Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/VmGB6cPyuah2x3R1xN25P9QYb44.roa
File: VmGB6cPyuah2x3R1xN25P9QYb44.roa (raw, json)
Hash identifier: 1VTobYW/RNxB0dV5yZlYqlIvrWbSrRvJmn9rZusWW8s=
Subject key identifier: 56:61:81:E9:C3:F2:B9:A8:76:C7:74:75:C4:DD:B9:3F:D4:18:6F:8E
Certificate issuer: /CN=1904ce28eae682c97acd2d862fee2897c3b096fd
Certificate serial: 0190E14047C73E3528FFE430D06F5A7E5B83
Authority key identifier: 19:04:CE:28:EA:E6:82:C9:7A:CD:2D:86:2F:EE:28:97:C3:B0:96:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQTOKOrmgsl6zS2GL-4ol8Owlv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/VmGB6cPyuah2x3R1xN25P9QYb44.roa
Signing time: Tue 23 Jul 2024 20:20:04 +0000
ROA not before: Tue 23 Jul 2024 20:20:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44725
IP address blocks: 5.250.192.0/19 maxlen: 19
37.114.128.0/18 maxlen: 24
37.114.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 10:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e1:40:47:c7:3e:35:28:ff:e4:30:d0:6f:5a:7e:5b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1904ce28eae682c97acd2d862fee2897c3b096fd
Validity
Not Before: Jul 23 20:20:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=566181e9c3f2b9a876c77475c4ddb93fd4186f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:f1:23:6f:74:ab:ea:a8:68:e6:0b:f3:95:
af:ea:4e:e9:19:63:1f:e5:51:52:f4:33:8e:75:09:
52:09:58:15:0a:fe:e4:8b:2f:01:c4:19:21:b9:53:
64:0d:7b:19:38:b4:f0:13:e9:4b:00:95:bb:6b:c5:
8c:c5:3f:59:8d:c9:91:32:1f:5b:14:b5:82:57:62:
f8:61:16:55:e8:6c:7c:58:ef:a4:c8:a2:47:72:16:
b2:1e:db:3f:8b:3c:4e:a8:5b:1e:ae:cc:6d:e4:d0:
f4:54:72:b1:2d:98:ba:ae:96:28:47:3f:55:d0:75:
28:3d:aa:5c:fd:b7:c6:4f:3f:e8:31:36:7d:99:6b:
dc:70:9d:d4:50:5b:f0:76:61:e7:24:e4:67:68:12:
c3:76:3c:fa:0e:08:4a:f0:d9:a6:e8:4a:27:65:75:
11:f0:a7:e8:49:8b:36:95:cb:d6:a2:4f:0f:27:71:
ae:5b:c3:58:4a:49:37:1a:96:ec:9b:c6:03:f3:57:
0d:4a:c2:a9:54:3e:f9:d0:19:51:c2:07:2b:63:cd:
52:46:e4:9c:f6:a5:3c:82:04:1a:6b:81:52:55:be:
67:67:d8:39:c4:99:0d:e1:f0:55:4b:52:6c:6d:ab:
c6:20:db:9c:69:5d:8b:c9:42:11:8f:ca:75:6c:a3:
b0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:61:81:E9:C3:F2:B9:A8:76:C7:74:75:C4:DD:B9:3F:D4:18:6F:8E
X509v3 Authority Key Identifier:
keyid:19:04:CE:28:EA:E6:82:C9:7A:CD:2D:86:2F:EE:28:97:C3:B0:96:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQTOKOrmgsl6zS2GL-4ol8Owlv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/VmGB6cPyuah2x3R1xN25P9QYb44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d048f6-341c-4c64-b3d9-15d5deb228dd/1/GQTOKOrmgsl6zS2GL-4ol8Owlv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.192.0/19
37.114.128.0/18
Signature Algorithm: sha256WithRSAEncryption
48:61:b5:e0:27:9d:63:e8:d5:38:58:d8:d0:0b:f7:03:07:c9:
d3:c4:27:22:8b:3f:72:32:de:f5:5b:d0:5f:23:7e:ad:3c:e8:
0c:62:34:86:a1:83:c9:63:70:27:3a:90:36:55:32:ac:f2:45:
4c:a3:55:46:e5:6f:1e:c7:b2:53:6a:c2:37:47:6f:cb:3c:99:
9b:92:7d:64:1d:c2:f4:1a:ac:96:10:de:03:a0:a3:81:eb:29:
e4:a2:13:81:1e:1f:4d:24:05:46:95:09:47:d4:49:7e:bb:a8:
9e:1e:14:ad:42:77:8b:94:4d:87:58:6b:e7:c2:92:5b:74:47:
f8:be:f4:d3:a1:4b:49:e4:0c:73:32:ed:67:56:cd:54:d7:91:
31:92:6c:5d:43:5c:f1:d9:ca:14:9f:da:7f:be:83:c5:8b:8f:
7f:e3:3f:17:85:b6:5b:69:08:a4:be:b0:83:20:ad:73:00:46:
be:d7:78:26:33:ed:34:7f:a0:15:ae:40:82:cc:c5:e5:c3:8f:
bc:9e:e9:f0:a9:8a:c9:4e:21:83:52:bd:20:53:cf:72:a9:34:
49:8f:b8:6d:80:92:ad:61:97:64:ff:9a:91:04:3b:ac:3b:24:
6d:1e:8f:d4:0b:6d:fa:68:16:b3:53:22:4a:8f:7a:3b:76:8c:
32:34:ce:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDhQEfHPjUo/+Qw0G9afluDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MDRjZTI4ZWFlNjgyYzk3YWNkMmQ4NjJmZWUyODk3YzNi
MDk2ZmQwHhcNMjQwNzIzMjAyMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYxODFlOWMzZjJiOWE4NzZjNzc0NzVjNGRkYjkzZmQ0MTg2ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqTxI290q+qoaOYL85Wv6k7pGWMf
5VFS9DOOdQlSCVgVCv7kiy8BxBkhuVNkDXsZOLTwE+lLAJW7a8WMxT9ZjcmRMh9b
FLWCV2L4YRZV6Gx8WO+kyKJHchayHts/izxOqFsersxt5ND0VHKxLZi6rpYoRz9V
0HUoPapc/bfGTz/oMTZ9mWvccJ3UUFvwdmHnJORnaBLDdjz6DghK8Nmm6EonZXUR
8KfoSYs2lcvWok8PJ3GuW8NYSkk3Gpbsm8YD81cNSsKpVD750BlRwgcrY81SRuSc
9qU8ggQaa4FSVb5nZ9g5xJkN4fBVS1JsbavGINucaV2LyUIRj8p1bKOwEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFZhgenD8rmodsd0dcTduT/UGG+OMB8GA1UdIwQY
MBaAFBkEzijq5oLJes0thi/uKJfDsJb9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1FUT0tPcm1nc2w2elMyR0wtNG9sOE93bHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9kMDQ4ZjYtMzQxYy00YzY0LWIzZDkt
MTVkNWRlYjIyOGRkLzEvVm1HQjZjUHl1YWgyeDNSMXhOMjVQOVFZYjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9kMDQ4ZjYtMzQxYy00YzY0LWIzZDktMTVkNWRlYjIyOGRk
LzEvR1FUT0tPcm1nc2w2elMyR0wtNG9sOE93bHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBfrAAwQG
JXKAMA0GCSqGSIb3DQEBCwUAA4IBAQBIYbXgJ51j6NU4WNjQC/cDB8nTxCciiz9y
Mt71W9BfI36tPOgMYjSGoYPJY3AnOpA2VTKs8kVMo1VG5W8ex7JTasI3R2/LPJmb
kn1kHcL0GqyWEN4DoKOB6ynkohOBHh9NJAVGlQlH1El+u6ieHhStQneLlE2HWGvn
wpJbdEf4vvTToUtJ5AxzMu1nVs1U15ExkmxdQ1zx2coUn9p/voPFi49/4z8XhbZb
aQikvrCDIK1zAEa+13gmM+00f6AVrkCCzMXlw4+8nunwqYrJTiGDUr0gU89yqTRJ
j7htgJKtYZdk/5qRBDusOyRtHo/UC236aBazUyJKj3o7dowyNM4o
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:02 2025 by rpki-client