Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/gf1XsQis7sl4oHGdz_iA_8312Vk.roa
File: gf1XsQis7sl4oHGdz_iA_8312Vk.roa (raw, json)
Hash identifier: V45kGZsErKgB94HPalDOUh5mTl7zOUkuJuCSsYPzR40=
Subject key identifier: 81:FD:57:B1:08:AC:EE:C9:78:A0:71:9D:CF:F8:80:FF:CD:F5:D9:59
Certificate issuer: /CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Certificate serial: 01963E2C9188D43BCE0E7447C91C14C51775
Authority key identifier: CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/gf1XsQis7sl4oHGdz_iA_8312Vk.roa
Signing time: Wed 16 Apr 2025 10:37:10 +0000
ROA not before: Wed 16 Apr 2025 10:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31445
IP address blocks: 185.112.40.0/22 maxlen: 24
195.128.226.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 12:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:2c:91:88:d4:3b:ce:0e:74:47:c9:1c:14:c5:17:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Validity
Not Before: Apr 16 10:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81fd57b108aceec978a0719dcff880ffcdf5d959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5c:06:19:d7:30:77:e8:51:8f:c7:ef:e2:33:
65:40:83:9f:47:14:bf:8e:84:f4:05:81:b0:e2:f4:
54:ee:4c:f5:57:9a:65:8d:19:f2:bb:17:a9:6c:1a:
16:9e:b4:45:23:2a:1c:87:17:32:7e:c0:5e:06:5e:
7b:e9:b2:8f:e6:98:3b:3a:26:d9:20:0e:f7:5c:9b:
0d:a1:a8:7c:84:29:24:9b:7d:54:7c:89:7b:67:f5:
1f:05:69:cd:ef:db:c9:85:5c:15:7f:4b:8b:84:51:
f5:8f:8d:b8:81:6e:b8:9b:ea:88:ae:23:8a:f1:cf:
08:8f:9b:78:c9:9f:db:df:43:5e:a2:7c:30:e7:20:
ac:4b:4f:c5:0d:38:87:63:88:ae:a6:d0:59:a3:83:
45:a9:b1:7a:4e:d0:7b:04:09:a3:c4:d8:6e:f2:c9:
56:f3:b4:f3:52:21:09:02:a3:61:54:4a:e7:d4:8e:
cd:2b:a0:e8:19:0e:e1:22:c6:1c:fc:b6:15:a0:01:
8d:4b:e9:71:15:15:70:31:03:0a:e5:5e:cd:77:e1:
d2:da:6d:84:0a:86:15:85:d0:64:77:88:84:27:9b:
ba:37:1c:32:6f:2c:5b:3c:1e:a3:05:f4:8e:eb:46:
ff:d4:03:bf:db:6e:d2:1d:43:9f:aa:4c:66:3c:10:
b8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FD:57:B1:08:AC:EE:C9:78:A0:71:9D:CF:F8:80:FF:CD:F5:D9:59
X509v3 Authority Key Identifier:
keyid:CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/gf1XsQis7sl4oHGdz_iA_8312Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/zqedzVo97kUOrz-TFS7W2oBrv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.40.0/22
195.128.226.0/23
Signature Algorithm: sha256WithRSAEncryption
52:97:25:45:2e:5f:c1:8b:2e:f5:6f:b6:c0:3c:50:42:a1:af:
75:93:73:40:6f:f3:5e:4f:c6:4c:7a:a8:ed:39:8c:c7:cd:c1:
9a:50:b6:a1:99:2b:6c:7f:0e:8a:67:9e:30:e7:da:3d:10:8d:
ea:4b:8f:18:c2:95:7f:2f:64:3a:e2:a3:fc:fd:79:5a:e8:b5:
3c:5c:cd:b9:e6:24:96:7e:e6:cf:cd:30:97:11:31:fc:33:db:
bf:8e:02:10:b8:0d:3d:d7:a0:af:a2:88:5d:40:cf:9e:00:db:
e5:b7:9f:2a:01:e6:5b:b5:4b:a5:fc:7c:53:48:31:07:8c:3f:
6b:63:e6:d7:56:87:af:8b:1c:5e:24:af:11:8b:f8:4c:81:0f:
f1:21:b1:97:80:09:ac:fc:8d:c0:2d:bc:42:76:cc:91:43:f9:
84:de:2c:f9:e5:7c:04:17:1f:f4:52:58:c2:59:85:78:41:38:
41:a1:41:2e:80:25:b9:28:9a:c3:a9:c3:83:f9:e5:59:a4:76:
f3:c1:e2:7b:e0:44:3d:3e:cc:df:66:3e:7e:32:5a:9b:a5:46:
bf:75:c4:ca:45:10:66:15:6e:67:8f:3f:45:c9:af:22:cb:9e:
c3:3f:d2:7a:82:12:ed:c3:58:28:b8:3c:7c:12:cf:c0:a6:14:
eb:bc:42:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZY+LJGI1DvODnRHyRwUxRd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYTc5ZGNkNWEzZGVlNDUwZWFmM2Y5MzE1MmVkNmRhODA2
YmJmNzEwHhcNMjUwNDE2MTAzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWZkNTdiMTA4YWNlZWM5NzhhMDcxOWRjZmY4ODBmZmNkZjVkOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlwGGdcwd+hRj8fv4jNlQIOfRxS/
joT0BYGw4vRU7kz1V5pljRnyuxepbBoWnrRFIyochxcyfsBeBl576bKP5pg7OibZ
IA73XJsNoah8hCkkm31UfIl7Z/UfBWnN79vJhVwVf0uLhFH1j424gW64m+qIriOK
8c8Ij5t4yZ/b30Neonww5yCsS0/FDTiHY4iuptBZo4NFqbF6TtB7BAmjxNhu8slW
87TzUiEJAqNhVErn1I7NK6DoGQ7hIsYc/LYVoAGNS+lxFRVwMQMK5V7Nd+HS2m2E
CoYVhdBkd4iEJ5u6NxwybyxbPB6jBfSO60b/1AO/227SHUOfqkxmPBC4awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIH9V7EIrO7JeKBxnc/4gP/N9dlZMB8GA1UdIwQY
MBaAFM6nnc1aPe5FDq8/kxUu1tqAa79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQt
ODZlMjQyNjA1MTZmLzEvZ2YxWHNRaXM3c2w0b0hHZHpfaUFfODMxMlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQtODZlMjQyNjA1MTZm
LzEvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXAoAwQB
w4DiMA0GCSqGSIb3DQEBCwUAA4IBAQBSlyVFLl/Biy71b7bAPFBCoa91k3NAb/Ne
T8ZMeqjtOYzHzcGaULahmStsfw6KZ54w59o9EI3qS48YwpV/L2Q64qP8/Xla6LU8
XM255iSWfubPzTCXETH8M9u/jgIQuA0916CvoohdQM+eANvlt58qAeZbtUul/HxT
SDEHjD9rY+bXVoevixxeJK8Ri/hMgQ/xIbGXgAms/I3ALbxCdsyRQ/mE3iz55XwE
Fx/0UljCWYV4QThBoUEugCW5KJrDqcOD+eVZpHbzweJ74EQ9PszfZj5+MlqbpUa/
dcTKRRBmFW5njz9Fya8iy57DP9J6ghLtw1gouDx8Es/AphTrvEJL
-----END CERTIFICATE-----
Generated at Sat May 10 08:36:24 2025 by rpki-client