Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/GzQb199B6Mp_bFxNgkREQFtERbI.roa
File: GzQb199B6Mp_bFxNgkREQFtERbI.roa (raw, json)
Hash identifier: FAuUo3jTxqyVQuo65svskxnQS+6nZmu1Jwl8z7CTIAo=
Subject key identifier: 1B:34:1B:D7:DF:41:E8:CA:7F:6C:5C:4D:82:44:44:40:5B:44:45:B2
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194280BF449D5C4023F89D7B4DC46C31243
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/GzQb199B6Mp_bFxNgkREQFtERbI.roa
Signing time: Thu 02 Jan 2025 17:24:19 +0000
ROA not before: Thu 02 Jan 2025 17:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12541
IP address blocks: 45.10.104.0/22 maxlen: 22
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
89.45.208.0/24 maxlen: 24
91.132.31.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.34.0/24 maxlen: 24
178.19.35.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.45.0/24 maxlen: 24
178.19.46.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.71.28.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
193.178.218.0/24 maxlen: 24
193.186.1.0/24 maxlen: 24
193.186.11.0/24 maxlen: 24
194.15.140.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.182.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 10:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:0b:f4:49:d5:c4:02:3f:89:d7:b4:dc:46:c3:12:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 17:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b341bd7df41e8ca7f6c5c4d824444405b4445b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:5c:37:d5:06:1c:20:43:8f:a2:ae:34:85:
aa:14:21:f6:e4:7a:9c:78:f1:aa:4d:ff:5c:b6:8a:
d8:b8:1f:78:02:6c:49:c6:61:bf:ae:2d:f4:8a:ee:
70:cd:4d:06:ca:d7:cc:ed:08:21:f8:c5:c3:0d:3f:
17:ac:6a:71:20:e5:9d:c6:76:f3:9a:6a:58:64:77:
67:04:01:45:5e:5c:ce:2e:5c:93:fb:bc:68:70:7e:
c8:a0:1c:ca:52:bd:cb:24:be:da:1d:b9:bb:37:16:
85:6c:63:fa:c1:35:80:8e:3f:0a:1b:90:3a:a5:bf:
e3:ea:44:ff:4c:46:04:2f:ea:94:60:ad:db:42:90:
36:bb:d6:94:70:d2:02:86:48:1e:c5:39:a2:22:f6:
46:5e:ee:ee:f8:71:c9:82:5b:82:e8:2d:23:55:b4:
a8:da:a7:9c:b9:e1:0f:85:eb:ac:79:dc:a1:8e:c8:
f5:7a:a6:cb:c5:6c:1b:61:9e:c7:da:ac:96:7c:fd:
4d:0a:84:6c:5b:04:2d:61:94:a6:8b:96:64:5a:4c:
88:40:bb:b4:2a:c9:46:ed:7d:3a:51:6f:d3:80:48:
6c:33:d0:7f:84:e6:ea:6e:dd:d9:5a:aa:6b:16:dd:
0f:41:ad:35:98:0a:95:89:03:4b:d0:f8:34:10:a7:
84:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:34:1B:D7:DF:41:E8:CA:7F:6C:5C:4D:82:44:44:40:5B:44:45:B2
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/GzQb199B6Mp_bFxNgkREQFtERbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/22
45.83.50.0/23
80.66.112.0/20
89.42.70.0/24
89.44.150.0/23
89.45.208.0/24
91.132.31.0/24
94.198.46.0/23
178.19.34.0/23
178.19.44.0/22
185.71.28.0/24
185.203.21.0-185.203.23.255
185.242.175.0/24
193.178.212.0/24
193.178.218.0/24
193.186.1.0/24
193.186.11.0/24
194.15.140.0/24
194.15.146.0/24
194.15.182.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:61:c7:f7:0c:62:01:bd:15:d8:bf:0d:5d:7f:49:1c:a2:5c:
7a:b7:37:58:20:d8:74:35:56:75:aa:4a:6d:27:f8:97:9d:e5:
7b:9b:db:99:9a:51:14:08:39:0f:da:20:e7:01:27:79:60:5d:
73:2c:12:10:45:2a:72:e5:66:22:61:32:31:2a:12:68:cc:56:
ed:78:06:7f:48:82:18:1c:d8:ae:c6:2c:7a:2f:02:fd:a9:0b:
27:b0:47:ac:2f:4e:cf:05:f2:f7:13:84:ba:41:36:d5:06:9b:
f6:c9:6f:d0:73:29:c5:b7:19:21:68:a0:6d:9e:a6:69:e9:c9:
a7:49:af:37:88:ba:af:43:ca:04:64:7b:ed:14:35:fe:0d:40:
3c:34:18:8c:db:95:66:0d:1a:40:af:db:e5:53:65:1a:b0:1e:
88:8f:f3:6e:9e:16:01:4e:cf:91:df:fa:ec:28:7f:86:cf:d6:
c0:fb:19:ae:9d:39:f6:2e:8f:c8:d0:bf:10:44:4a:1a:52:ea:
b0:b2:62:a5:09:6f:a8:88:4b:40:91:69:0f:98:4d:50:0e:d2:
e8:02:82:10:a2:9f:d5:d9:4e:00:fb:60:75:49:d3:1a:1a:d8:
09:1a:1b:eb:80:67:12:23:2e:3e:cf:8d:3d:6f:5b:21:ac:f7:
d0:87:1d:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZQoC/RJ1cQCP4nXtNxGwxJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTcyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM0MWJkN2RmNDFlOGNhN2Y2YzVjNGQ4MjQ0NDQ0MDViNDQ0NWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6xcN9UGHCBDj6KuNIWqFCH25Hqc
ePGqTf9ctorYuB94AmxJxmG/ri30iu5wzU0GytfM7Qgh+MXDDT8XrGpxIOWdxnbz
mmpYZHdnBAFFXlzOLlyT+7xocH7IoBzKUr3LJL7aHbm7NxaFbGP6wTWAjj8KG5A6
pb/j6kT/TEYEL+qUYK3bQpA2u9aUcNIChkgexTmiIvZGXu7u+HHJgluC6C0jVbSo
2qecueEPheusedyhjsj1eqbLxWwbYZ7H2qyWfP1NCoRsWwQtYZSmi5ZkWkyIQLu0
KslG7X06UW/TgEhsM9B/hObqbt3ZWqprFt0PQa01mAqViQNL0Pg0EKeEbQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFBs0G9ffQejKf2xcTYJEREBbREWyMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvR3pRYjE5OUI2TXBfYkZ4TmdrUkVRRnRFUmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAIt
CmgDBAEtUzIDBARQQnADBABZKkYDBAFZLJYDBABZLdADBABbhB8DBAFexi4DBAGy
EyIDBAKyEywDBAC5RxwwDAMEALnLFQMEA7nLEAMEALnyrwMEAMGy1AMEAMGy2gME
AMG6AQMEAMG6CwMEAMIPjAMEAMIPkgMEAMIPtgMEAMIPwzANBgkqhkiG9w0BAQsF
AAOCAQEAqWHH9wxiAb0V2L8NXX9JHKJcerc3WCDYdDVWdapKbSf4l53le5vbmZpR
FAg5D9og5wEneWBdcywSEEUqcuVmImEyMSoSaMxW7XgGf0iCGBzYrsYsei8C/akL
J7BHrC9OzwXy9xOEukE21Qab9slv0HMpxbcZIWigbZ6maenJp0mvN4i6r0PKBGR7
7RQ1/g1APDQYjNuVZg0aQK/b5VNlGrAeiI/zbp4WAU7Pkd/67Ch/hs/WwPsZrp05
9i6PyNC/EERKGlLqsLJipQlvqIhLQJFpD5hNUA7S6AKCEKKf1dlOAPtgdUnTGhrY
CRob64BnEiMuPs+NPW9bIaz30IcdoQ==
-----END CERTIFICATE-----
Generated at Wed May 14 11:30:46 2025 by rpki-client