Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/GnYZC71fm6TZyk4utpU3vh7C3e0.roa
File: GnYZC71fm6TZyk4utpU3vh7C3e0.roa (raw, json)
Hash identifier: ToIT6O50YkSF3s1OxWVjdBv3ff1UFLZzLu04on4hiOc=
Subject key identifier: 1A:76:19:0B:BD:5F:9B:A4:D9:CA:4E:2E:B6:95:37:BE:1E:C2:DD:ED
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01963F5B9C1E0AD093C71A5749B4B12FACCB
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/GnYZC71fm6TZyk4utpU3vh7C3e0.roa
Signing time: Wed 16 Apr 2025 16:08:10 +0000
ROA not before: Wed 16 Apr 2025 16:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
213.18.216.0/22 maxlen: 24
217.179.80.0/22 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:5b:9c:1e:0a:d0:93:c7:1a:57:49:b4:b1:2f:ac:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 16 16:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a76190bbd5f9ba4d9ca4e2eb69537be1ec2dded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3c:ed:49:ae:40:3f:fc:f0:c9:ad:05:22:63:
83:6d:98:29:3e:b4:d1:d9:6a:6e:98:0a:a5:b0:06:
cb:af:cb:52:8f:1c:be:7d:1b:59:01:fa:ae:76:cf:
02:55:89:61:d4:86:49:0f:9d:44:3f:f0:d8:f5:5d:
89:0d:b6:04:db:db:24:7c:07:d9:c6:29:b1:cd:ec:
33:ec:b2:d7:ef:eb:59:ef:0b:14:f9:de:59:50:f4:
11:35:64:6c:87:1d:52:8c:43:de:50:6a:72:50:86:
ab:53:04:53:e1:e0:3c:2c:c0:75:6c:5f:68:d2:78:
ff:c2:9c:86:c0:03:d2:dd:b3:4c:d8:fd:7d:ca:39:
a3:39:60:32:8e:f6:35:7e:ac:e9:50:27:38:eb:30:
10:36:04:36:98:ef:a9:e8:dc:62:ad:ce:c6:5c:90:
e9:7d:fe:ea:4b:3b:f7:7e:53:4c:bb:69:93:52:f3:
fa:90:1f:12:34:95:1b:f1:56:d8:3b:96:45:ee:81:
30:31:91:fb:fa:b9:88:9d:22:57:0e:85:3d:c6:b7:
14:fc:c0:06:48:3e:63:1e:58:16:8a:e0:ed:b6:5a:
b1:f9:42:1e:f7:78:c9:16:d5:96:02:47:19:e3:22:
cb:d7:57:b7:28:d9:28:12:f4:8d:32:ed:a0:42:24:
90:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:76:19:0B:BD:5F:9B:A4:D9:CA:4E:2E:B6:95:37:BE:1E:C2:DD:ED
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/GnYZC71fm6TZyk4utpU3vh7C3e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
194.238.80.0-194.238.91.255
213.18.192.0/22
213.18.216.0/22
217.179.80.0/22
217.181.88.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:82:07:2d:82:d1:a3:6e:21:af:90:9c:29:f3:06:a7:21:54:
42:a4:8c:55:82:2e:7e:ac:3e:be:17:eb:bb:a5:91:8d:57:73:
2b:74:3a:6c:96:8e:53:9f:09:6e:92:b4:c9:94:59:13:5f:fc:
11:b4:74:44:a4:f4:df:22:0f:d6:60:b1:88:f4:d3:15:f8:82:
2c:c9:b1:5d:3b:d4:39:78:d7:d4:e0:d0:87:12:d7:0f:d6:f3:
0c:87:96:68:2e:63:d3:da:31:a4:73:ad:41:cf:7a:19:16:06:
17:4e:35:e7:32:6f:38:27:b1:af:0f:27:22:b0:d0:e4:2d:ce:
39:6a:b0:68:cc:d6:e4:2c:e9:88:ea:6c:8f:8b:cd:5c:14:4d:
83:f6:6a:2d:52:3c:78:68:f2:cc:ba:00:44:10:a1:f4:bf:35:
86:9d:a1:34:d8:83:57:03:dc:11:28:69:20:d7:39:7f:13:f6:
4b:e4:38:68:fc:2c:f3:b2:90:5f:5c:74:af:aa:f5:dc:31:ed:
9f:80:90:a4:a7:85:14:36:87:eb:2f:4d:34:93:4e:a0:76:1d:
79:68:d2:f5:72:f0:4f:5a:e9:43:64:d1:db:fc:0b:c4:c8:54:
95:c3:07:aa:cc:83:6d:c6:67:18:90:ab:cb:46:ac:1a:e0:91:
85:40:85:b7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZY/W5weCtCTxxpXSbSxL6zLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDE2MTYwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc2MTkwYmJkNWY5YmE0ZDljYTRlMmViNjk1MzdiZTFlYzJkZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TztSa5AP/zwya0FImODbZgpPrTR
2WpumAqlsAbLr8tSjxy+fRtZAfquds8CVYlh1IZJD51EP/DY9V2JDbYE29skfAfZ
ximxzewz7LLX7+tZ7wsU+d5ZUPQRNWRshx1SjEPeUGpyUIarUwRT4eA8LMB1bF9o
0nj/wpyGwAPS3bNM2P19yjmjOWAyjvY1fqzpUCc46zAQNgQ2mO+p6Nxirc7GXJDp
ff7qSzv3flNMu2mTUvP6kB8SNJUb8VbYO5ZF7oEwMZH7+rmInSJXDoU9xrcU/MAG
SD5jHlgWiuDttlqx+UIe93jJFtWWAkcZ4yLL11e3KNkoEvSNMu2gQiSQdwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBp2GQu9X5uk2cpOLraVN74ewt3tMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvR25ZWkM3MWZtNlRaeWs0dXRwVTN2aDdDM2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCwu4sAwQC
wu5IMAwDBATC7lADBALC7lgDBALVEsADBALVEtgDBALZs1ADBALZtVgwDQYJKoZI
hvcNAQELBQADggEBAC6CBy2C0aNuIa+QnCnzBqchVEKkjFWCLn6sPr4X67ulkY1X
cyt0OmyWjlOfCW6StMmUWRNf/BG0dESk9N8iD9ZgsYj00xX4gizJsV071Dl419Tg
0IcS1w/W8wyHlmguY9PaMaRzrUHPehkWBhdONecybzgnsa8PJyKw0OQtzjlqsGjM
1uQs6YjqbI+LzVwUTYP2ai1SPHho8sy6AEQQofS/NYadoTTYg1cD3BEoaSDXOX8T
9kvkOGj8LPOykF9cdK+q9dwx7Z+AkKSnhRQ2h+svTTSTTqB2HXlo0vVy8E9a6UNk
0dv8C8TIVJXDB6rMg23GZxiQq8tGrBrgkYVAhbc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:24:11 2025 by rpki-client