key identifier: 97:77:75:CE:88:04:69:59:96:CE:77:C7:D3:68:1B:9C:24:1B:36:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3d1zogEaVmWznfH02gbnCQbNi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/girmpSCKrlTOXIu3jZHzUN9xsv0.roa
Signing time: Mon 01 Jan 2024 14:29:40 +0000
ROA not before: Mon 01 Jan 2024 14:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199829
IP address blocks: 185.45.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2a:b3:a5:3b:66:63:a0:1e:7e:2a:ce:1d:2f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=977775ce8804695996ce77c7d3681b9c241b362f
Validity
Not Before: Jan 1 14:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822ae6a5208aae54ce5c8bb78d91f350df71b2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:84:51:c2:70:ac:a0:47:b6:8f:f9:e6:d0:11:
12:92:b4:54:23:3a:2c:9b:8b:2d:c3:e9:57:f4:97:
6b:1a:da:b0:a1:1a:f3:c1:7a:cf:8b:8f:e2:17:42:
70:d1:2a:31:88:f9:b9:2e:13:0a:d5:b5:5d:98:e2:
fe:86:9e:a7:12:8d:ee:e6:65:d0:92:b2:8f:a0:0a:
da:59:32:9c:df:15:59:20:63:93:7a:02:ee:71:12:
ab:76:d3:21:64:de:27:d1:35:d7:b7:40:59:cc:e6:
2d:96:92:4f:f0:a6:46:2d:5f:59:ce:3a:e8:0c:c3:
ae:b3:8a:64:34:4a:d1:59:25:2e:a3:3c:e1:4d:17:
f3:39:f5:19:36:e6:28:83:93:67:d9:9f:13:87:5c:
e5:7d:8b:8b:90:84:44:e9:2a:be:a0:02:b6:48:29:
49:9b:e1:d4:d0:cf:18:02:2f:d3:89:f7:b5:c5:82:
d0:4b:8d:e9:80:c5:e5:19:22:2b:df:36:2d:4f:82:
68:d6:ac:4c:6f:8c:9e:8f:34:d5:e5:3e:49:d2:16:
af:cf:c5:7f:24:60:f3:90:24:4b:d7:ac:b5:e6:d2:
54:ac:e0:fd:6d:d6:2d:4b:82:4b:b2:35:79:be:5f:
84:85:1c:a4:df:f5:43:c6:69:11:35:9d:d7:7a:0b:
22:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2A:E6:A5:20:8A:AE:54:CE:5C:8B:B7:8D:91:F3:50:DF:71:B2:FD
X509v3 Authority Key Identifier:
keyid:97:77:75:CE:88:04:69:59:96:CE:77:C7:D3:68:1B:9C:24:1B:36:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3d1zogEaVmWznfH02gbnCQbNi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/girmpSCKrlTOXIu3jZHzUN9xsv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/l3d1zogEaVmWznfH02gbnCQbNi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:7b:a6:a4:b8:ec:5a:d2:47:a5:41:9c:8d:9b:56:86:85:d5:
ff:d1:1b:60:a2:a4:71:5b:79:7d:a8:17:70:47:87:af:09:6f:
6a:7f:4c:a1:b9:5d:e4:cc:71:09:b7:c8:dc:16:6c:e6:cf:60:
f2:e9:77:96:f9:fa:df:64:e0:4d:98:1b:8a:e0:28:98:7d:86:
5b:a8:72:fc:b7:73:aa:a0:9d:b7:2d:8e:b8:1b:6b:f0:16:7d:
82:57:f2:79:61:06:98:d8:f7:2b:5d:81:de:cf:ca:db:87:4a:
6f:80:57:a0:fc:8e:a2:32:cd:de:98:ea:ba:8c:91:2d:78:bf:
82:9e:f4:04:b4:3d:f2:a4:eb:f4:37:d4:e6:66:f9:a7:26:4d:
44:0f:0c:53:7b:d4:bf:f5:bc:3e:b4:da:bf:37:c9:aa:5a:f3:
57:a7:dd:82:95:ba:4d:9e:f1:cb:75:8d:4b:f3:37:72:c0:2c:
86:fd:1b:58:56:c4:f2:34:4b:9e:b0:f8:fe:1f:6d:a8:27:c5:
f6:c5:38:3a:7b:a9:3e:b0:2a:90:e0:34:a4:14:d6:55:ab:73:
60:95:88:a9:11:4b:32:30:6e:7a:fe:8a:82:30:a6:09:ab:49:
ae:a6:f0:bb:a4:79:bc:ab:0b:34:6e:8b:8b:2c:7a:0b:85:2c:
fb:9d:c7:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbiqzpTtmY6AefirOHS8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Nzc3NWNlODgwNDY5NTk5NmNlNzdjN2QzNjgxYjljMjQx
YjM2MmYwHhcNMjQwMTAxMTQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJhZTZhNTIwOGFhZTU0Y2U1YzhiYjc4ZDkxZjM1MGRmNzFiMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYRRwnCsoEe2j/nm0BESkrRUIzos
m4stw+lX9JdrGtqwoRrzwXrPi4/iF0Jw0SoxiPm5LhMK1bVdmOL+hp6nEo3u5mXQ
krKPoAraWTKc3xVZIGOTegLucRKrdtMhZN4n0TXXt0BZzOYtlpJP8KZGLV9Zzjro
DMOus4pkNErRWSUuozzhTRfzOfUZNuYog5Nn2Z8Th1zlfYuLkIRE6Sq+oAK2SClJ
m+HU0M8YAi/Tife1xYLQS43pgMXlGSIr3zYtT4Jo1qxMb4yejzTV5T5J0havz8V/
JGDzkCRL16y15tJUrOD9bdYtS4JLsjV5vl+EhRyk3/VDxmkRNZ3XegsiXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIq5qUgiq5UzlyLt42R81DfcbL9MB8GA1UdIwQY
MBaAFJd3dc6IBGlZls53x9NoG5wkGzYvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNkMXpvZ0VhVm1Xem5mSDAyZ2JuQ1FiTmk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iYzhlMTAtNDYxZS00Y2U0LThiZTkt
NjIzOTczM2M2MTg0LzEvZ2lybXBTQ0tybFRPWEl1M2paSHpVTjl4c3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iYzhlMTAtNDYxZS00Y2U0LThiZTktNjIzOTczM2M2MTg0
LzEvbDNkMXpvZ0VhVm1Xem5mSDAyZ2JuQ1FiTmk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS0QMA0G
CSqGSIb3DQEBCwUAA4IBAQAqe6akuOxa0kelQZyNm1aGhdX/0RtgoqRxW3l9qBdw
R4evCW9qf0yhuV3kzHEJt8jcFmzmz2Dy6XeW+frfZOBNmBuK4CiYfYZbqHL8t3Oq
oJ23LY64G2vwFn2CV/J5YQaY2PcrXYHez8rbh0pvgFeg/I6iMs3emOq6jJEteL+C
nvQEtD3ypOv0N9TmZvmnJk1EDwxTe9S/9bw+tNq/N8mqWvNXp92ClbpNnvHLdY1L
8zdywCyG/RtYVsTyNEuesPj+H22oJ8X2xTg6e6k+sCqQ4DSkFNZVq3NglYipEUsy
MG56/oqCMKYJq0mupvC7pHm8qws0bouLLHoLhSz7ncc9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:29 2025 by rpki-client