Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/GMotj_xIkF6zk0mUZVTv6RwuKqU.roa
File: GMotj_xIkF6zk0mUZVTv6RwuKqU.roa (raw, json)
Hash identifier: UFro3b07r6EwjPwXrddu1z1RqGNKW9nlEdVal+j7m24=
Subject key identifier: 18:CA:2D:8F:FC:48:90:5E:B3:93:49:94:65:54:EF:E9:1C:2E:2A:A5
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0194EBCB0D0932A96DCF6DADADA50A752CD0
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/GMotj_xIkF6zk0mUZVTv6RwuKqU.roa
Signing time: Sun 09 Feb 2025 17:39:00 +0000
ROA not before: Sun 09 Feb 2025 17:39:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 85.153.47.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 12:38:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:eb:cb:0d:09:32:a9:6d:cf:6d:ad:ad:a5:0a:75:2c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Feb 9 17:39:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18ca2d8ffc48905eb39349946554efe91c2e2aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1f:86:a2:a0:a2:87:e9:76:9d:ad:4f:be:72:
02:95:34:18:0e:07:c1:53:7b:38:d8:84:5d:0b:15:
c8:c8:5c:88:cb:cb:cb:2e:6e:62:30:4c:7d:c1:41:
23:01:96:26:ef:d9:95:ed:4b:6e:9d:6a:29:3b:1c:
d4:81:ce:e5:a5:8b:f5:35:ea:b2:48:bf:1b:08:2f:
33:56:f6:d0:4a:41:89:64:da:fd:8e:29:a4:93:94:
26:ad:14:c9:04:9e:63:c0:41:86:51:77:f0:9c:03:
61:8d:c6:1a:bf:4f:b8:80:d7:1d:2b:70:a7:c8:df:
6f:af:0d:6b:61:a8:ce:90:64:10:e6:e4:cf:0b:6f:
f3:37:dc:7d:8e:ed:99:4e:17:cf:e7:60:ff:e8:a8:
f0:70:46:7a:3b:11:15:a6:ec:c9:1b:25:58:6e:6d:
52:21:30:71:63:67:3f:a0:5e:6f:ca:58:65:b8:56:
c6:20:4c:dd:5a:dc:a3:e6:0f:46:69:4b:e6:bd:b1:
0c:ea:29:a2:8f:a9:0d:36:73:90:41:fb:58:4b:1a:
e4:e1:d0:d7:a4:e4:c1:f4:11:6e:8d:a7:77:d9:08:
f6:90:79:d9:8a:09:40:38:0d:78:6a:c0:42:06:bd:
9e:5a:ed:8d:32:df:33:25:ed:a9:91:f9:7e:ec:bc:
ab:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CA:2D:8F:FC:48:90:5E:B3:93:49:94:65:54:EF:E9:1C:2E:2A:A5
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/GMotj_xIkF6zk0mUZVTv6RwuKqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.47.0/24
85.153.117.0/24
Signature Algorithm: sha256WithRSAEncryption
87:4a:52:cb:4e:a1:ca:d9:3f:a2:49:ee:47:31:7a:8e:7a:a6:
4f:bd:d8:4b:f4:c3:3b:b5:df:ed:26:37:75:a8:10:13:ba:9e:
e2:36:e7:7f:06:52:4a:c9:3d:6b:ef:ee:49:dd:5f:0f:a1:3d:
71:4b:dd:45:b6:12:52:e8:51:49:91:18:cb:3d:16:a0:b5:fb:
d7:b0:ed:7a:97:a2:aa:90:9a:ea:6c:7b:0b:f3:25:72:3b:02:
8a:6e:9f:fc:84:29:5a:b3:46:ff:c4:ff:e1:0f:8f:0e:42:d4:
82:3e:81:a4:32:f7:90:38:a3:bc:7d:8b:ce:a2:62:1b:01:ec:
9e:fe:b6:a3:b5:a7:34:85:a8:d4:0a:ae:2f:bb:74:a9:1d:08:
ce:b5:8b:58:5d:76:3d:2f:7f:e1:bc:db:53:ae:03:2e:70:9b:
8f:49:30:63:f5:3b:08:0a:16:b3:d3:f6:dc:6d:36:f0:a5:27:
5d:4b:6f:5c:12:6f:2b:0a:bf:34:b5:89:d8:5b:c9:0c:f4:6a:
4d:57:06:10:7a:58:5d:6d:55:44:5a:5b:a1:cc:80:c5:03:db:
6d:05:f6:f2:7d:29:60:2a:35:56:a4:96:29:73:98:a6:72:f5:
0d:23:f0:60:3c:7b:58:a8:e6:84:fc:b3:ab:ee:4d:12:f3:aa:
f2:b8:1d:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTryw0JMqltz22traUKdSzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMjA5MTczOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGNhMmQ4ZmZjNDg5MDVlYjM5MzQ5OTQ2NTU0ZWZlOTFjMmUyYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR+GoqCih+l2na1PvnIClTQYDgfB
U3s42IRdCxXIyFyIy8vLLm5iMEx9wUEjAZYm79mV7UtunWopOxzUgc7lpYv1Neqy
SL8bCC8zVvbQSkGJZNr9jimkk5QmrRTJBJ5jwEGGUXfwnANhjcYav0+4gNcdK3Cn
yN9vrw1rYajOkGQQ5uTPC2/zN9x9ju2ZThfP52D/6KjwcEZ6OxEVpuzJGyVYbm1S
ITBxY2c/oF5vylhluFbGIEzdWtyj5g9GaUvmvbEM6imij6kNNnOQQftYSxrk4dDX
pOTB9BFujad32Qj2kHnZiglAOA14asBCBr2eWu2NMt8zJe2pkfl+7LyrWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBjKLY/8SJBes5NJlGVU7+kcLiqlMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvR01vdGpfeElrRjZ6azBtVVpWVHY2Und1S3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZkvAwQA
VZl1MA0GCSqGSIb3DQEBCwUAA4IBAQCHSlLLTqHK2T+iSe5HMXqOeqZPvdhL9MM7
td/tJjd1qBATup7iNud/BlJKyT1r7+5J3V8PoT1xS91FthJS6FFJkRjLPRagtfvX
sO16l6KqkJrqbHsL8yVyOwKKbp/8hClas0b/xP/hD48OQtSCPoGkMveQOKO8fYvO
omIbAeye/rajtac0hajUCq4vu3SpHQjOtYtYXXY9L3/hvNtTrgMucJuPSTBj9TsI
Chaz0/bcbTbwpSddS29cEm8rCr80tYnYW8kM9GpNVwYQelhdbVVEWluhzIDFA9tt
BfbyfSlgKjVWpJYpc5imcvUNI/BgPHtYqOaE/LOr7k0S86ryuB1C
-----END CERTIFICATE-----
Generated at Fri May 2 05:01:10 2025 by rpki-client