Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/G25afkBba_GUkTvGSsavtj5dOsI.roa
File: G25afkBba_GUkTvGSsavtj5dOsI.roa (raw, json)
Hash identifier: F1HxHz58VkQ/pmu3L7RO3Are8TLDDRl0tq23URHHIZw=
Subject key identifier: 1B:6E:5A:7E:40:5B:6B:F1:94:91:3B:C6:4A:C6:AF:B6:3E:5D:3A:C2
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 01928F86D85452DD45863E28CABBC9CA02F5
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/G25afkBba_GUkTvGSsavtj5dOsI.roa
Signing time: Tue 15 Oct 2024 09:33:51 +0000
ROA not before: Tue 15 Oct 2024 09:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42115
IP address blocks: 178.155.0.0/22 maxlen: 22
178.155.2.0/24 maxlen: 24
213.87.192.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:86:d8:54:52:dd:45:86:3e:28:ca:bb:c9:ca:02:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Oct 15 09:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b6e5a7e405b6bf194913bc64ac6afb63e5d3ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:76:07:ca:c6:bd:71:d7:df:6a:46:f0:7a:
f7:40:9d:b5:a5:87:f5:5f:4f:17:80:d0:49:3b:f4:
63:ac:01:4e:76:98:4d:16:51:e8:16:9d:ef:fb:21:
dc:ce:4a:fd:9e:d8:4f:a6:a8:76:ee:0b:26:6d:c6:
20:f1:48:01:cd:59:6d:9c:30:a7:f7:33:b1:1f:42:
fa:d4:6f:82:ca:18:23:f0:3e:c6:a2:a4:11:bb:e4:
df:b7:27:f5:7b:ad:67:b2:79:d8:ad:6d:da:c6:8d:
1d:8b:d0:da:11:41:a2:d2:8e:c8:b6:8a:31:b0:dd:
96:30:7f:f2:1e:83:74:6d:4e:80:0d:24:82:97:a9:
10:08:61:88:63:ba:8d:1a:b6:57:fa:bd:78:66:6f:
26:71:5f:c4:22:b3:35:e7:91:ff:ea:a6:03:be:ea:
95:91:3f:7b:84:c5:04:ab:f3:82:4b:a8:81:9b:cb:
58:cb:8c:1c:77:ed:54:19:0a:1b:1b:d2:31:4c:57:
42:98:0b:15:88:8b:aa:dc:9a:6e:5a:bb:2b:a1:4c:
be:d5:e0:f1:55:63:a3:dc:3d:77:b9:2e:f3:52:01:
2c:ba:78:d9:c1:b0:1d:b5:90:75:b7:0a:db:0a:ff:
e0:0b:be:4f:4b:ef:56:d8:06:72:b7:49:b5:4c:c0:
38:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6E:5A:7E:40:5B:6B:F1:94:91:3B:C6:4A:C6:AF:B6:3E:5D:3A:C2
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/G25afkBba_GUkTvGSsavtj5dOsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.155.0.0/22
213.87.192.0/21
Signature Algorithm: sha256WithRSAEncryption
85:1f:f1:af:8c:dd:52:72:bb:c7:f7:52:99:5c:32:1c:76:4a:
15:dc:06:e2:e0:e8:f7:f7:0e:97:84:1e:01:b2:73:7c:64:a4:
33:b7:80:bf:30:42:4d:29:1d:cf:9e:d9:62:44:be:7b:51:92:
b9:0d:64:65:21:13:cf:c5:97:23:a9:f9:de:0d:f7:26:93:6a:
8a:30:ee:3b:9c:a8:62:88:df:df:ff:de:b1:f2:a6:66:24:b7:
b5:a4:1e:f1:ca:b4:81:c8:4e:75:bc:aa:c5:e4:ff:9d:7d:76:
77:6b:87:13:2a:ac:ac:25:40:b7:16:e8:6d:63:a6:86:49:43:
fd:28:3e:3c:f4:84:b3:be:34:67:ba:35:3e:dc:07:c2:6d:a6:
53:a6:a2:fc:eb:a2:94:f1:ff:83:77:60:ee:c5:5a:d6:24:3e:
dc:d0:c3:f0:26:d6:90:89:d6:56:22:33:c8:3b:e2:30:92:97:
09:8f:0d:0f:2d:6d:86:49:6b:ae:1e:53:5c:38:79:b5:d7:d9:
d6:ba:cd:4a:df:77:2f:86:19:f5:62:4f:36:2d:24:12:9c:73:
6f:c2:5f:fe:16:2c:ce:59:92:6b:25:41:70:3e:d2:3a:0a:10:
a3:24:da:cc:a0:d6:ce:6a:dc:37:50:90:22:22:5f:7a:6e:75:
b9:86:de:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKPhthUUt1Fhj4oyrvJygL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQxMDE1MDkzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZlNWE3ZTQwNWI2YmYxOTQ5MTNiYzY0YWM2YWZiNjNlNWQzYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZJ2B8rGvXHX32pG8Hr3QJ21pYf1
X08XgNBJO/RjrAFOdphNFlHoFp3v+yHczkr9nthPpqh27gsmbcYg8UgBzVltnDCn
9zOxH0L61G+Cyhgj8D7GoqQRu+Tftyf1e61nsnnYrW3axo0di9DaEUGi0o7Itoox
sN2WMH/yHoN0bU6ADSSCl6kQCGGIY7qNGrZX+r14Zm8mcV/EIrM155H/6qYDvuqV
kT97hMUEq/OCS6iBm8tYy4wcd+1UGQobG9IxTFdCmAsViIuq3JpuWrsroUy+1eDx
VWOj3D13uS7zUgEsunjZwbAdtZB1twrbCv/gC75PS+9W2AZyt0m1TMA4uQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBtuWn5AW2vxlJE7xkrGr7Y+XTrCMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvRzI1YWZrQmJhX0dVa1R2R1NzYXZ0ajVkT3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCspsAAwQD
1VfAMA0GCSqGSIb3DQEBCwUAA4IBAQCFH/GvjN1ScrvH91KZXDIcdkoV3Abi4Oj3
9w6XhB4BsnN8ZKQzt4C/MEJNKR3PntliRL57UZK5DWRlIRPPxZcjqfneDfcmk2qK
MO47nKhiiN/f/96x8qZmJLe1pB7xyrSByE51vKrF5P+dfXZ3a4cTKqysJUC3Fuht
Y6aGSUP9KD489ISzvjRnujU+3AfCbaZTpqL866KU8f+Dd2DuxVrWJD7c0MPwJtaQ
idZWIjPIO+IwkpcJjw0PLW2GSWuuHlNcOHm119nWus1K33cvhhn1Yk82LSQSnHNv
wl/+FizOWZJrJUFwPtI6ChCjJNrMoNbOatw3UJAiIl96bnW5ht6y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:48 2025 by rpki-client