Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/GNi1IEVTKsoan5O3_WMeQtcQO_o.roa
File: GNi1IEVTKsoan5O3_WMeQtcQO_o.roa (raw, json)
Hash identifier: 3e5SA/83vPKJIs/VbwBIBkLkbobBIma6XRyYkk2TKxo=
Subject key identifier: 18:D8:B5:20:45:53:2A:CA:1A:9F:93:B7:FD:63:1E:42:D7:10:3B:FA
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018DDBAD0E7D922B4CFB71AFC153A298F7E4
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/GNi1IEVTKsoan5O3_WMeQtcQO_o.roa
Signing time: Sat 24 Feb 2024 15:12:48 +0000
ROA not before: Sat 24 Feb 2024 15:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 24
5.180.112.0/24 maxlen: 24
5.180.113.0/24 maxlen: 24
185.194.208.0/22 maxlen: 22
2a10:7040::/29 maxlen: 29
2a10:7040:2::/64 maxlen: 64
Validation: Failed, certificate revoked on Sat 24 Feb 2024 15:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:ad:0e:7d:92:2b:4c:fb:71:af:c1:53:a2:98:f7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Feb 24 15:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d8b52045532aca1a9f93b7fd631e42d7103bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:63:e6:0a:3b:14:9f:97:9b:26:56:20:d6:
6f:81:dd:a6:f1:52:3b:45:57:ac:19:ad:66:61:ee:
71:6b:66:5a:0d:b5:36:a6:67:e1:64:90:a5:e0:65:
51:a5:55:41:ad:d7:1d:4d:a0:94:28:70:d8:47:cf:
91:a9:21:24:d4:d4:2f:c3:fc:9e:7a:26:dc:7f:c5:
58:36:f7:c1:11:60:a0:33:76:65:61:1d:c0:86:e1:
84:b8:30:b3:76:2c:24:ce:7b:1e:ec:87:25:59:ce:
d4:84:7d:46:18:b6:64:cd:d9:bc:84:91:b7:74:58:
60:be:7a:cd:c8:e1:88:bb:3d:da:a7:38:64:f8:de:
9e:f1:c1:23:6c:7b:3a:8d:85:28:cd:a4:f5:e3:e7:
b1:88:d5:ca:4b:c0:31:c7:e7:33:c8:ef:3a:2a:53:
05:e4:fc:a6:28:47:5c:c5:e8:28:0b:79:61:72:05:
29:eb:58:61:e7:19:e2:e6:f4:c6:f1:2c:ab:3c:cf:
89:d1:17:93:9a:97:8d:ff:e0:f8:0b:ee:23:c4:40:
d3:3b:83:db:52:d7:38:56:8b:47:77:70:96:82:52:
7e:c7:8f:9d:eb:16:39:6f:ef:02:be:17:e5:46:d1:
7e:92:af:84:d6:75:cc:32:ed:14:de:22:84:3f:0d:
35:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D8:B5:20:45:53:2A:CA:1A:9F:93:B7:FD:63:1E:42:D7:10:3B:FA
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/GNi1IEVTKsoan5O3_WMeQtcQO_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
86:98:0f:e0:98:7a:36:e9:69:37:bd:95:55:b9:79:d8:15:49:
84:8b:41:7f:6b:ad:ee:53:f5:ae:ed:9c:20:e2:e4:83:89:84:
db:65:71:7c:77:2e:6a:b1:f2:d7:69:2c:2a:50:b7:49:f9:56:
e7:51:b1:20:33:4a:f2:d4:63:e1:55:3e:55:fa:e3:42:bc:8e:
36:88:4f:95:97:bb:44:c0:c4:b2:65:f2:95:4f:4b:ac:91:f8:
78:12:73:f2:56:b6:c3:a0:b5:08:e6:f3:78:9d:98:12:34:c5:
a6:1f:ac:3e:76:60:a2:fc:5e:5e:19:b7:94:3f:d4:87:ce:ce:
9b:2d:49:87:b8:74:28:e9:47:3e:35:34:a6:82:d9:00:31:94:
64:40:d4:0e:99:dd:eb:e5:62:59:e3:03:72:0c:31:fc:02:60:
4c:ef:46:f1:76:99:a0:4e:20:cd:72:81:3d:f9:67:69:e9:95:
a1:ac:01:53:2f:6a:ad:cc:ef:fa:cb:28:79:a9:0b:3f:1c:17:
84:ed:33:80:87:5c:5c:eb:48:85:9e:df:b6:52:de:bc:d6:a8:
25:2c:ff:7f:88:66:c3:d0:de:b0:82:dd:1d:08:88:49:a0:ea:
3f:26:fc:e7:37:89:6d:92:98:f6:4b:94:9f:6e:a5:ae:72:54:
89:07:d9:48
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3brQ59kitM+3GvwVOimPfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjQwMjI0MTUxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ4YjUyMDQ1NTMyYWNhMWE5ZjkzYjdmZDYzMWU0MmQ3MTAzYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF9j5go7FJ+XmyZWINZvgd2m8VI7
RVesGa1mYe5xa2ZaDbU2pmfhZJCl4GVRpVVBrdcdTaCUKHDYR8+RqSEk1NQvw/ye
eibcf8VYNvfBEWCgM3ZlYR3AhuGEuDCzdiwkznse7IclWc7UhH1GGLZkzdm8hJG3
dFhgvnrNyOGIuz3apzhk+N6e8cEjbHs6jYUozaT14+exiNXKS8Axx+czyO86KlMF
5PymKEdcxegoC3lhcgUp61hh5xni5vTG8SyrPM+J0ReTmpeN/+D4C+4jxEDTO4Pb
Utc4VotHd3CWglJ+x4+d6xY5b+8CvhflRtF+kq+E1nXMMu0U3iKEPw01XQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBjYtSBFUyrKGp+Tt/1jHkLXEDv6MB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvR05pMUlFVlRLc29hbjVPM19XTWVRdGNRT19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQCGmA/g
mHo26Wk3vZVVuXnYFUmEi0F/a63uU/Wu7Zwg4uSDiYTbZXF8dy5qsfLXaSwqULdJ
+VbnUbEgM0ry1GPhVT5V+uNCvI42iE+Vl7tEwMSyZfKVT0uskfh4EnPyVrbDoLUI
5vN4nZgSNMWmH6w+dmCi/F5eGbeUP9SHzs6bLUmHuHQo6Uc+NTSmgtkAMZRkQNQO
md3r5WJZ4wNyDDH8AmBM70bxdpmgTiDNcoE9+Wdp6ZWhrAFTL2qtzO/6yyh5qQs/
HBeE7TOAh1xc60iFnt+2Ut681qglLP9/iGbD0N6wgt0dCIhJoOo/JvznN4ltkpj2
S5SfbqWuclSJB9lI
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:42:33 2025 by rpki-client