Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/TGQCxXgpSiV50c6BlpVMlwvVDWA.roa
File: TGQCxXgpSiV50c6BlpVMlwvVDWA.roa (raw, json)
Hash identifier: A0EidLswW8DnOxEohTdMgQ1zaK/RxdM2RIQzfO2JUtk=
Subject key identifier: 4C:64:02:C5:78:29:4A:25:79:D1:CE:81:96:95:4C:97:0B:D5:0D:60
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 018571B9E4C1C8F1F8EE5539DF860F537CBA
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/TGQCxXgpSiV50c6BlpVMlwvVDWA.roa
Signing time: Mon 02 Jan 2023 09:04:46 +0000
ROA not before: Mon 02 Jan 2023 09:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47602
IP address blocks: 2a09:4200::/29 maxlen: 29
2a04:2b87::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:e4:c1:c8:f1:f8:ee:55:39:df:86:0f:53:7c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jan 2 09:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c6402c578294a2579d1ce8196954c970bd50d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f2:1c:c1:32:41:be:91:86:57:9e:15:65:3c:
dd:eb:5f:34:10:82:ca:14:e4:b1:58:81:7c:03:7a:
98:39:bf:5f:dd:b1:8e:a4:a9:40:43:ee:66:f7:ff:
de:1c:71:9f:80:a1:fe:43:50:f6:3b:da:07:24:59:
ef:ad:b9:75:7a:32:66:d7:5b:6c:3a:97:15:ba:15:
97:2a:26:c3:ab:0d:ef:63:ed:9f:9b:0a:c3:4d:73:
31:5b:89:2d:93:01:9a:c2:9a:d7:da:8b:99:3f:fa:
2e:34:61:20:2c:0f:b3:92:8f:9f:52:4f:90:44:e2:
a9:c9:5a:9d:b7:49:9c:51:fb:e0:0f:60:38:69:9f:
a8:27:09:1d:5c:c1:3a:7d:a3:3e:cd:96:73:da:f6:
e9:b3:52:10:8c:1e:8b:99:b6:45:f2:4f:94:64:b2:
fa:6c:52:e6:9e:2c:58:81:21:e5:27:68:94:6a:3e:
b8:bc:f3:f5:cb:bd:84:fc:47:8a:69:35:ff:29:d7:
d6:54:4a:af:72:1c:e9:ad:49:e5:78:4c:70:1a:a0:
0e:21:2f:b8:65:4e:9e:69:ac:2b:4e:1d:0e:15:5d:
4e:e3:01:aa:41:6c:d3:a2:93:eb:96:e1:9a:46:20:
40:9d:22:8a:5a:41:44:80:4e:3d:20:79:27:59:b4:
87:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:64:02:C5:78:29:4A:25:79:D1:CE:81:96:95:4C:97:0B:D5:0D:60
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/TGQCxXgpSiV50c6BlpVMlwvVDWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b87::/32
2a09:4200::/29
Signature Algorithm: sha256WithRSAEncryption
ae:f4:4f:4e:e7:6b:20:dc:e5:b9:17:ef:8e:f7:eb:d9:73:05:
17:50:0a:ac:55:1b:05:60:c1:d6:c5:29:17:13:ac:c0:0e:e3:
8d:a4:95:3a:db:ef:cf:21:ea:ef:7b:c3:46:aa:f5:fe:a5:56:
bc:75:45:6f:ae:48:c7:91:39:4d:5d:e2:d0:4c:0a:f5:ea:c2:
3e:01:da:c6:5c:3f:fb:16:e6:11:63:db:05:4b:73:56:20:6a:
7a:be:d2:d1:3c:5d:8c:5f:4c:4b:b4:a0:4e:70:4e:7c:be:c5:
7d:74:0f:1e:f3:3a:81:ca:0c:9c:1b:20:bd:35:b0:2c:5d:ca:
dc:00:3d:52:1f:39:6f:e4:71:6c:86:11:c3:73:d5:96:08:a3:
cc:28:fd:f1:18:fb:00:a9:05:3a:99:11:c8:12:44:ab:16:8f:
d1:c2:7c:79:81:51:ce:98:c9:3f:60:a4:40:1b:f3:db:ac:1d:
f0:28:56:4a:cd:3e:e7:6d:14:c8:87:ec:fa:f5:8e:11:31:3a:
7b:a8:33:d0:7b:87:f7:6d:2f:7a:1e:fd:72:83:24:e3:b2:47:
c8:1d:92:d4:72:6d:ef:63:49:7a:28:a9:aa:b8:2c:31:5c:49:
2b:39:11:72:c4:dc:dc:7f:69:6b:1b:7f:48:65:33:f5:dd:85:
9e:84:bb:10
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxueTByPH47lU534YPU3y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwMTAyMDkwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzY0MDJjNTc4Mjk0YTI1NzlkMWNlODE5Njk1NGM5NzBiZDUwZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvIcwTJBvpGGV54VZTzd6180EILK
FOSxWIF8A3qYOb9f3bGOpKlAQ+5m9//eHHGfgKH+Q1D2O9oHJFnvrbl1ejJm11ts
OpcVuhWXKibDqw3vY+2fmwrDTXMxW4ktkwGawprX2ouZP/ouNGEgLA+zko+fUk+Q
ROKpyVqdt0mcUfvgD2A4aZ+oJwkdXME6faM+zZZz2vbps1IQjB6LmbZF8k+UZLL6
bFLmnixYgSHlJ2iUaj64vPP1y72E/EeKaTX/KdfWVEqvchzprUnleExwGqAOIS+4
ZU6eaawrTh0OFV1O4wGqQWzTopPrluGaRiBAnSKKWkFEgE49IHknWbSHpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFExkAsV4KUoledHOgZaVTJcL1Q1gMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvVEdRQ3hYZ3BTaVY1MGM2QmxwVk1sd3ZWRFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgQrhwMF
AyoJQgAwDQYJKoZIhvcNAQELBQADggEBAK70T07nayDc5bkX747369lzBRdQCqxV
GwVgwdbFKRcTrMAO442klTrb788h6u97w0aq9f6lVrx1RW+uSMeROU1d4tBMCvXq
wj4B2sZcP/sW5hFj2wVLc1Yganq+0tE8XYxfTEu0oE5wTny+xX10Dx7zOoHKDJwb
IL01sCxdytwAPVIfOW/kcWyGEcNz1ZYIo8wo/fEY+wCpBTqZEcgSRKsWj9HCfHmB
Uc6YyT9gpEAb89usHfAoVkrNPudtFMiH7Pr1jhExOnuoM9B7h/dtL3oe/XKDJOOy
R8gdktRybe9jSXooqaq4LDFcSSs5EXLE3Nx/aWsbf0hlM/XdhZ6EuxA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org