Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/g0rEH-B7eKhSnimBNRMTxJIS1cU.roa
File: g0rEH-B7eKhSnimBNRMTxJIS1cU.roa (raw, json)
Hash identifier: EmlEN8785DD72uZaCRFlHh+PCNATh6G84Vle0HPDSiM=
Subject key identifier: 83:4A:C4:1F:E0:7B:78:A8:52:9E:29:81:35:13:13:C4:92:12:D5:C5
Certificate issuer: /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial: 019492E32263EF9C7F5D5DAF406E4D34C9C9
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/g0rEH-B7eKhSnimBNRMTxJIS1cU.roa
Signing time: Thu 23 Jan 2025 11:19:06 +0000
ROA not before: Thu 23 Jan 2025 11:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207605
IP address blocks: 62.164.170.0/24 maxlen: 24
176.119.205.0/24 maxlen: 24
193.143.68.0/24 maxlen: 24
195.189.140.0/24 maxlen: 24
195.189.141.0/24 maxlen: 24
2a05:4500::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:e3:22:63:ef:9c:7f:5d:5d:af:40:6e:4d:34:c9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Validity
Not Before: Jan 23 11:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=834ac41fe07b78a8529e2981351313c49212d5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:6f:f5:ee:ee:3f:9a:b5:aa:45:fd:d6:e7:
05:9a:9c:a1:ff:9b:18:0d:7e:61:86:25:fb:f2:a0:
cd:f5:5f:33:79:f6:d7:80:4c:15:13:9e:bf:8f:9c:
aa:f1:53:d3:30:07:81:de:d0:b2:e0:86:a3:a6:c5:
ca:f9:52:64:f4:ef:29:11:6c:9d:b5:ac:05:db:75:
8f:90:b1:1d:d1:f8:07:8a:9f:42:e5:1f:ef:07:59:
df:9f:55:30:9f:42:1d:8e:03:ca:7d:99:77:47:1f:
ac:61:b0:96:22:eb:0a:fe:ad:c6:64:c4:39:9a:3b:
03:12:be:db:43:0a:b7:09:6e:62:f2:6a:4e:39:84:
c6:d1:da:66:78:33:a8:f8:a0:ce:e6:9b:94:81:35:
ad:a8:5b:b3:50:40:16:49:ce:d2:be:e1:4f:18:df:
f8:69:b2:e6:99:9d:ba:75:74:19:33:6d:a3:7f:de:
9a:c4:e1:81:b5:9b:ec:87:85:80:b2:bd:9f:61:51:
77:28:e1:9e:00:79:4f:44:ea:9d:20:19:a0:b8:88:
05:49:b5:f5:34:9d:d6:db:f5:18:71:a1:91:10:ff:
3b:17:bc:9b:ac:33:c3:44:9a:64:29:e4:5f:bd:25:
b4:40:ef:98:31:af:bf:a0:af:60:10:50:b4:55:a9:
06:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4A:C4:1F:E0:7B:78:A8:52:9E:29:81:35:13:13:C4:92:12:D5:C5
X509v3 Authority Key Identifier:
keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/g0rEH-B7eKhSnimBNRMTxJIS1cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.170.0/24
176.119.205.0/24
193.143.68.0/24
195.189.140.0/23
IPv6:
2a05:4500::/29
Signature Algorithm: sha256WithRSAEncryption
32:27:fb:b9:d0:62:db:23:ef:6a:1a:ae:8d:a2:8f:67:c4:6c:
a0:47:df:bb:f3:ab:e6:3b:b3:f9:7b:11:a9:89:fa:37:d6:98:
dc:ad:b6:f4:41:5b:0f:cb:fa:35:57:e9:bd:da:01:bf:a8:73:
9d:64:db:40:bc:5e:65:92:cf:5c:61:9b:1f:e1:9f:c5:c9:7f:
77:8a:f9:d4:b4:53:ea:b4:38:cc:80:33:02:8d:47:79:9e:65:
0e:91:01:fe:0c:a6:13:6f:e2:aa:8b:7b:25:2f:b1:37:57:21:
f9:9f:e2:cd:8a:ef:76:1e:9e:66:64:4a:b8:15:67:47:bd:a4:
76:88:a3:30:1f:ce:7c:7d:79:9b:88:fc:ca:74:22:ae:f9:7b:
72:5c:12:fb:87:14:a4:88:b3:fd:8e:1e:78:a7:de:78:cf:fa:
f0:13:88:29:4a:e2:9d:16:98:be:34:58:f1:03:2c:9c:40:c3:
72:14:ea:ec:41:d6:47:1e:e2:ed:c0:29:6f:79:5c:c0:b4:0e:
71:4b:6d:a5:88:65:f9:45:e7:dd:28:7f:f6:f0:20:dc:e2:23:
92:69:ac:85:5e:1d:4e:9a:c3:f0:14:70:08:e2:85:3a:1f:f9:
8d:c8:2d:76:e8:bb:25:68:60:e7:86:33:3a:5f:2d:82:e2:53:
ee:23:a5:66
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZSS4yJj75x/XV2vQG5NNMnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjUwMTIzMTExOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzRhYzQxZmUwN2I3OGE4NTI5ZTI5ODEzNTEzMTNjNDkyMTJkNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRBv9e7uP5q1qkX91ucFmpyh/5sY
DX5hhiX78qDN9V8zefbXgEwVE56/j5yq8VPTMAeB3tCy4IajpsXK+VJk9O8pEWyd
tawF23WPkLEd0fgHip9C5R/vB1nfn1Uwn0IdjgPKfZl3Rx+sYbCWIusK/q3GZMQ5
mjsDEr7bQwq3CW5i8mpOOYTG0dpmeDOo+KDO5puUgTWtqFuzUEAWSc7SvuFPGN/4
abLmmZ26dXQZM22jf96axOGBtZvsh4WAsr2fYVF3KOGeAHlPROqdIBmguIgFSbX1
NJ3W2/UYcaGREP87F7ybrDPDRJpkKeRfvSW0QO+YMa+/oK9gEFC0VakG5wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFINKxB/ge3ioUp4pgTUTE8SSEtXFMB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvZzByRUgtQjdlS2hTbmltQk5STVR4SklTMWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAPqSqAwQA
sHfNAwQAwY9EAwQBw72MMA0EAgACMAcDBQMqBUUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAyJ/u50GLbI+9qGq6Noo9nxGygR9+786vmO7P5exGpifo31pjcrbb0QVsPy/o1
V+m92gG/qHOdZNtAvF5lks9cYZsf4Z/FyX93ivnUtFPqtDjMgDMCjUd5nmUOkQH+
DKYTb+Kqi3slL7E3VyH5n+LNiu92Hp5mZEq4FWdHvaR2iKMwH858fXmbiPzKdCKu
+XtyXBL7hxSkiLP9jh54p954z/rwE4gpSuKdFpi+NFjxAyycQMNyFOrsQdZHHuLt
wClveVzAtA5xS22liGX5RefdKH/28CDc4iOSaayFXh1OmsPwFHAI4oU6H/mNyC12
6LslaGDnhjM6Xy2C4lPuI6Vm
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:33:52 2025 by rpki-client