Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/GEpl7NTUbFHjWisNjaf_nzeN9yc.roa
File: GEpl7NTUbFHjWisNjaf_nzeN9yc.roa (raw, json)
Hash identifier: 3vf87rdXyJRx62/etIJ+rvU9KoXiHC3EHYfORtZLzQw=
Subject key identifier: 18:4A:65:EC:D4:D4:6C:51:E3:5A:2B:0D:8D:A7:FF:9F:37:8D:F7:27
Certificate issuer: /CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6
Certificate serial: 018CC56EE24215788B74CC0BA0D63C5CAB71
Authority key identifier: 1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/GEpl7NTUbFHjWisNjaf_nzeN9yc.roa
Signing time: Mon 01 Jan 2024 14:30:27 +0000
ROA not before: Mon 01 Jan 2024 14:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198539
IP address blocks: 185.228.112.0/23 maxlen: 23
185.228.114.0/24 maxlen: 24
185.228.115.0/24 maxlen: 24
194.50.142.0/24 maxlen: 24
194.50.143.0/24 maxlen: 24
194.50.141.0/24 maxlen: 24
2a0d:e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e2:42:15:78:8b:74:cc:0b:a0:d6:3c:5c:ab:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6
Validity
Not Before: Jan 1 14:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=184a65ecd4d46c51e35a2b0d8da7ff9f378df727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6f:4e:9c:bd:c7:ec:63:cd:01:83:d0:80:41:
5a:69:56:6b:cc:51:c7:05:aa:7e:7c:8c:d8:37:10:
ac:2c:2c:28:29:52:4e:38:d3:39:6e:41:a3:b4:5a:
dc:0f:83:47:29:0f:f2:f8:a5:f8:e8:8c:18:95:2a:
07:0c:c0:cf:22:7e:18:4d:f6:54:cb:8c:90:88:4e:
54:ad:df:2c:61:1d:21:f5:14:76:00:c3:08:05:d4:
31:08:c7:f9:62:c6:b6:01:89:1c:a9:c2:81:83:08:
41:ba:27:1e:15:79:d3:2c:3f:84:36:2a:99:31:5f:
08:21:e5:6a:c0:90:73:5c:06:52:a7:69:49:c1:28:
c5:5d:4f:a5:1b:11:b8:44:48:09:11:c9:c8:0f:04:
11:c9:d1:25:da:3c:92:48:16:1d:d8:87:e3:46:0a:
d3:06:9c:cb:d5:96:86:48:78:98:7a:fc:7b:9f:09:
be:14:ab:d8:39:c7:a2:e5:9f:87:a9:d6:ae:8e:cf:
b4:a5:d9:ce:a0:88:d4:9e:01:bf:da:67:6e:26:9a:
e4:0d:9a:27:32:0d:dd:27:74:68:5b:ca:ba:b6:8b:
5d:db:54:1f:28:27:dc:bf:32:c8:83:8d:41:7e:82:
ce:24:47:c5:9c:c3:58:9a:02:ee:b3:a6:15:f5:fd:
3c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4A:65:EC:D4:D4:6C:51:E3:5A:2B:0D:8D:A7:FF:9F:37:8D:F7:27
X509v3 Authority Key Identifier:
keyid:1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/GEpl7NTUbFHjWisNjaf_nzeN9yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/H3FCtFtc45AW4l4Jsv7Veam9d9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.112.0/22
194.50.141.0-194.50.143.255
IPv6:
2a0d:e00::/29
Signature Algorithm: sha256WithRSAEncryption
67:01:8d:cd:05:75:98:23:4a:48:12:00:6b:45:4a:b9:72:38:
56:1d:03:41:42:1c:94:a9:e1:86:02:3d:a6:fa:8c:ff:af:96:
51:20:78:f7:1e:6c:b3:d0:25:a8:b3:e7:53:11:47:73:84:a3:
09:d9:93:aa:3b:13:11:f6:ba:74:19:47:13:42:5f:37:4c:3b:
75:f2:5f:2e:b9:0f:42:15:f1:86:37:38:57:19:7f:42:f5:62:
9c:8a:75:b0:7a:bf:e9:95:86:ad:8f:b0:7b:40:55:5e:65:88:
07:71:c9:09:98:34:66:b4:44:96:25:ae:da:83:1e:22:c5:ba:
a4:b1:0a:9e:72:7b:ec:86:43:62:5e:5e:9c:a5:9f:13:f4:e8:
cf:58:cf:5e:70:14:50:39:c4:ea:f2:9a:fc:e3:79:10:98:33:
b4:b1:29:ea:a6:b1:16:48:2d:c2:f2:c5:ed:ab:02:5b:fe:3d:
ca:98:40:eb:c2:5c:44:4b:7f:62:70:70:11:10:a6:d5:07:18:
9c:2c:c7:44:f7:35:59:02:ff:b2:18:c6:08:d6:86:b2:46:58:
c0:6b:36:ce:b8:5d:5e:bb:6f:d8:21:13:79:56:d1:07:94:f1:
1b:1f:a5:f7:5a:3b:9f:8c:db:3f:98:5d:c4:5a:0e:c0:2b:d4:
9b:44:9b:d8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFbuJCFXiLdMwLoNY8XKtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzE0MmI0NWI1Y2UzOTAxNmUyNWUwOWIyZmVkNTc5YTli
ZDc3ZDYwHhcNMjQwMTAxMTQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRhNjVlY2Q0ZDQ2YzUxZTM1YTJiMGQ4ZGE3ZmY5ZjM3OGRmNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG9OnL3H7GPNAYPQgEFaaVZrzFHH
Bap+fIzYNxCsLCwoKVJOONM5bkGjtFrcD4NHKQ/y+KX46IwYlSoHDMDPIn4YTfZU
y4yQiE5Urd8sYR0h9RR2AMMIBdQxCMf5Ysa2AYkcqcKBgwhBuiceFXnTLD+ENiqZ
MV8IIeVqwJBzXAZSp2lJwSjFXU+lGxG4REgJEcnIDwQRydEl2jySSBYd2IfjRgrT
BpzL1ZaGSHiYevx7nwm+FKvYOcei5Z+Hqdaujs+0pdnOoIjUngG/2mduJprkDZon
Mg3dJ3RoW8q6totd21QfKCfcvzLIg41BfoLOJEfFnMNYmgLus6YV9f08dwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBhKZezU1GxR41orDY2n/583jfcnMB8GA1UdIwQY
MBaAFB9xQrRbXOOQFuJeCbL+1XmpvXfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTkt
ZGZlNDVmNjcyZjgxLzEvR0VwbDdOVFViRkhqV2lzTmphZl9uemVOOXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTktZGZlNDVmNjcyZjgx
LzEvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCueRwMAwD
BADCMo0DBATCMoAwDQQCAAIwBwMFAyoNDgAwDQYJKoZIhvcNAQELBQADggEBAGcB
jc0FdZgjSkgSAGtFSrlyOFYdA0FCHJSp4YYCPab6jP+vllEgePcebLPQJaiz51MR
R3OEownZk6o7ExH2unQZRxNCXzdMO3XyXy65D0IV8YY3OFcZf0L1YpyKdbB6v+mV
hq2PsHtAVV5liAdxyQmYNGa0RJYlrtqDHiLFuqSxCp5ye+yGQ2JeXpylnxP06M9Y
z15wFFA5xOrymvzjeRCYM7SxKeqmsRZILcLyxe2rAlv+PcqYQOvCXERLf2JwcBEQ
ptUHGJwsx0T3NVkC/7IYxgjWhrJGWMBrNs64XV67b9ghE3lW0QeU8RsfpfdaO5+M
2z+YXcRaDsAr1JtEm9g=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:16 2025 by rpki-client