Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/GNaNXEF0DpcM0HJRz_qGqRtfhfo.roa
File: GNaNXEF0DpcM0HJRz_qGqRtfhfo.roa (raw, json)
Hash identifier: P8EWrwZiohWXA72SPOKpqgbLr6F3rbOvAhXVSBrD65o=
Subject key identifier: 18:D6:8D:5C:41:74:0E:97:0C:D0:72:51:CF:FA:86:A9:1B:5F:85:FA
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186BFD1C2D06DA1E95DE70BE8D137A54315
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/GNaNXEF0DpcM0HJRz_qGqRtfhfo.roa
Signing time: Wed 08 Mar 2023 06:04:00 +0000
ROA not before: Wed 08 Mar 2023 06:04:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 163.171.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Mar 2023 04:18:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:d1:c2:d0:6d:a1:e9:5d:e7:0b:e8:d1:37:a5:43:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 8 06:04:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18d68d5c41740e970cd07251cffa86a91b5f85fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:98:44:f5:57:bb:ef:56:03:e9:c1:dc:aa:bf:
43:71:76:cb:82:f9:ce:2b:a8:0c:03:b2:70:8a:a1:
7f:0b:a8:4b:c0:67:11:1e:fa:f9:f1:dd:e7:e6:e3:
af:13:6f:14:b8:71:ba:cc:49:9f:47:cf:0f:8a:8f:
c7:85:66:59:03:42:b6:f6:8d:87:2a:f0:2c:99:74:
c3:b4:df:e5:33:a1:51:82:2f:79:10:0f:e0:9c:8d:
95:c9:96:f6:35:48:0f:99:cc:da:f9:5a:cb:ed:4e:
64:a5:a0:2c:6c:20:08:3c:75:ac:f8:02:c8:62:99:
ba:d4:d8:0b:20:3d:d4:3e:5b:3b:2e:93:7f:0b:05:
d9:92:0d:16:a2:16:a4:39:55:f7:5a:e8:70:f0:f2:
84:98:df:a1:35:65:4d:35:9e:aa:ae:61:bb:cb:ff:
1a:eb:13:c5:2d:df:0e:26:65:cc:c0:a2:c8:64:5e:
99:7a:b2:77:55:31:a8:a6:f3:a8:29:ab:a6:dd:77:
15:5f:d0:f2:ff:50:08:f0:75:c4:a3:0c:3a:76:6c:
c4:cf:f2:2c:b3:9a:9d:0c:53:51:24:99:64:c0:2f:
52:e8:2d:74:1e:53:dd:8c:8e:15:ed:87:7f:b0:bf:
79:b6:29:98:b3:00:da:1e:ac:7a:ee:91:0f:e0:27:
98:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D6:8D:5C:41:74:0E:97:0C:D0:72:51:CF:FA:86:A9:1B:5F:85:FA
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/GNaNXEF0DpcM0HJRz_qGqRtfhfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.89.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ab:e8:04:8c:c4:7d:56:8c:b4:eb:3f:83:aa:16:cf:2c:b7:
ff:d7:72:53:7d:32:aa:da:56:8f:c4:76:fa:b0:d7:52:10:3b:
c3:fa:ac:60:e5:d7:53:f3:a7:2a:21:46:49:4f:46:3e:6f:52:
a1:c9:0f:fd:b7:c1:eb:4b:b6:63:a3:61:6d:2a:3e:9c:cf:af:
6e:1a:15:5d:e3:ac:78:43:35:a8:6b:f7:25:97:86:ae:d7:f9:
b4:7a:da:79:f2:93:5b:56:1d:5f:bc:fb:ea:22:b4:2b:c2:69:
3a:f6:0d:17:79:e4:cc:ce:32:06:c7:aa:c8:8a:f9:96:57:a7:
11:8b:ef:6f:33:ca:e8:9b:06:42:57:0e:50:ff:d5:55:ab:2e:
da:be:66:38:d3:65:cc:b3:ea:a9:91:74:f6:2d:1f:0d:9d:fb:
32:2c:db:87:c2:18:09:6e:74:4a:47:9b:6e:52:18:3b:7a:19:
f1:39:89:0e:f8:8a:d2:a0:72:f1:4e:20:1b:5a:2d:ae:e9:e8:
16:fc:5b:29:45:3f:96:57:46:68:82:6b:76:f4:59:50:64:7f:
30:f1:e6:b0:a8:53:cd:cf:c2:55:b9:b8:f7:55:04:ae:09:c6:
be:17:35:7e:e0:0b:ed:3a:a1:98:b1:c0:99:5d:bf:f5:00:de:
b1:b1:61:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa/0cLQbaHpXecL6NE3pUMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA4MDYwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ2OGQ1YzQxNzQwZTk3MGNkMDcyNTFjZmZhODZhOTFiNWY4NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZhE9Ve771YD6cHcqr9DcXbLgvnO
K6gMA7JwiqF/C6hLwGcRHvr58d3n5uOvE28UuHG6zEmfR88Pio/HhWZZA0K29o2H
KvAsmXTDtN/lM6FRgi95EA/gnI2VyZb2NUgPmcza+VrL7U5kpaAsbCAIPHWs+ALI
Ypm61NgLID3UPls7LpN/CwXZkg0WohakOVX3Wuhw8PKEmN+hNWVNNZ6qrmG7y/8a
6xPFLd8OJmXMwKLIZF6ZerJ3VTGopvOoKaum3XcVX9Dy/1AI8HXEoww6dmzEz/Is
s5qdDFNRJJlkwC9S6C10HlPdjI4V7Yd/sL95timYswDaHqx67pEP4CeYkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjWjVxBdA6XDNByUc/6hqkbX4X6MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvR05hTlhFRjBEcGNNMEhKUnpfcUdxUnRmaGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo6tZMA0G
CSqGSIb3DQEBCwUAA4IBAQBFq+gEjMR9Voy06z+DqhbPLLf/13JTfTKq2laPxHb6
sNdSEDvD+qxg5ddT86cqIUZJT0Y+b1KhyQ/9t8HrS7Zjo2FtKj6cz69uGhVd46x4
QzWoa/cll4au1/m0etp58pNbVh1fvPvqIrQrwmk69g0XeeTMzjIGx6rIivmWV6cR
i+9vM8romwZCVw5Q/9VVqy7avmY402XMs+qpkXT2LR8NnfsyLNuHwhgJbnRKR5tu
Uhg7ehnxOYkO+IrSoHLxTiAbWi2u6egW/FspRT+WV0Zogmt29FlQZH8w8eawqFPN
z8JVubj3VQSuCca+FzV+4AvtOqGYscCZXb/1AN6xsWEP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org