Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/GqPHwZ72jLJp80N1BQ4Cl2N6DHg.roa
File: GqPHwZ72jLJp80N1BQ4Cl2N6DHg.roa (raw, json)
Hash identifier: 7TikUZEjYXVZbMqpKO+m+NpX9gO1PzHaUqveIwvDs64=
Subject key identifier: 1A:A3:C7:C1:9E:F6:8C:B2:69:F3:43:75:05:0E:02:97:63:7A:0C:78
Certificate issuer: /CN=bfac971076263bddb0eecf5bea6574a405b985de
Certificate serial: 01941F8C45F0F760A54BF7F0C6B38E8352D8
Authority key identifier: BF:AC:97:10:76:26:3B:DD:B0:EE:CF:5B:EA:65:74:A4:05:B9:85:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6yXEHYmO92w7s9b6mV0pAW5hd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/GqPHwZ72jLJp80N1BQ4Cl2N6DHg.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 80.244.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 17:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:45:f0:f7:60:a5:4b:f7:f0:c6:b3:8e:83:52:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfac971076263bddb0eecf5bea6574a405b985de
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1aa3c7c19ef68cb269f34375050e0297637a0c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:1e:09:f8:49:ac:7a:b7:ee:e9:33:b5:7b:
1f:ed:03:9d:33:64:be:42:46:ae:73:15:97:24:22:
bd:1c:e8:f7:bc:c9:cd:0e:22:6f:81:75:e8:b1:d0:
0a:27:02:80:de:67:06:2b:3f:07:31:e1:f2:e7:bf:
7b:c0:3d:21:d8:24:63:47:ce:06:5c:72:b7:23:64:
80:6d:e0:60:30:fd:0f:eb:75:9c:60:4e:e7:53:64:
0a:19:ec:94:da:54:20:bb:d6:2d:fd:35:bd:dc:13:
8a:99:9c:45:33:c8:4d:bb:11:75:15:7a:72:28:b4:
9f:9f:83:4f:a8:92:4e:1f:04:fc:ee:5a:b1:4b:f4:
57:13:b0:88:31:79:81:90:b2:a8:59:17:e6:13:de:
6c:a9:de:80:86:b9:20:da:c4:4b:bd:89:a3:40:ea:
a9:bd:12:76:38:b2:a8:a2:d4:8a:70:82:fd:b2:94:
87:f9:5a:df:ee:9c:70:13:88:82:c2:18:7e:5d:77:
5f:7b:f4:7a:c4:cb:39:33:d5:85:e2:2c:9a:3b:1f:
4e:6c:fb:fa:1d:a1:71:72:5d:b0:fa:4b:93:24:7e:
10:3d:12:fc:29:ae:d7:6d:3e:fc:7e:00:e8:b5:1d:
4d:05:45:d7:0c:1e:62:f7:a3:ba:85:31:d9:14:e3:
bd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A3:C7:C1:9E:F6:8C:B2:69:F3:43:75:05:0E:02:97:63:7A:0C:78
X509v3 Authority Key Identifier:
keyid:BF:AC:97:10:76:26:3B:DD:B0:EE:CF:5B:EA:65:74:A4:05:B9:85:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6yXEHYmO92w7s9b6mV0pAW5hd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/GqPHwZ72jLJp80N1BQ4Cl2N6DHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/v6yXEHYmO92w7s9b6mV0pAW5hd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d8:35:0d:dd:27:e1:47:70:00:ae:5e:6d:cd:cf:86:1b:52:
f4:70:ac:9c:4d:b5:fc:a0:a0:01:fa:7c:19:2a:db:6b:9a:68:
16:14:f6:fa:15:ba:42:b8:d8:48:ad:d8:b9:68:d4:31:f5:91:
3b:6a:e0:36:b9:93:4b:67:ba:53:bc:8e:6d:24:51:fc:a4:55:
9a:85:06:03:04:25:83:ca:46:23:4f:62:87:bb:a7:2f:0a:0b:
ff:e8:0e:d1:5c:a4:b3:dd:ae:f5:d6:90:8d:2e:c1:06:ea:b4:
38:28:14:c1:ae:55:75:3f:ed:cd:4b:43:b3:11:62:9c:9a:59:
fe:ea:8f:1c:c5:1d:fb:3c:f4:e0:27:32:68:f8:4c:81:c0:1a:
a3:d7:8f:a2:92:0e:9b:dc:a9:0b:85:7d:c2:d2:df:13:72:69:
05:7d:7c:af:c8:c9:5a:b9:af:09:51:97:7e:b3:28:52:29:48:
22:53:ab:57:b3:0d:66:79:f3:05:84:72:cb:78:83:0f:31:f8:
a3:e2:3a:12:0b:5e:bf:21:a2:d8:f4:64:e2:80:c3:10:ee:e9:
46:c8:40:16:6b:f1:10:aa:4d:88:30:85:f8:41:23:9b:c6:2b:
57:4e:17:a2:f4:68:e4:a8:69:64:f7:09:64:aa:32:de:69:eb:
fe:be:9e:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEXw92ClS/fwxrOOg1LYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWM5NzEwNzYyNjNiZGRiMGVlY2Y1YmVhNjU3NGE0MDVi
OTg1ZGUwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWEzYzdjMTllZjY4Y2IyNjlmMzQzNzUwNTBlMDI5NzYzN2EwYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLEeCfhJrHq37ukztXsf7QOdM2S+
QkaucxWXJCK9HOj3vMnNDiJvgXXosdAKJwKA3mcGKz8HMeHy5797wD0h2CRjR84G
XHK3I2SAbeBgMP0P63WcYE7nU2QKGeyU2lQgu9Yt/TW93BOKmZxFM8hNuxF1FXpy
KLSfn4NPqJJOHwT87lqxS/RXE7CIMXmBkLKoWRfmE95sqd6Ahrkg2sRLvYmjQOqp
vRJ2OLKootSKcIL9spSH+Vrf7pxwE4iCwhh+XXdfe/R6xMs5M9WF4iyaOx9ObPv6
HaFxcl2w+kuTJH4QPRL8Ka7XbT78fgDotR1NBUXXDB5i96O6hTHZFOO9rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqjx8Ge9oyyafNDdQUOApdjegx4MB8GA1UdIwQY
MBaAFL+slxB2JjvdsO7PW+pldKQFuYXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZ5WEVIWW1POTJ3N3M5YjZtVjBwQVc1aGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNjc4MzctYmFhMC00MDg1LWFhMjMt
ODAyM2Q5NDU0OTdhLzEvR3FQSHdaNzJqTEpwODBOMUJRNENsMk42REhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNjc4MzctYmFhMC00MDg1LWFhMjMtODAyM2Q5NDU0OTdh
LzEvdjZ5WEVIWW1POTJ3N3M5YjZtVjBwQVc1aGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPQNMA0G
CSqGSIb3DQEBCwUAA4IBAQA72DUN3SfhR3AArl5tzc+GG1L0cKycTbX8oKAB+nwZ
KttrmmgWFPb6FbpCuNhIrdi5aNQx9ZE7auA2uZNLZ7pTvI5tJFH8pFWahQYDBCWD
ykYjT2KHu6cvCgv/6A7RXKSz3a711pCNLsEG6rQ4KBTBrlV1P+3NS0OzEWKcmln+
6o8cxR37PPTgJzJo+EyBwBqj14+ikg6b3KkLhX3C0t8TcmkFfXyvyMlaua8JUZd+
syhSKUgiU6tXsw1mefMFhHLLeIMPMfij4joSC16/IaLY9GTigMMQ7ulGyEAWa/EQ
qk2IMIX4QSObxitXThei9GjkqGlk9wlkqjLeaev+vp4T
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:59:18 2025 by rpki-client