Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/gCMBJJRpyWfCSByNghU-aITGZwI.roa
File: gCMBJJRpyWfCSByNghU-aITGZwI.roa (raw, json)
Hash identifier: OS+Xy7gYe5Ynlardg39AsdKivbxdWh2YBpterC+7jFs=
Subject key identifier: 80:23:01:24:94:69:C9:67:C2:48:1C:8D:82:15:3E:68:84:C6:67:02
Certificate issuer: /CN=c30d03e64676e720a4ff55179e196fec6591886b
Certificate serial: 018FCF1010BED1B86E9D7B5D060B2BCBCB31
Authority key identifier: C3:0D:03:E6:46:76:E7:20:A4:FF:55:17:9E:19:6F:EC:65:91:88:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ww0D5kZ25yCk_1UXnhlv7GWRiGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/gCMBJJRpyWfCSByNghU-aITGZwI.roa
Signing time: Fri 31 May 2024 14:31:27 +0000
ROA not before: Fri 31 May 2024 14:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50840
IP address blocks: 185.41.70.0/24 maxlen: 24
2a07:9380::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 May 2024 14:44:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cf:10:10:be:d1:b8:6e:9d:7b:5d:06:0b:2b:cb:cb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c30d03e64676e720a4ff55179e196fec6591886b
Validity
Not Before: May 31 14:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=802301249469c967c2481c8d82153e6884c66702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:85:cc:4e:71:00:35:1a:01:49:76:8f:01:2a:
24:6d:e6:4b:fc:0d:d0:0f:a0:45:66:de:da:d8:ca:
7f:e1:9d:c5:3e:8b:f5:6a:8e:14:8d:6d:76:33:20:
bd:28:50:44:90:81:d2:c0:19:e0:70:71:78:e9:97:
a2:ea:ed:38:ce:db:df:e0:65:44:d4:db:95:36:7c:
98:c9:c3:33:7e:b3:03:f6:f8:e9:6a:13:5b:44:4f:
45:cd:50:bf:b7:50:83:df:ce:78:1e:78:7e:1b:bf:
73:1d:39:b3:aa:45:7f:f1:d5:40:41:c7:36:04:4a:
25:4f:1e:c1:da:b2:de:64:a5:8d:5b:4d:4d:08:08:
78:ab:d5:a0:de:c0:32:db:cd:08:e2:45:c4:36:9e:
a6:5d:74:eb:d4:3a:f1:d2:f5:63:01:93:9b:fd:68:
d8:21:0e:f8:2b:61:41:bb:b1:04:07:92:b7:89:7a:
fc:19:46:b7:f3:33:be:d0:42:68:8b:91:91:18:4a:
92:c5:64:d3:f5:9b:a0:59:85:e6:05:9a:ca:e0:a3:
02:ba:11:ca:11:00:36:11:40:10:a9:26:69:21:ce:
b2:ee:ed:5d:89:63:89:62:95:ff:47:6a:e2:a4:81:
79:4f:d4:36:3b:fd:1d:83:e3:d0:69:b6:ef:04:fa:
f8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:23:01:24:94:69:C9:67:C2:48:1C:8D:82:15:3E:68:84:C6:67:02
X509v3 Authority Key Identifier:
keyid:C3:0D:03:E6:46:76:E7:20:A4:FF:55:17:9E:19:6F:EC:65:91:88:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ww0D5kZ25yCk_1UXnhlv7GWRiGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/gCMBJJRpyWfCSByNghU-aITGZwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/ww0D5kZ25yCk_1UXnhlv7GWRiGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.70.0/24
IPv6:
2a07:9380::/32
Signature Algorithm: sha256WithRSAEncryption
6b:bd:05:bc:d7:b7:4d:7a:a8:b0:ab:06:19:7c:a4:4e:8b:a3:
78:78:cb:b6:90:45:fe:1b:0a:a9:28:c0:bc:96:6a:23:19:4e:
60:87:82:02:2e:dc:2e:5f:f1:98:eb:f9:59:27:1e:76:ee:6e:
f7:bd:6e:56:14:f6:ec:46:20:aa:2f:47:e0:d9:9d:29:4c:6e:
83:03:0c:0a:e5:2a:55:d3:75:c2:41:b5:97:4e:dc:79:82:36:
74:9b:a6:04:2e:bc:4b:ca:e1:92:c8:8d:74:e7:e0:ee:9a:93:
25:98:5d:48:67:b7:89:12:6e:e4:6a:d9:35:4f:db:cc:c2:df:
84:8c:8d:33:e7:5f:dd:e0:31:7f:a7:20:f4:46:9a:32:19:87:
f9:6d:e2:6d:88:99:fb:df:d9:56:4f:86:88:fc:47:60:71:a2:
00:0b:6f:72:e4:4e:d7:6a:e9:7b:a0:96:35:19:1a:73:87:af:
74:09:84:4d:75:91:74:81:59:eb:a4:63:d2:f0:25:77:af:02:
99:bf:51:65:5a:2b:b7:69:de:15:3a:3f:98:fa:37:13:ef:82:
37:00:d9:75:48:48:59:1c:6e:62:e0:e4:a0:5f:d9:2a:65:11:
df:e7:fa:49:04:3d:59:77:3d:5c:3f:19:bf:8b:5f:d0:ce:53:
89:73:2b:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/PEBC+0bhunXtdBgsry8sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMGQwM2U2NDY3NmU3MjBhNGZmNTUxNzllMTk2ZmVjNjU5
MTg4NmIwHhcNMjQwNTMxMTQzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDIzMDEyNDk0NjljOTY3YzI0ODFjOGQ4MjE1M2U2ODg0YzY2NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oXMTnEANRoBSXaPASokbeZL/A3Q
D6BFZt7a2Mp/4Z3FPov1ao4UjW12MyC9KFBEkIHSwBngcHF46Zei6u04ztvf4GVE
1NuVNnyYycMzfrMD9vjpahNbRE9FzVC/t1CD3854Hnh+G79zHTmzqkV/8dVAQcc2
BEolTx7B2rLeZKWNW01NCAh4q9Wg3sAy280I4kXENp6mXXTr1Drx0vVjAZOb/WjY
IQ74K2FBu7EEB5K3iXr8GUa38zO+0EJoi5GRGEqSxWTT9ZugWYXmBZrK4KMCuhHK
EQA2EUAQqSZpIc6y7u1diWOJYpX/R2ripIF5T9Q2O/0dg+PQabbvBPr40wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIAjASSUaclnwkgcjYIVPmiExmcCMB8GA1UdIwQY
MBaAFMMNA+ZGducgpP9VF54Zb+xlkYhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3cwRDVrWjI1eUNrXzFVWG5obHY3R1dSaUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlkNDEtZjRhZC00MTNjLWJjMDct
Mzg5NTNmOWFkMDU3LzEvZ0NNQkpKUnB5V2ZDU0J5TmdoVS1hSVRHWndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlkNDEtZjRhZC00MTNjLWJjMDctMzg5NTNmOWFkMDU3
LzEvd3cwRDVrWjI1eUNrXzFVWG5obHY3R1dSaUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSlGMA0E
AgACMAcDBQAqB5OAMA0GCSqGSIb3DQEBCwUAA4IBAQBrvQW817dNeqiwqwYZfKRO
i6N4eMu2kEX+GwqpKMC8lmojGU5gh4ICLtwuX/GY6/lZJx527m73vW5WFPbsRiCq
L0fg2Z0pTG6DAwwK5SpV03XCQbWXTtx5gjZ0m6YELrxLyuGSyI105+DumpMlmF1I
Z7eJEm7katk1T9vMwt+EjI0z51/d4DF/pyD0RpoyGYf5beJtiJn739lWT4aI/Edg
caIAC29y5E7Xaul7oJY1GRpzh690CYRNdZF0gVnrpGPS8CV3rwKZv1FlWiu3ad4V
Oj+Y+jcT74I3ANl1SEhZHG5i4OSgX9kqZRHf5/pJBD1Zdz1cPxm/i1/QzlOJcysW
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:03:18 2025 by rpki-client