Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/gA4_nc6HJAqYobWpKuokKa84l1o.roa
File: gA4_nc6HJAqYobWpKuokKa84l1o.roa (raw, json)
Hash identifier: G8/CSkeSoG8+GP73/U5dHX7QuZQfhe/au6gO3z+eKAI=
Subject key identifier: 80:0E:3F:9D:CE:87:24:0A:98:A1:B5:A9:2A:EA:24:29:AF:38:97:5A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01967C72A56D9BF3BB01CD1B86AEFD342957
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/gA4_nc6HJAqYobWpKuokKa84l1o.roa
Signing time: Mon 28 Apr 2025 12:50:10 +0000
ROA not before: Mon 28 Apr 2025 12:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 178.173.232.0/22 maxlen: 24
188.209.156.0/22 maxlen: 22
188.253.104.0/22 maxlen: 24
213.173.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 29 Apr 2025 11:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:72:a5:6d:9b:f3:bb:01:cd:1b:86:ae:fd:34:29:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 28 12:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=800e3f9dce87240a98a1b5a92aea2429af38975a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c5:95:9a:79:6c:82:cd:77:b0:f0:64:bf:84:
02:25:e4:c0:d4:dd:0e:de:f8:9f:a6:73:c7:f3:63:
df:f7:a7:3f:f6:ef:d8:07:c9:e0:b4:a2:56:c3:2c:
e8:6f:96:a7:1d:85:02:ea:0c:a9:38:e1:6f:e7:53:
e2:eb:da:26:ac:97:68:93:69:42:f0:49:70:9d:6b:
b9:19:a7:81:44:6a:e7:0d:3d:4b:a9:da:2f:08:94:
ad:12:29:75:5a:d0:a7:3f:a7:b4:91:bc:9f:00:5c:
63:b8:a4:35:d2:4a:e1:9b:d5:3b:9c:f0:86:e6:1c:
f7:62:04:73:6e:0d:11:be:50:ef:cb:33:c0:46:4f:
ee:1d:78:84:58:67:30:aa:96:54:8b:87:fb:cc:ce:
65:c3:1c:8a:18:24:69:e0:fc:90:7c:de:76:24:38:
31:9e:7f:b3:97:7d:33:6d:b9:50:db:87:ef:c4:0a:
4d:d3:45:fb:41:b2:08:ca:b4:64:c2:4d:13:76:90:
c0:6c:d9:1e:e0:05:6d:9e:93:b0:6b:41:0c:f0:30:
f7:c1:3f:91:82:9a:70:eb:71:d0:96:9f:91:3f:77:
fb:59:66:ed:1e:f9:c1:95:f8:2f:a8:ad:79:fa:f4:
f8:90:43:32:e2:d0:e5:93:83:30:e5:44:e1:e4:61:
af:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0E:3F:9D:CE:87:24:0A:98:A1:B5:A9:2A:EA:24:29:AF:38:97:5A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/gA4_nc6HJAqYobWpKuokKa84l1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.232.0/22
188.209.156.0/22
188.253.104.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
96:db:17:51:c8:68:a4:4c:62:80:d8:96:45:28:ff:3f:72:ec:
56:bc:a5:35:1b:3a:ac:0a:f3:8f:34:9d:a4:4f:76:da:8c:50:
65:94:a5:81:2a:5b:eb:84:0b:ef:46:c2:0b:09:1f:f1:74:dc:
83:2f:7c:c1:03:a6:1c:66:a0:b6:58:98:0f:d0:5d:89:3d:7a:
75:3b:3c:1a:d4:87:c3:21:f7:2a:9f:75:75:ef:b9:cf:9e:db:
37:e4:f8:2f:9e:d5:d1:8b:83:17:6f:21:ac:01:03:cf:8b:96:
41:1d:7b:86:3f:10:3f:51:bd:6b:b6:58:38:11:6c:97:ae:86:
69:bb:6d:f0:f9:f7:87:b4:a8:f6:14:6f:8d:7d:3b:21:5d:25:
97:00:eb:03:75:2c:a3:6e:56:f0:51:7b:50:da:d5:cd:65:e1:
02:f9:fc:df:44:e8:9b:93:13:17:19:46:7b:f7:da:90:53:0a:
3b:9a:07:ae:0e:76:e6:89:06:cf:f9:d7:58:6e:04:2c:5a:ba:
30:5a:3a:48:18:e4:15:69:2c:2c:43:5e:b6:b5:e7:14:7a:92:
13:35:50:97:66:72:65:c3:c8:3a:1d:0a:e7:97:ad:9b:05:64:
ed:68:a9:31:94:86:0d:0e:20:5f:8a:b8:86:4f:27:9d:24:3d:
9f:a9:8f:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZ8cqVtm/O7Ac0bhq79NClXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDI4MTI1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBlM2Y5ZGNlODcyNDBhOThhMWI1YTkyYWVhMjQyOWFmMzg5NzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMWVmnlsgs13sPBkv4QCJeTA1N0O
3vifpnPH82Pf96c/9u/YB8ngtKJWwyzob5anHYUC6gypOOFv51Pi69omrJdok2lC
8ElwnWu5GaeBRGrnDT1LqdovCJStEil1WtCnP6e0kbyfAFxjuKQ10krhm9U7nPCG
5hz3YgRzbg0RvlDvyzPARk/uHXiEWGcwqpZUi4f7zM5lwxyKGCRp4PyQfN52JDgx
nn+zl30zbblQ24fvxApN00X7QbIIyrRkwk0TdpDAbNke4AVtnpOwa0EM8DD3wT+R
gppw63HQlp+RP3f7WWbtHvnBlfgvqK15+vT4kEMy4tDlk4Mw5UTh5GGv3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIAOP53OhyQKmKG1qSrqJCmvOJdaMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZ0E0X25jNkhKQXFZb2JXcEt1b2tLYTg0bDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCsq3oAwQC
vNGcAwQCvP1oAwQC1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQCW2xdRyGikTGKA2JZF
KP8/cuxWvKU1GzqsCvOPNJ2kT3bajFBllKWBKlvrhAvvRsILCR/xdNyDL3zBA6Yc
ZqC2WJgP0F2JPXp1Ozwa1IfDIfcqn3V177nPnts35PgvntXRi4MXbyGsAQPPi5ZB
HXuGPxA/Ub1rtlg4EWyXroZpu23w+feHtKj2FG+NfTshXSWXAOsDdSyjblbwUXtQ
2tXNZeEC+fzfROibkxMXGUZ799qQUwo7mgeuDnbmiQbP+ddYbgQsWrowWjpIGOQV
aSwsQ162tecUepITNVCXZnJlw8g6HQrnl62bBWTtaKkxlIYNDiBfiriGTyedJD2f
qY86
-----END CERTIFICATE-----
Generated at Fri May 16 13:55:52 2025 by rpki-client