Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Gvd8jn_oG3tSt78l5FZzAnTep7c.roa
File: Gvd8jn_oG3tSt78l5FZzAnTep7c.roa (raw, json)
Hash identifier: 6rTh3+4ZMOUU+xEJmtsEU4gmJGm7UVGKFn5MJjpVhpY=
Subject key identifier: 1A:F7:7C:8E:7F:E8:1B:7B:52:B7:BF:25:E4:56:73:02:74:DE:A7:B7
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0195D2C7E345FC73EE9DBCC20A9E46D79A39
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Gvd8jn_oG3tSt78l5FZzAnTep7c.roa
Signing time: Wed 26 Mar 2025 14:07:50 +0000
ROA not before: Wed 26 Mar 2025 14:07:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
84.42.92.0/22 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
92.50.204.0/23 maxlen: 23
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 23
188.254.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 26 Mar 2025 14:19:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:c7:e3:45:fc:73:ee:9d:bc:c2:0a:9e:46:d7:9a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 26 14:07:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1af77c8e7fe81b7b52b7bf25e456730274dea7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9f:f6:6e:4c:7c:5e:27:e9:e4:c3:1d:f1:af:
ce:ec:6d:a1:25:a8:74:a6:ab:f5:49:6e:86:e0:d6:
f1:26:cf:ae:02:52:ce:80:bc:10:81:d2:cd:54:cf:
1e:b7:db:c3:69:be:d9:af:7a:a5:0d:d5:06:81:e5:
77:cb:21:cf:f6:9a:f9:8b:81:ee:9a:7d:1b:2e:7f:
18:a5:7b:6d:16:79:08:55:8a:ea:c7:84:e4:ba:d1:
29:75:b1:f2:b9:73:89:fc:ae:54:62:90:33:c1:52:
c3:00:df:8f:13:9d:dc:43:c5:6a:b9:08:89:48:cd:
eb:85:9a:41:c4:c8:01:e9:4a:22:1c:17:e3:4d:93:
92:99:7e:00:f2:28:9f:a8:c7:b4:65:6e:f3:82:a4:
de:89:7d:42:14:7b:96:a1:ad:6a:5d:1a:0a:ff:15:
83:6d:9c:1c:8c:87:d4:78:75:09:f4:0c:11:37:5b:
a9:7f:6b:38:83:96:30:fc:03:44:26:67:86:4a:cb:
83:98:a1:3e:ac:2d:9f:a1:7a:b3:29:2a:d5:9e:0e:
f6:64:38:17:4d:90:c4:64:4f:0a:93:00:59:9a:f5:
7c:a3:be:55:c3:a5:05:2a:c8:bc:c3:0d:35:00:f7:
2d:ed:2f:cc:fb:e9:e5:99:37:45:f1:3d:42:4b:d3:
28:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F7:7C:8E:7F:E8:1B:7B:52:B7:BF:25:E4:56:73:02:74:DE:A7:B7
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Gvd8jn_oG3tSt78l5FZzAnTep7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
84.42.92.0/22
92.50.204.0/23
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:88:46:b0:ef:0d:47:44:bc:c3:93:10:df:4d:81:86:82:3d:
4b:98:8c:34:36:7a:fd:c1:27:a9:d6:79:cc:da:eb:de:78:65:
0f:ef:41:d2:fd:7d:30:21:7a:2b:31:32:ff:61:6a:5a:a1:dc:
4c:65:33:e2:76:99:35:d5:76:28:17:94:29:da:eb:13:67:de:
17:1e:52:ab:bc:9a:7b:62:0f:1d:59:4a:04:62:b5:58:00:5e:
40:ee:b4:0a:98:ef:95:0c:e7:60:e0:a7:93:56:7c:89:cb:5c:
84:c7:21:9f:9a:76:f3:98:68:0d:4c:93:5d:c6:1f:5b:b5:b0:
ad:84:7a:24:dd:c0:e8:04:73:e6:a5:4f:2a:72:0a:74:6b:06:
d1:4f:d3:50:09:c6:05:7c:e4:9a:5f:a9:a1:07:e2:32:58:61:
97:2e:d7:14:15:2c:09:45:d4:2b:45:2a:ab:2b:e3:e5:20:de:
a5:a7:c9:17:57:6c:f0:b2:77:21:55:4d:69:90:ce:76:52:48:
6e:f3:50:24:68:8b:d2:65:a2:68:74:4e:8f:e2:c3:16:c5:b5:
0d:ca:f7:36:61:6d:22:d9:44:05:4c:1b:77:1d:47:2f:62:3c:
df:7c:24:c1:93:8d:16:de:50:1d:f3:48:76:cb:c7:c9:2a:fe:
26:c7:4e:1d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZXSx+NF/HPunbzCCp5G15o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMzI2MTQwNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY3N2M4ZTdmZTgxYjdiNTJiN2JmMjVlNDU2NzMwMjc0ZGVhN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5/2bkx8Xifp5MMd8a/O7G2hJah0
pqv1SW6G4NbxJs+uAlLOgLwQgdLNVM8et9vDab7Zr3qlDdUGgeV3yyHP9pr5i4Hu
mn0bLn8YpXttFnkIVYrqx4TkutEpdbHyuXOJ/K5UYpAzwVLDAN+PE53cQ8VquQiJ
SM3rhZpBxMgB6UoiHBfjTZOSmX4A8iifqMe0ZW7zgqTeiX1CFHuWoa1qXRoK/xWD
bZwcjIfUeHUJ9AwRN1upf2s4g5Yw/ANEJmeGSsuDmKE+rC2foXqzKSrVng72ZDgX
TZDEZE8KkwBZmvV8o75Vw6UFKsi8ww01APct7S/M++nlmTdF8T1CS9MopQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBr3fI5/6Bt7Ure/JeRWcwJ03qe3MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvR3ZkOGpuX29HM3RTdDc4bDVGWnpBblRlcDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQCVCpcAwQBXDLMAwQAsNBKAwQCsNN4AwQB
vIBMAwQBvP56MA0GCSqGSIb3DQEBCwUAA4IBAQBdiEaw7w1HRLzDkxDfTYGGgj1L
mIw0Nnr9wSep1nnM2uveeGUP70HS/X0wIXorMTL/YWpaodxMZTPidpk11XYoF5Qp
2usTZ94XHlKrvJp7Yg8dWUoEYrVYAF5A7rQKmO+VDOdg4KeTVnyJy1yExyGfmnbz
mGgNTJNdxh9btbCthHok3cDoBHPmpU8qcgp0awbRT9NQCcYFfOSaX6mhB+IyWGGX
LtcUFSwJRdQrRSqrK+PlIN6lp8kXV2zwsnchVU1pkM52Ukhu81AkaIvSZaJodE6P
4sMWxbUNyvc2YW0i2UQFTBt3HUcvYjzffCTBk40W3lAd80h2y8fJKv4mx04d
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:02:54 2025 by rpki-client