Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/BrhE04MHYUarOhFiCCgur436Gv0.roa
File: BrhE04MHYUarOhFiCCgur436Gv0.roa (raw, json)
Hash identifier: 54f2FRzFeJ9ylbAk4awvyMfD4nsJ1XYAslOH0DJjA40=
Subject key identifier: 06:B8:44:D3:83:07:61:46:AB:3A:11:62:08:28:2E:AF:8D:FA:1A:FD
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 0196242C18CFB5C7E79C9AE5D1907AC7DEAA
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/BrhE04MHYUarOhFiCCgur436Gv0.roa
Signing time: Fri 11 Apr 2025 09:26:31 +0000
ROA not before: Fri 11 Apr 2025 09:26:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214113
IP address blocks: 192.140.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 12:16:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:2c:18:cf:b5:c7:e7:9c:9a:e5:d1:90:7a:c7:de:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Apr 11 09:26:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06b844d383076146ab3a116208282eaf8dfa1afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b5:4d:da:6a:b1:66:7e:ee:02:ee:26:b9:6c:
05:bf:6f:8f:3e:5a:bc:c3:bb:f0:0f:9a:53:fa:bb:
2b:b2:35:3c:50:82:ed:2a:dc:fa:40:7c:d4:73:c9:
0a:54:c9:70:c7:f0:42:db:95:13:a2:fa:35:46:30:
f4:aa:9d:bb:3d:62:d6:d1:0a:ac:d5:05:7f:67:4a:
fc:32:9f:73:62:42:bf:7f:cd:67:d8:01:ca:48:bd:
e3:46:6c:6d:46:66:c9:19:dc:ea:59:9d:bb:f0:cf:
19:ab:a5:c7:ce:2f:1a:1f:a4:17:53:5c:08:73:5c:
82:79:a0:b5:40:18:00:6c:a7:c4:6b:b8:39:1c:5b:
a6:a4:ca:eb:5c:25:98:78:97:88:32:fa:5c:1f:2c:
16:0a:53:3a:7a:16:78:07:3f:5c:c9:1e:46:04:80:
d9:a9:cc:03:c2:82:15:31:78:78:1c:df:d6:bf:14:
25:5f:53:50:6e:06:15:7e:41:53:65:d9:e5:2a:8d:
af:e4:fc:62:4a:15:c6:53:b6:56:27:99:9b:52:3b:
67:7f:3e:67:c0:ab:88:ce:a4:5e:b1:59:16:4f:d7:
43:60:0a:40:ad:d5:5d:ce:45:07:a8:92:ed:39:72:
e8:ec:3c:9c:ca:ba:57:84:81:26:40:58:72:c7:20:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B8:44:D3:83:07:61:46:AB:3A:11:62:08:28:2E:AF:8D:FA:1A:FD
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/BrhE04MHYUarOhFiCCgur436Gv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.140.231.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ea:b8:c3:d2:40:f0:e6:cb:72:2b:5f:fb:17:58:c6:16:2e:
cb:88:f6:59:c9:0f:80:91:f0:d9:31:1a:bd:f4:d7:90:58:d4:
28:30:c2:99:76:e1:00:cf:27:ef:e9:bc:93:43:66:5b:80:eb:
9b:65:c5:a8:c2:ac:8d:cd:51:00:e8:ee:a1:3b:90:d7:af:e2:
eb:e8:ab:ab:2f:a4:ae:13:b6:81:40:c4:28:57:c3:af:cb:3c:
dd:42:14:5b:29:5a:24:3d:f9:7f:e1:4e:f4:30:39:ae:59:20:
9e:9e:13:0d:37:32:22:4b:e7:d4:80:e5:61:05:0e:c4:88:8c:
10:a0:83:45:dc:65:19:b7:64:a6:39:f4:30:a7:bb:b4:82:e8:
9f:b3:cb:50:fe:cf:da:e5:da:74:ae:f7:dd:6e:15:59:7c:68:
cc:be:eb:2b:85:3e:fd:d7:72:73:c4:43:25:30:e6:57:95:56:
5a:8a:f2:f7:38:e3:33:27:45:36:34:0d:81:60:1f:80:d5:50:
13:ea:02:d1:ca:94:94:62:ee:75:92:d8:c0:07:52:b7:ca:b2:
c2:65:1f:20:66:b2:fd:a8:e8:a2:14:dd:e6:e2:05:bd:38:56:
7c:ad:bd:cc:ef:ab:26:bd:22:3f:06:4a:e7:9e:fd:22:7b:fa:
2c:9b:97:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYkLBjPtcfnnJrl0ZB6x96qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjUwNDExMDkyNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI4NDRkMzgzMDc2MTQ2YWIzYTExNjIwODI4MmVhZjhkZmExYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rVN2mqxZn7uAu4muWwFv2+PPlq8
w7vwD5pT+rsrsjU8UILtKtz6QHzUc8kKVMlwx/BC25UTovo1RjD0qp27PWLW0Qqs
1QV/Z0r8Mp9zYkK/f81n2AHKSL3jRmxtRmbJGdzqWZ278M8Zq6XHzi8aH6QXU1wI
c1yCeaC1QBgAbKfEa7g5HFumpMrrXCWYeJeIMvpcHywWClM6ehZ4Bz9cyR5GBIDZ
qcwDwoIVMXh4HN/WvxQlX1NQbgYVfkFTZdnlKo2v5PxiShXGU7ZWJ5mbUjtnfz5n
wKuIzqResVkWT9dDYApArdVdzkUHqJLtOXLo7DycyrpXhIEmQFhyxyBvvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAa4RNODB2FGqzoRYggoLq+N+hr9MB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvQnJoRTA0TUhZVWFyT2hGaUNDZ3VyNDM2R3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwIznMA0G
CSqGSIb3DQEBCwUAA4IBAQBp6rjD0kDw5styK1/7F1jGFi7LiPZZyQ+AkfDZMRq9
9NeQWNQoMMKZduEAzyfv6byTQ2ZbgOubZcWowqyNzVEA6O6hO5DXr+Lr6KurL6Su
E7aBQMQoV8OvyzzdQhRbKVokPfl/4U70MDmuWSCenhMNNzIiS+fUgOVhBQ7EiIwQ
oINF3GUZt2SmOfQwp7u0guifs8tQ/s/a5dp0rvfdbhVZfGjMvusrhT7913JzxEMl
MOZXlVZaivL3OOMzJ0U2NA2BYB+A1VAT6gLRypSUYu51ktjAB1K3yrLCZR8gZrL9
qOiiFN3m4gW9OFZ8rb3M76smvSI/Bkrnnv0ie/osm5e3
-----END CERTIFICATE-----
Generated at Fri May 2 02:07:35 2025 by rpki-client