Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/GLGXH1pRa0P6eKx7n0Oxa9Ddz28.roa
File: GLGXH1pRa0P6eKx7n0Oxa9Ddz28.roa (raw, json)
Hash identifier: Hc2rpQyIAjotP0oqxsXYcWto6wZh97o881APlEXsvOU=
Subject key identifier: 18:B1:97:1F:5A:51:6B:43:FA:78:AC:7B:9F:43:B1:6B:D0:DD:CF:6F
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 0194A7E7AFB7EC288A528D6130E3EC0AC943
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/GLGXH1pRa0P6eKx7n0Oxa9Ddz28.roa
Signing time: Mon 27 Jan 2025 13:16:06 +0000
ROA not before: Mon 27 Jan 2025 13:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215240
IP address blocks: 176.65.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 23:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:e7:af:b7:ec:28:8a:52:8d:61:30:e3:ec:0a:c9:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: Jan 27 13:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18b1971f5a516b43fa78ac7b9f43b16bd0ddcf6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:20:13:18:5f:24:cc:87:6f:5d:77:5e:29:0e:
58:47:04:24:06:0c:4a:88:84:56:8a:f9:36:0a:cd:
0e:e0:5f:85:af:fe:93:39:41:0f:41:a1:58:be:39:
3b:3c:04:e5:dc:38:85:5f:57:fc:5f:c1:aa:46:cf:
7f:c4:fa:2b:33:8c:e3:c3:08:80:f5:a5:8d:c8:8d:
41:48:84:5d:de:f4:21:fa:43:a2:bf:f0:0b:6f:80:
03:09:73:2f:a1:e1:dd:28:6d:91:22:84:c8:c7:37:
03:b1:f0:37:98:e0:ce:49:80:d3:2a:72:d1:b0:e1:
5d:53:18:81:9a:07:d7:3e:36:e2:65:56:58:d4:f6:
50:b6:24:ae:00:f1:e4:6c:65:6a:bc:7d:da:b1:a6:
cb:77:78:65:6f:a4:89:78:db:dc:c8:de:9e:90:68:
18:a9:ea:e8:6a:a8:f4:7d:2d:54:51:8c:bf:d6:d9:
01:6c:c9:0d:73:b4:7b:5b:c1:a7:dd:28:0a:3b:4f:
d3:78:84:df:4b:32:35:d0:5d:20:95:45:d3:25:73:
5b:47:97:5b:7a:f8:81:bd:7b:e0:52:68:d1:55:b5:
3c:8d:6a:73:e0:62:c4:9f:a1:f9:85:1b:a9:f1:73:
5c:9d:ee:c1:4b:b1:e8:6e:70:e5:5e:23:e8:74:ad:
2d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B1:97:1F:5A:51:6B:43:FA:78:AC:7B:9F:43:B1:6B:D0:DD:CF:6F
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/GLGXH1pRa0P6eKx7n0Oxa9Ddz28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.134.0/24
Signature Algorithm: sha256WithRSAEncryption
37:1c:9f:fd:2f:d0:5e:8f:41:3c:5b:2b:f2:0d:f7:e6:fa:b7:
49:61:da:63:e1:35:ee:41:71:7b:49:02:83:9a:45:44:d0:ff:
28:bc:f1:e3:bf:ff:1b:00:23:f6:e6:03:90:74:45:8c:2e:0a:
b5:79:ed:cd:34:7b:3f:85:e5:e5:95:d7:dc:8b:df:2d:9f:42:
12:73:b5:2a:29:2b:24:f1:59:98:a2:d0:5b:21:be:1b:18:c8:
45:39:31:7d:b8:4a:69:8e:47:8f:32:d8:78:21:37:81:59:53:
30:85:95:f7:d5:57:7c:1c:ec:d1:96:67:df:ef:79:64:b7:eb:
68:f3:80:66:86:5f:b6:85:2c:72:4e:70:0e:1d:89:19:0c:0c:
7b:2b:d4:a3:93:a1:2b:58:9b:0a:9c:92:42:fe:ee:08:5f:ec:
7e:9f:a5:90:68:75:ed:f2:13:25:81:2d:05:f9:04:7f:b7:3a:
67:65:a9:f2:40:af:6d:ea:e7:27:11:8d:0b:a6:35:bd:f2:1e:
18:f3:c3:ac:1a:94:1d:2f:f6:b8:17:2b:eb:97:9e:88:9f:5a:
68:9a:84:21:f7:4b:93:06:4c:28:51:54:4e:90:de:c4:33:c1:
b1:48:3a:b4:37:3c:a1:a3:60:ea:a7:a2:1a:e5:f3:28:b6:ee:
94:a8:64:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSn56+37CiKUo1hMOPsCslDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwMTI3MTMxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGIxOTcxZjVhNTE2YjQzZmE3OGFjN2I5ZjQzYjE2YmQwZGRjZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iATGF8kzIdvXXdeKQ5YRwQkBgxK
iIRWivk2Cs0O4F+Fr/6TOUEPQaFYvjk7PATl3DiFX1f8X8GqRs9/xPorM4zjwwiA
9aWNyI1BSIRd3vQh+kOiv/ALb4ADCXMvoeHdKG2RIoTIxzcDsfA3mODOSYDTKnLR
sOFdUxiBmgfXPjbiZVZY1PZQtiSuAPHkbGVqvH3asabLd3hlb6SJeNvcyN6ekGgY
qeroaqj0fS1UUYy/1tkBbMkNc7R7W8Gn3SgKO0/TeITfSzI10F0glUXTJXNbR5db
eviBvXvgUmjRVbU8jWpz4GLEn6H5hRup8XNcne7BS7HobnDlXiPodK0tjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBixlx9aUWtD+nise59DsWvQ3c9vMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvR0xHWEgxcFJhMFA2ZUt4N24wT3hhOURkejI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsEGGMA0G
CSqGSIb3DQEBCwUAA4IBAQA3HJ/9L9Bej0E8WyvyDffm+rdJYdpj4TXuQXF7SQKD
mkVE0P8ovPHjv/8bACP25gOQdEWMLgq1ee3NNHs/heXlldfci98tn0ISc7UqKSsk
8VmYotBbIb4bGMhFOTF9uEppjkePMth4ITeBWVMwhZX31Vd8HOzRlmff73lkt+to
84Bmhl+2hSxyTnAOHYkZDAx7K9Sjk6ErWJsKnJJC/u4IX+x+n6WQaHXt8hMlgS0F
+QR/tzpnZanyQK9t6ucnEY0LpjW98h4Y88OsGpQdL/a4Fyvrl56In1pomoQh90uT
BkwoUVROkN7EM8GxSDq0Nzyho2Dqp6Ia5fMotu6UqGSF
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:08:31 2025 by rpki-client