Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GJSCqpZMSMeFLwi2uKHvFovtgxU.roa
File: GJSCqpZMSMeFLwi2uKHvFovtgxU.roa (raw, json)
Hash identifier: /oD4CMcsFS7T84JPgr1ARCK1L76rrMe6ZhPg/WHJhhk=
Subject key identifier: 18:94:82:AA:96:4C:48:C7:85:2F:08:B6:B8:A1:EF:16:8B:ED:83:15
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01951F452FC0DEA370B3A68C6CC7C094D234
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GJSCqpZMSMeFLwi2uKHvFovtgxU.roa
Signing time: Wed 19 Feb 2025 17:33:02 +0000
ROA not before: Wed 19 Feb 2025 17:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 77.242.146.0/23 maxlen: 24
88.209.194.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 07:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:45:2f:c0:de:a3:70:b3:a6:8c:6c:c7:c0:94:d2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 19 17:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=189482aa964c48c7852f08b6b8a1ef168bed8315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:2d:ca:9a:01:5b:cc:53:e4:37:34:f5:50:
7e:b5:46:3d:cd:9e:e1:f9:41:c8:67:ab:ee:dd:f1:
32:a5:bb:bc:24:92:41:5c:a9:a7:24:50:97:79:03:
14:5b:4e:9b:33:f9:4e:8d:a7:76:82:61:7c:85:df:
17:b9:92:d5:95:c3:0f:da:8a:fe:f9:6a:1f:fc:37:
d7:07:12:8a:00:57:fd:92:0b:78:58:69:36:7c:90:
ee:50:9f:de:d9:16:ee:29:3d:5d:f5:27:5d:08:5d:
e8:e8:8d:52:44:9a:41:03:cc:80:3b:ae:99:46:0b:
06:27:22:54:6b:ba:10:6d:85:cc:d3:e7:cc:90:f1:
7d:57:12:f8:0b:52:a9:23:37:67:d7:00:e6:4e:04:
5d:44:8d:7c:d9:0b:da:cf:7e:4f:01:7a:61:b3:6a:
c2:a0:9c:16:fb:98:6c:fd:57:44:9d:65:67:a8:80:
f1:5b:83:a8:67:5b:fb:71:73:19:cf:4c:db:d4:55:
74:a6:3a:7f:d0:c5:8e:f3:e3:ef:9f:92:c3:a8:3a:
da:9f:3c:ec:79:0c:fb:69:c9:be:12:70:78:d4:ab:
00:f2:cf:71:21:6e:02:3b:d2:0c:f5:8d:18:b2:09:
4d:90:06:e4:e7:61:13:15:24:69:72:41:e8:e3:40:
2f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:94:82:AA:96:4C:48:C7:85:2F:08:B6:B8:A1:EF:16:8B:ED:83:15
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GJSCqpZMSMeFLwi2uKHvFovtgxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.209.194.0/24
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
05:96:d4:d2:21:c4:ec:57:a2:dd:9f:75:5b:1f:93:20:ec:ec:
2c:1a:d4:48:a4:b0:28:3e:6f:a1:ba:5e:1d:9d:56:12:fc:db:
97:d3:2c:6e:de:af:dc:c4:77:75:28:f5:53:0f:fc:10:9c:de:
db:29:b0:c2:e5:91:05:31:7b:ae:88:13:90:ba:76:62:ca:3f:
6a:61:74:2e:a7:9c:ef:84:01:c6:b5:6d:bf:53:c3:f2:32:28:
e0:31:2f:b5:4d:a3:e9:bb:3a:15:40:c1:27:a0:10:6b:ba:06:
49:b6:61:8e:fc:44:16:b5:a2:9d:91:64:61:a5:ea:3f:34:3c:
e0:12:05:2d:57:29:a9:b7:de:81:80:33:dc:2a:c1:76:f4:16:
f8:85:26:ac:d5:c1:b7:41:da:a9:4b:f7:b7:42:af:cf:4f:32:
f7:3f:94:05:da:d7:f1:e2:67:cf:a7:4e:a9:f0:20:1f:80:04:
23:2f:5e:a5:23:77:ad:81:c1:a8:37:ec:de:68:3b:05:3c:fd:
3a:a3:93:0c:a2:4a:fd:33:59:b3:eb:7f:78:81:c8:bc:3e:5b:
f5:4f:b8:24:98:de:1f:fc:dd:cc:2e:53:13:c0:79:b0:3a:a2:
88:dc:cf:29:e6:f9:07:2e:d1:bb:b6:f6:5c:21:4b:c9:d1:66:
2b:f9:99:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUfRS/A3qNws6aMbMfAlNI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMjE5MTczMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODk0ODJhYTk2NGM0OGM3ODUyZjA4YjZiOGExZWYxNjhiZWQ4MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO4typoBW8xT5Dc09VB+tUY9zZ7h
+UHIZ6vu3fEypbu8JJJBXKmnJFCXeQMUW06bM/lOjad2gmF8hd8XuZLVlcMP2or+
+Wof/DfXBxKKAFf9kgt4WGk2fJDuUJ/e2RbuKT1d9SddCF3o6I1SRJpBA8yAO66Z
RgsGJyJUa7oQbYXM0+fMkPF9VxL4C1KpIzdn1wDmTgRdRI182Qvaz35PAXphs2rC
oJwW+5hs/VdEnWVnqIDxW4OoZ1v7cXMZz0zb1FV0pjp/0MWO8+Pvn5LDqDranzzs
eQz7acm+EnB41KsA8s9xIW4CO9IM9Y0YsglNkAbk52ETFSRpckHo40AvywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBiUgqqWTEjHhS8Itrih7xaL7YMVMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvR0pTQ3FwWk1TTWVGTHdpMnVLSHZGb3Z0Z3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTfKSAwQA
WNHCAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQAFltTSIcTsV6Ldn3VbH5Mg7Ows
GtRIpLAoPm+hul4dnVYS/NuX0yxu3q/cxHd1KPVTD/wQnN7bKbDC5ZEFMXuuiBOQ
unZiyj9qYXQup5zvhAHGtW2/U8PyMijgMS+1TaPpuzoVQMEnoBBrugZJtmGO/EQW
taKdkWRhpeo/NDzgEgUtVympt96BgDPcKsF29Bb4hSas1cG3QdqpS/e3Qq/PTzL3
P5QF2tfx4mfPp06p8CAfgAQjL16lI3etgcGoN+zeaDsFPP06o5MMokr9M1mz6394
gci8Plv1T7gkmN4f/N3MLlMTwHmwOqKI3M8p5vkHLtG7tvZcIUvJ0WYr+ZnU
-----END CERTIFICATE-----
Generated at Sun May 11 21:46:03 2025 by rpki-client