Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/GBJMkprg6USKw8Hd3Ecc2MpWrQs.roa
File: GBJMkprg6USKw8Hd3Ecc2MpWrQs.roa (raw, json)
Hash identifier: 6EYa0/e6BVe3fyv4pvU+emsKpzXrT+YuLYMVsp181Qs=
Subject key identifier: 18:12:4C:92:9A:E0:E9:44:8A:C3:C1:DD:DC:47:1C:D8:CA:56:AD:0B
Certificate issuer: /CN=61fe2eafa64aceaf1fcfcfbca6150a7a2d35be4a
Certificate serial: 018CC726F6AA2BB94E218E0CE584793E1833
Authority key identifier: 61:FE:2E:AF:A6:4A:CE:AF:1F:CF:CF:BC:A6:15:0A:7A:2D:35:BE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/GBJMkprg6USKw8Hd3Ecc2MpWrQs.roa
Signing time: Mon 01 Jan 2024 22:31:08 +0000
ROA not before: Mon 01 Jan 2024 22:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205679
IP address blocks: 92.118.164.0/22 maxlen: 24
84.234.115.0/24 maxlen: 24
84.234.114.0/23 maxlen: 23
84.234.114.0/24 maxlen: 24
88.218.252.0/22 maxlen: 24
185.210.36.0/22 maxlen: 24
2a0b:51c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f6:aa:2b:b9:4e:21:8e:0c:e5:84:79:3e:18:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61fe2eafa64aceaf1fcfcfbca6150a7a2d35be4a
Validity
Not Before: Jan 1 22:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18124c929ae0e9448ac3c1dddc471cd8ca56ad0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:35:cf:d2:4b:41:c0:ea:51:3a:70:73:94:18:
b6:29:b6:f0:b1:3b:ae:d2:00:ff:0d:1a:c5:c8:39:
c2:44:a7:96:ec:46:12:32:a9:23:a1:d8:5e:92:e0:
09:2c:57:0b:40:06:88:6b:a1:6e:aa:47:3d:94:e8:
b2:67:39:15:e3:c5:2e:21:2f:c6:17:20:6a:58:08:
ff:0e:2d:f7:9c:e5:c5:34:f8:f7:35:8d:b9:2a:76:
6c:57:fb:c0:2b:ee:15:cb:e9:2b:03:75:00:56:18:
60:d5:81:3e:de:d3:2f:2d:b7:34:30:f8:82:fb:6b:
ec:b6:4e:ec:07:3c:c0:f1:1d:56:c2:ec:cb:03:78:
ad:39:7f:d0:23:26:9d:b9:90:62:f2:3f:6f:bc:7c:
b8:80:8c:83:31:34:1d:25:c3:34:52:82:3c:9d:63:
98:98:5b:d3:f8:35:dd:b1:da:f8:c4:d5:e9:24:2b:
e6:9d:98:79:d6:4b:50:ea:95:b0:35:72:51:cf:a8:
a0:a7:64:21:43:c8:34:66:61:64:b4:5d:40:28:8f:
ac:f4:3d:cb:7d:3d:10:e9:6e:2d:d6:64:16:f3:dd:
57:51:79:a1:e9:d1:07:c9:f0:74:c8:54:cb:0b:85:
20:ff:dd:dd:af:39:b9:bd:a2:58:c2:84:51:b6:bc:
da:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:12:4C:92:9A:E0:E9:44:8A:C3:C1:DD:DC:47:1C:D8:CA:56:AD:0B
X509v3 Authority Key Identifier:
keyid:61:FE:2E:AF:A6:4A:CE:AF:1F:CF:CF:BC:A6:15:0A:7A:2D:35:BE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/GBJMkprg6USKw8Hd3Ecc2MpWrQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/Yf4ur6ZKzq8fz8-8phUKei01vko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.114.0/23
88.218.252.0/22
92.118.164.0/22
185.210.36.0/22
IPv6:
2a0b:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:96:d1:3b:0e:ef:f6:be:7b:5c:38:6e:ba:61:c3:ca:04:7b:
84:d6:b3:0b:16:05:47:30:16:56:25:3b:3c:c7:5c:2b:d7:7e:
9f:70:26:21:41:0f:38:30:75:89:e8:95:2d:ac:9a:94:55:70:
8c:a8:d0:90:94:ed:7e:b0:7f:83:ba:d8:14:b6:d9:8b:99:b0:
7f:d9:f2:a7:e7:20:14:8a:26:f6:e8:bd:4f:e8:50:30:b2:de:
8a:dd:25:9a:66:1c:e3:9e:4a:45:77:25:cd:b2:e5:55:d9:6c:
6a:2f:21:c7:12:a3:18:8b:17:c7:fd:c1:34:f8:76:fc:a6:1e:
1c:b1:d8:39:a7:22:52:61:2c:9b:42:e2:56:0d:f9:25:16:f9:
7f:70:b7:c3:ea:21:91:f9:97:5f:e8:ef:57:1e:f9:ad:69:e1:
bf:d0:20:72:f5:c0:48:b8:b5:d4:ea:98:49:d0:a9:24:9e:de:
c5:de:a8:ef:32:05:2c:1a:85:e1:34:79:d6:0e:3b:ad:fc:e9:
99:b5:3e:5d:79:25:7d:8a:d8:7f:ca:5b:f5:f3:30:81:27:97:
71:eb:48:82:fe:80:a8:fa:96:84:11:ab:3d:2e:dd:03:1b:a5:
7e:0b:de:19:51:8b:c7:64:d7:d5:ac:db:09:9a:62:ef:cc:c2:
6e:80:97:d3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHJvaqK7lOIY4M5YR5PhgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZmUyZWFmYTY0YWNlYWYxZmNmY2ZiY2E2MTUwYTdhMmQz
NWJlNGEwHhcNMjQwMTAxMjIzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODEyNGM5MjlhZTBlOTQ0OGFjM2MxZGRkYzQ3MWNkOGNhNTZhZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDXP0ktBwOpROnBzlBi2KbbwsTuu
0gD/DRrFyDnCRKeW7EYSMqkjodhekuAJLFcLQAaIa6Fuqkc9lOiyZzkV48UuIS/G
FyBqWAj/Di33nOXFNPj3NY25KnZsV/vAK+4Vy+krA3UAVhhg1YE+3tMvLbc0MPiC
+2vstk7sBzzA8R1WwuzLA3itOX/QIyaduZBi8j9vvHy4gIyDMTQdJcM0UoI8nWOY
mFvT+DXdsdr4xNXpJCvmnZh51ktQ6pWwNXJRz6igp2QhQ8g0ZmFktF1AKI+s9D3L
fT0Q6W4t1mQW891XUXmh6dEHyfB0yFTLC4Ug/93drzm5vaJYwoRRtrzaBQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBgSTJKa4OlEisPB3dxHHNjKVq0LMB8GA1UdIwQY
MBaAFGH+Lq+mSs6vH8/PvKYVCnotNb5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWY0dXI2Wkt6cThmejgtOHBoVUtlaTAxdmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8yMWNhNDMtZDNlMS00ZWMwLTlhOWQt
MzlhZmQ5MzE2NTk4LzEvR0JKTWtwcmc2VVNLdzhIZDNFY2MyTXBXclFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8yMWNhNDMtZDNlMS00ZWMwLTlhOWQtMzlhZmQ5MzE2NTk4
LzEvWWY0dXI2Wkt6cThmejgtOHBoVUtlaTAxdmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVOpyAwQC
WNr8AwQCXHakAwQCudIkMA0EAgACMAcDBQMqC1HAMA0GCSqGSIb3DQEBCwUAA4IB
AQAxltE7Du/2vntcOG66YcPKBHuE1rMLFgVHMBZWJTs8x1wr136fcCYhQQ84MHWJ
6JUtrJqUVXCMqNCQlO1+sH+DutgUttmLmbB/2fKn5yAUiib26L1P6FAwst6K3SWa
ZhzjnkpFdyXNsuVV2WxqLyHHEqMYixfH/cE0+Hb8ph4csdg5pyJSYSybQuJWDfkl
Fvl/cLfD6iGR+Zdf6O9XHvmtaeG/0CBy9cBIuLXU6phJ0Kkknt7F3qjvMgUsGoXh
NHnWDjut/OmZtT5deSV9ith/ylv18zCBJ5dx60iC/oCo+paEEas9Lt0DG6V+C94Z
UYvHZNfVrNsJmmLvzMJugJfT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:58 2025 by rpki-client