Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/02f8a1-3383-4d21-aa25-e733c262a382/1/GHa64D3IdgW6vD1aEyDiFDXJBX0.roa
File: GHa64D3IdgW6vD1aEyDiFDXJBX0.roa (raw, json)
Hash identifier: btMDsOkfADwNpNOBZ8T1QU8AHE6GlnVGBAJub+PKtcw=
Subject key identifier: 18:76:BA:E0:3D:C8:76:05:BA:BC:3D:5A:13:20:E2:14:35:C9:05:7D
Certificate issuer: /CN=e31f3656c6ed9a3f9a42c678a78a2e374f8e57d3
Certificate serial: 0190563120CB624218DF296305267289EC17
Authority key identifier: E3:1F:36:56:C6:ED:9A:3F:9A:42:C6:78:A7:8A:2E:37:4F:8E:57:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4x82Vsbtmj-aQsZ4p4ouN0-OV9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/02f8a1-3383-4d21-aa25-e733c262a382/1/GHa64D3IdgW6vD1aEyDiFDXJBX0.roa
Signing time: Wed 26 Jun 2024 20:16:18 +0000
ROA not before: Wed 26 Jun 2024 20:16:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 92.249.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:56:31:20:cb:62:42:18:df:29:63:05:26:72:89:ec:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e31f3656c6ed9a3f9a42c678a78a2e374f8e57d3
Validity
Not Before: Jun 26 20:16:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1876bae03dc87605babc3d5a1320e21435c9057d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a3:cf:69:06:57:a9:08:45:fa:4a:40:8d:8f:
17:97:f4:ad:33:bc:52:fc:83:49:13:2a:f7:a1:3a:
ac:08:03:91:bd:e9:2f:41:d3:0e:2a:c7:d1:79:62:
0d:ef:00:a6:e6:e9:ce:63:49:19:53:d0:8a:a5:36:
3b:c2:d3:81:0d:7c:11:b7:81:ca:4a:85:eb:d0:a2:
32:f4:09:1b:e3:2c:ff:c2:dc:74:ac:0f:49:98:48:
2c:b9:27:49:8c:e3:94:20:03:1f:5b:50:ee:eb:0b:
1d:1d:8f:0d:7d:ea:87:f4:34:5c:a6:73:06:86:fe:
16:9d:97:db:7f:af:0f:e2:50:9a:2b:2a:c0:82:dc:
17:00:4c:26:d9:59:0f:0d:76:99:15:19:42:87:1f:
15:14:ef:58:53:bb:f6:0b:07:68:6f:49:d7:5c:b5:
ad:0e:e9:f3:63:a3:12:7c:ec:88:50:b2:f6:32:51:
62:32:c2:93:20:d0:8e:d7:16:5a:89:fa:e6:c6:be:
d9:d7:51:cc:6c:8d:13:1d:45:2f:e2:13:7a:14:7a:
98:1c:8a:44:7a:40:16:ff:8d:c0:f8:75:8d:44:5b:
7f:65:40:d1:c3:ad:eb:69:98:a3:ff:30:cd:12:72:
27:7d:39:a1:de:dd:09:da:5c:ed:ef:b3:14:22:5a:
d6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:76:BA:E0:3D:C8:76:05:BA:BC:3D:5A:13:20:E2:14:35:C9:05:7D
X509v3 Authority Key Identifier:
keyid:E3:1F:36:56:C6:ED:9A:3F:9A:42:C6:78:A7:8A:2E:37:4F:8E:57:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4x82Vsbtmj-aQsZ4p4ouN0-OV9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/02f8a1-3383-4d21-aa25-e733c262a382/1/GHa64D3IdgW6vD1aEyDiFDXJBX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/02f8a1-3383-4d21-aa25-e733c262a382/1/4x82Vsbtmj-aQsZ4p4ouN0-OV9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.25.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d7:65:e7:81:83:75:68:91:33:d3:c6:3d:3e:01:85:68:93:
95:01:04:05:4b:d8:75:9c:58:14:0f:c7:20:51:a5:6d:1b:bd:
2d:50:f3:5d:a2:8e:f9:89:68:b1:b0:be:93:b4:ab:b8:53:21:
23:e5:65:eb:b2:98:92:7e:9b:6e:26:d9:85:57:5f:2c:f1:b7:
d6:5f:fe:10:8a:50:21:2d:c7:0f:bb:99:3b:e2:97:3e:39:43:
af:a4:e7:c2:45:ca:d0:73:6a:3e:40:ae:41:be:56:af:95:0c:
7c:72:c5:c0:a9:3a:48:c5:a5:23:96:77:f5:29:fb:76:73:eb:
38:82:fc:8d:c4:03:e2:ff:82:31:70:24:39:3d:b7:04:b7:91:
33:a3:42:6b:f5:6a:f3:d0:c3:3e:d8:3e:10:a9:ff:00:7a:53:
17:40:4f:91:98:6b:81:fa:d6:60:fc:e9:0f:f3:9f:8c:31:0d:
fc:f4:5a:ea:50:f3:21:d0:25:a0:59:f6:3b:10:7b:05:e2:d3:
90:25:df:22:c9:82:7e:5b:8b:25:01:af:d9:21:c2:85:4b:94:
f3:21:64:25:04:6a:cf:e4:28:8a:cb:7b:ef:40:aa:9c:ab:d6:
50:e1:28:bb:f6:49:e5:8c:09:68:fa:cc:32:fd:eb:f7:48:b6:
e1:6b:41:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBWMSDLYkIY3yljBSZyiewXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWYzNjU2YzZlZDlhM2Y5YTQyYzY3OGE3OGEyZTM3NGY4
ZTU3ZDMwHhcNMjQwNjI2MjAxNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODc2YmFlMDNkYzg3NjA1YmFiYzNkNWExMzIwZTIxNDM1YzkwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqPPaQZXqQhF+kpAjY8Xl/StM7xS
/INJEyr3oTqsCAORvekvQdMOKsfReWIN7wCm5unOY0kZU9CKpTY7wtOBDXwRt4HK
SoXr0KIy9Akb4yz/wtx0rA9JmEgsuSdJjOOUIAMfW1Du6wsdHY8NfeqH9DRcpnMG
hv4WnZfbf68P4lCaKyrAgtwXAEwm2VkPDXaZFRlChx8VFO9YU7v2Cwdob0nXXLWt
DunzY6MSfOyIULL2MlFiMsKTINCO1xZaifrmxr7Z11HMbI0THUUv4hN6FHqYHIpE
ekAW/43A+HWNRFt/ZUDRw63raZij/zDNEnInfTmh3t0J2lzt77MUIlrW+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBh2uuA9yHYFurw9WhMg4hQ1yQV9MB8GA1UdIwQY
MBaAFOMfNlbG7Zo/mkLGeKeKLjdPjlfTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHg4MlZzYnRtai1hUXNaNHA0b3VOMC1PVjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8wMmY4YTEtMzM4My00ZDIxLWFhMjUt
ZTczM2MyNjJhMzgyLzEvR0hhNjREM0lkZ1c2dkQxYUV5RGlGRFhKQlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8wMmY4YTEtMzM4My00ZDIxLWFhMjUtZTczM2MyNjJhMzgy
LzEvNHg4MlZzYnRtai1hUXNaNHA0b3VOMC1PVjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXPkZMA0G
CSqGSIb3DQEBCwUAA4IBAQBU12XngYN1aJEz08Y9PgGFaJOVAQQFS9h1nFgUD8cg
UaVtG70tUPNdoo75iWixsL6TtKu4UyEj5WXrspiSfptuJtmFV18s8bfWX/4QilAh
LccPu5k74pc+OUOvpOfCRcrQc2o+QK5BvlavlQx8csXAqTpIxaUjlnf1Kft2c+s4
gvyNxAPi/4IxcCQ5PbcEt5Ezo0Jr9Wrz0MM+2D4Qqf8AelMXQE+RmGuB+tZg/OkP
85+MMQ389FrqUPMh0CWgWfY7EHsF4tOQJd8iyYJ+W4slAa/ZIcKFS5TzIWQlBGrP
5CiKy3vvQKqcq9ZQ4Si79knljAlo+swy/ev3SLbha0Gf
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:20:51 2025 by rpki-client