Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/GnkCSa5xu8wO86KtNt8lbHu1pkI.roa
File: GnkCSa5xu8wO86KtNt8lbHu1pkI.roa (raw, json)
Hash identifier: oCNqOB3VqcyLY7k7vx8uWkOaQE1BuZCowLReQvHHnp8=
Subject key identifier: 1A:79:02:49:AE:71:BB:CC:0E:F3:A2:AD:36:DF:25:6C:7B:B5:A6:42
Certificate issuer: /CN=65dc6efa6b136b1e45e21e434e859a292d2e5e14
Certificate serial: 01859AA0E3F6620320113C85D8F353942887
Authority key identifier: 65:DC:6E:FA:6B:13:6B:1E:45:E2:1E:43:4E:85:9A:29:2D:2E:5E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zdxu-msTax5F4h5DToWaKS0uXhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/GnkCSa5xu8wO86KtNt8lbHu1pkI.roa
Signing time: Tue 10 Jan 2023 07:41:53 +0000
ROA not before: Tue 10 Jan 2023 07:41:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42184
IP address blocks: 185.124.232.0/22 maxlen: 24
2a06:b600::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 31 Jul 2023 08:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:a0:e3:f6:62:03:20:11:3c:85:d8:f3:53:94:28:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65dc6efa6b136b1e45e21e434e859a292d2e5e14
Validity
Not Before: Jan 10 07:41:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a790249ae71bbcc0ef3a2ad36df256c7bb5a642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7b:4d:42:2b:f8:1a:fb:8b:30:eb:8b:70:f6:
76:a2:5c:e5:df:6a:5a:7a:92:04:e7:7c:f0:02:ce:
64:94:15:1d:b0:f9:f8:80:c6:93:75:58:aa:fe:33:
2b:be:8f:6f:b4:b4:77:32:9e:47:84:47:0e:71:88:
8b:20:7b:30:48:14:76:4e:bd:21:cc:8b:7c:24:80:
2a:a8:a4:54:6e:d8:f0:55:51:e8:9b:03:0b:b2:8a:
2c:4e:6c:cf:ae:6b:66:ac:97:14:d9:17:ef:35:43:
75:ca:60:ae:2f:79:70:e2:fc:42:31:9c:63:33:30:
e0:74:7a:e8:e2:e9:c6:25:e7:36:81:52:10:38:86:
03:c2:ed:94:26:00:2f:1e:eb:eb:ae:92:43:0d:49:
03:33:70:39:a4:1d:76:f1:e4:cb:1a:87:02:19:42:
a3:78:a9:f9:b5:fd:48:f1:f4:c4:04:ef:25:20:b2:
ac:66:05:bf:47:93:d0:ab:8a:79:dc:ae:45:a3:52:
42:2a:b5:33:f0:3d:a7:7c:0e:7e:28:1d:51:70:9c:
a7:f4:6a:05:9e:13:19:2c:c6:12:19:58:8f:60:54:
d9:b6:bd:51:96:25:31:70:a7:53:32:f6:8d:5c:14:
f8:98:ca:05:36:c3:89:12:ab:e4:0d:53:fe:8b:db:
ba:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:79:02:49:AE:71:BB:CC:0E:F3:A2:AD:36:DF:25:6C:7B:B5:A6:42
X509v3 Authority Key Identifier:
keyid:65:DC:6E:FA:6B:13:6B:1E:45:E2:1E:43:4E:85:9A:29:2D:2E:5E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zdxu-msTax5F4h5DToWaKS0uXhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/GnkCSa5xu8wO86KtNt8lbHu1pkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/Zdxu-msTax5F4h5DToWaKS0uXhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.232.0/22
IPv6:
2a06:b600::/29
Signature Algorithm: sha256WithRSAEncryption
70:95:e9:0b:f9:f1:6a:2b:a1:d2:31:28:20:a9:b6:53:a2:8b:
ab:2b:71:4b:43:c0:13:83:1a:3f:b6:38:68:f4:f6:22:b8:1a:
ed:45:8e:8b:37:de:01:e8:89:83:0a:5f:81:6c:de:fd:1c:b8:
98:96:95:dd:4a:34:fb:7d:16:df:41:ec:2c:3e:80:da:2c:2c:
45:a1:52:1a:fc:33:68:3c:1f:43:5d:02:c3:be:e8:de:41:72:
a5:6d:d0:bb:09:72:0f:3b:52:eb:57:97:a2:e3:72:70:fc:8e:
bf:64:4e:6a:a7:57:72:3d:d5:da:f3:48:6a:1e:33:3d:3d:e9:
8b:70:d6:7f:a5:d5:d1:d7:c0:60:5c:49:05:38:71:e6:fc:2d:
cb:78:4a:25:96:15:8e:21:c7:a3:18:42:9a:f7:df:08:47:50:
71:0b:ba:a9:36:d1:f0:9f:40:3e:0d:9d:3c:d5:07:19:0b:ab:
66:a4:bd:f1:96:b2:6e:1c:ea:c0:a8:0c:b1:84:58:dd:7c:09:
c6:53:62:62:a1:0b:7f:e4:00:ce:27:31:74:3e:35:2e:bf:41:
c0:d3:e8:2d:b0:02:72:e5:28:c5:26:c0:29:59:d1:b6:4a:a5:
e4:00:a2:9b:1f:5d:e1:b4:68:00:d7:3a:b1:42:80:2e:1e:0f:
0b:d8:6f:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWaoOP2YgMgETyF2PNTlCiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGM2ZWZhNmIxMzZiMWU0NWUyMWU0MzRlODU5YTI5MmQy
ZTVlMTQwHhcNMjMwMTEwMDc0MTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc5MDI0OWFlNzFiYmNjMGVmM2EyYWQzNmRmMjU2YzdiYjVhNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3tNQiv4GvuLMOuLcPZ2olzl32pa
epIE53zwAs5klBUdsPn4gMaTdViq/jMrvo9vtLR3Mp5HhEcOcYiLIHswSBR2Tr0h
zIt8JIAqqKRUbtjwVVHomwMLsoosTmzPrmtmrJcU2RfvNUN1ymCuL3lw4vxCMZxj
MzDgdHro4unGJec2gVIQOIYDwu2UJgAvHuvrrpJDDUkDM3A5pB128eTLGocCGUKj
eKn5tf1I8fTEBO8lILKsZgW/R5PQq4p53K5Fo1JCKrUz8D2nfA5+KB1RcJyn9GoF
nhMZLMYSGViPYFTZtr1RliUxcKdTMvaNXBT4mMoFNsOJEqvkDVP+i9u6HQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBp5AkmucbvMDvOirTbfJWx7taZCMB8GA1UdIwQY
MBaAFGXcbvprE2seReIeQ06FmiktLl4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmR4dS1tc1RheDVGNGg1RFRvV2FLUzB1WGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81YWZiM2QtMGYzNy00NGIxLTgxMWUt
NDY2MTBmYThkNTZlLzEvR25rQ1NhNXh1OHdPODZLdE50OGxiSHUxcGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81YWZiM2QtMGYzNy00NGIxLTgxMWUtNDY2MTBmYThkNTZl
LzEvWmR4dS1tc1RheDVGNGg1RFRvV2FLUzB1WGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXzoMA0E
AgACMAcDBQMqBrYAMA0GCSqGSIb3DQEBCwUAA4IBAQBwlekL+fFqK6HSMSggqbZT
oourK3FLQ8ATgxo/tjho9PYiuBrtRY6LN94B6ImDCl+BbN79HLiYlpXdSjT7fRbf
QewsPoDaLCxFoVIa/DNoPB9DXQLDvujeQXKlbdC7CXIPO1LrV5ei43Jw/I6/ZE5q
p1dyPdXa80hqHjM9PemLcNZ/pdXR18BgXEkFOHHm/C3LeEollhWOIcejGEKa998I
R1BxC7qpNtHwn0A+DZ081QcZC6tmpL3xlrJuHOrAqAyxhFjdfAnGU2JioQt/5ADO
JzF0PjUuv0HA0+gtsAJy5SjFJsApWdG2SqXkAKKbH13htGgA1zqxQoAuHg8L2G/o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:14 2024 by rpki-client on console-ams.rpki-client.org