Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Gh8-iVRsv0qWvuH6FYo5X91HLC0.roa
File: Gh8-iVRsv0qWvuH6FYo5X91HLC0.roa (raw, json)
Hash identifier: TTN+aV0QnLWIFZTAy6HLb+bOZMWg4TQdsGZEyUovoxc=
Subject key identifier: 1A:1F:3E:89:54:6C:BF:4A:96:BE:E1:FA:15:8A:39:5F:DD:47:2C:2D
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E5FC31ABEF43A7AE5085F3402604CEA61
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Gh8-iVRsv0qWvuH6FYo5X91HLC0.roa
Signing time: Thu 21 Mar 2024 06:46:45 +0000
ROA not before: Thu 21 Mar 2024 06:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8439
IP address blocks: 109.226.64.0/18 maxlen: 18
185.10.180.0/22 maxlen: 22
185.50.8.0/22 maxlen: 22
188.122.224.0/19 maxlen: 19
193.106.240.0/22 maxlen: 22
213.178.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 21 Mar 2024 06:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:c3:1a:be:f4:3a:7a:e5:08:5f:34:02:60:4c:ea:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 21 06:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a1f3e89546cbf4a96bee1fa158a395fdd472c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:de:e5:fa:0b:39:22:f1:26:b6:72:d2:ac:
a5:5f:99:24:18:eb:02:24:67:5e:c5:f2:b6:22:f8:
18:40:e1:06:81:f3:8c:8a:5a:4d:d1:13:5c:7a:ec:
43:fd:e7:b4:a4:47:65:a6:a8:fd:03:a6:db:d4:e6:
b3:93:60:e2:ee:b0:18:47:51:83:42:1a:82:c2:b0:
96:d5:24:c9:22:00:8c:10:94:a5:71:de:3c:35:fb:
dd:78:9b:71:b6:51:8d:90:c4:c9:8b:2e:55:04:23:
fe:d9:b6:d2:cf:f8:b5:39:54:35:5d:00:ac:e0:fd:
26:cc:bf:8d:05:99:a4:5a:c7:58:86:a8:ec:cf:7f:
49:8b:90:ef:b9:d7:3b:84:2f:80:be:ad:3d:d3:a3:
92:38:28:b5:f5:e3:a0:00:48:cb:b6:00:52:87:74:
b1:8a:40:12:c1:90:9a:92:57:cb:04:ef:55:a2:cd:
1b:e1:75:98:b3:7c:2a:5f:78:be:3e:43:fa:c0:46:
90:b2:3f:9e:42:80:57:e8:41:6a:38:77:df:b6:af:
01:ab:25:12:56:eb:70:f4:4b:aa:09:e7:f6:cc:2a:
09:fb:ca:ac:f2:40:6a:9b:34:c1:8c:96:1a:83:eb:
40:fd:72:7c:30:35:33:d2:0d:ea:13:ec:99:f1:19:
1a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1F:3E:89:54:6C:BF:4A:96:BE:E1:FA:15:8A:39:5F:DD:47:2C:2D
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Gh8-iVRsv0qWvuH6FYo5X91HLC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.64.0/18
185.10.180.0/22
185.50.8.0/22
188.122.224.0/19
193.106.240.0/22
213.178.32.0/21
Signature Algorithm: sha256WithRSAEncryption
76:44:34:30:a6:57:c6:b8:82:a2:2d:1f:9c:68:5b:18:84:5e:
3a:f6:5e:1a:94:0c:fe:6b:cc:17:25:d7:be:b9:73:b6:ed:29:
71:9a:65:7a:7f:3c:50:03:7a:48:fc:09:77:e1:e3:7b:0c:08:
be:33:2a:2e:b1:a9:be:a4:3e:3c:7b:09:db:13:ad:3d:2b:32:
0d:dc:e9:c4:db:37:8d:ae:65:8b:a0:fb:97:a5:e4:86:92:73:
e8:fb:bf:76:a9:4f:b6:6b:bd:93:03:f3:a5:9c:6f:5f:fb:a9:
2e:20:d2:aa:da:0b:f5:a7:33:cd:86:d0:7a:1b:24:3d:e0:e3:
fd:4c:d3:7e:3c:0b:e5:d5:2d:04:33:6a:07:fd:74:3b:2b:65:
84:fc:1e:fd:11:c1:45:b0:87:41:7e:f3:95:55:d6:a7:37:c4:
41:d8:46:f4:62:df:97:73:e2:3e:ee:86:49:45:12:e0:c2:f1:
6b:42:5b:68:02:f2:0d:57:e6:e1:5d:e3:d1:37:68:b4:89:26:
3d:1c:f1:45:62:0b:b8:79:73:e3:6b:26:d7:9f:ab:30:ee:3e:
29:60:00:ed:06:d0:11:49:47:ed:e0:e6:e2:b9:10:e0:12:2f:
b3:ab:69:0f:3d:a8:c2:f6:3f:88:09:9e:e8:68:7a:e7:0d:72:
61:da:fc:c1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY5fwxq+9Dp65QhfNAJgTOphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzIxMDY0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFmM2U4OTU0NmNiZjRhOTZiZWUxZmExNThhMzk1ZmRkNDcyYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC3e5foLOSLxJrZy0qylX5kkGOsC
JGdexfK2IvgYQOEGgfOMilpN0RNceuxD/ee0pEdlpqj9A6bb1Oazk2Di7rAYR1GD
QhqCwrCW1STJIgCMEJSlcd48NfvdeJtxtlGNkMTJiy5VBCP+2bbSz/i1OVQ1XQCs
4P0mzL+NBZmkWsdYhqjsz39Ji5Dvudc7hC+Avq0906OSOCi19eOgAEjLtgBSh3Sx
ikASwZCaklfLBO9Vos0b4XWYs3wqX3i+PkP6wEaQsj+eQoBX6EFqOHfftq8BqyUS
Vutw9EuqCef2zCoJ+8qs8kBqmzTBjJYag+tA/XJ8MDUz0g3qE+yZ8RkaoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBofPolUbL9Klr7h+hWKOV/dRywtMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvR2g4LWlWUnN2MHFXdnVINkZZbzVYOTFITEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQGbeJAAwQC
uQq0AwQCuTIIAwQFvHrgAwQCwWrwAwQD1bIgMA0GCSqGSIb3DQEBCwUAA4IBAQB2
RDQwplfGuIKiLR+caFsYhF469l4alAz+a8wXJde+uXO27SlxmmV6fzxQA3pI/Al3
4eN7DAi+Myousam+pD48ewnbE609KzIN3OnE2zeNrmWLoPuXpeSGknPo+792qU+2
a72TA/OlnG9f+6kuINKq2gv1pzPNhtB6GyQ94OP9TNN+PAvl1S0EM2oH/XQ7K2WE
/B79EcFFsIdBfvOVVdanN8RB2Eb0Yt+Xc+I+7oZJRRLgwvFrQltoAvINV+bhXePR
N2i0iSY9HPFFYgu4eXPjaybXn6sw7j4pYADtBtARSUft4ObiuRDgEi+zq2kPPajC
9j+ICZ7oaHrnDXJh2vzB
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:57:08 2025 by rpki-client