Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/G5MCkNMWU5fdQbl_c7YYJgketKI.roa
File: G5MCkNMWU5fdQbl_c7YYJgketKI.roa (raw, json)
Hash identifier: HdeTw+jmOPiahPjG0Pum7APe5xO7w7mqJME6f3pIV40=
Subject key identifier: 1B:93:02:90:D3:16:53:97:DD:41:B9:7F:73:B6:18:26:09:1E:B4:A2
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018571278D7B189126BF2DF5E76EA1C50307
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/G5MCkNMWU5fdQbl_c7YYJgketKI.roa
Signing time: Mon 02 Jan 2023 06:24:55 +0000
ROA not before: Mon 02 Jan 2023 06:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 2a10:1fc0:9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:8d:7b:18:91:26:bf:2d:f5:e7:6e:a1:c5:03:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 2 06:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b930290d3165397dd41b97f73b61826091eb4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:89:37:be:dd:66:88:88:bc:53:69:f8:e7:
8d:f8:88:f2:31:14:83:1a:b6:db:66:d3:f6:4d:9c:
f9:a7:0e:31:7a:d2:b5:88:6f:3d:e6:9c:db:15:d6:
1b:b0:47:9f:a7:36:04:78:4d:00:e8:dc:54:6f:1a:
6b:f0:b2:b3:38:03:00:33:f3:a6:1d:5e:39:83:3b:
ed:1e:ca:f8:09:50:3b:af:71:26:6d:57:fd:4f:d9:
32:a5:3e:8d:2c:01:3b:0a:d9:e0:ac:fe:8b:75:94:
d1:eb:c2:c4:59:3e:ac:1a:b6:3a:e5:68:60:9d:4e:
d2:8a:b2:02:69:78:8b:49:c8:3e:f9:e2:03:81:c1:
17:b3:22:22:a4:86:29:d9:66:7c:64:41:cd:60:51:
ec:66:db:6a:8e:c8:e1:19:e0:93:fd:24:08:24:e6:
1e:50:29:4a:cb:bb:ab:b4:97:3b:4a:6c:89:2e:5f:
49:29:ee:e9:34:19:1e:0c:8a:b5:a7:9f:07:34:df:
70:51:8b:5d:0b:eb:21:fa:29:4f:1f:ec:2d:42:75:
b7:6d:fb:f1:98:6e:07:fa:f5:24:14:bb:df:18:73:
34:78:15:19:2e:67:13:6c:e0:72:98:af:99:d4:1a:
2f:7a:72:0c:15:6b:de:42:e2:de:77:89:2e:4b:b0:
7d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:93:02:90:D3:16:53:97:DD:41:B9:7F:73:B6:18:26:09:1E:B4:A2
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/G5MCkNMWU5fdQbl_c7YYJgketKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:1fc0:9::/48
Signature Algorithm: sha256WithRSAEncryption
43:82:57:77:64:cd:5a:78:fd:65:d8:40:44:e2:84:e2:6b:9f:
be:3f:2c:3a:bb:56:67:0f:00:34:4d:7f:22:f0:4e:e2:9a:b6:
a5:a6:2a:fd:86:59:c0:5f:98:24:d5:61:d1:be:ed:01:b9:8c:
bf:be:3f:75:6e:52:05:83:5d:c8:59:16:64:c2:2e:2a:39:17:
79:15:26:75:4f:14:a0:3e:b0:be:82:1e:84:78:ee:d2:60:13:
4e:10:f6:34:f1:ad:a5:71:89:07:70:46:87:e2:0c:63:fd:26:
cd:24:d0:f4:0e:43:cb:07:b1:fc:47:20:18:44:23:89:bc:e6:
c2:17:d8:bd:ff:95:a3:0a:4a:63:e7:7b:55:a7:68:ce:84:84:
db:a1:de:8e:d1:f7:36:80:e6:f9:e9:04:c5:87:dd:29:8e:9d:
d3:94:3b:03:5d:d1:84:69:4c:72:01:5a:92:47:12:bc:75:13:
7f:ec:74:74:df:c8:3d:7b:07:0f:c2:04:cf:cb:48:cd:98:02:
a2:77:28:4a:85:ea:57:d5:c0:e4:c1:60:fa:d6:e3:ab:c9:51:
c7:e3:d7:ea:37:04:ec:68:9d:93:be:14:b8:e7:2d:5d:d8:a9:
02:a7:db:4a:19:ac:c1:ad:dc:b1:a1:d3:cb:c0:f6:2f:14:05:
dd:b4:ec:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxJ417GJEmvy31526hxQMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjMwMTAyMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkzMDI5MGQzMTY1Mzk3ZGQ0MWI5N2Y3M2I2MTgyNjA5MWViNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsraJN77dZoiIvFNp+OeN+IjyMRSD
GrbbZtP2TZz5pw4xetK1iG895pzbFdYbsEefpzYEeE0A6NxUbxpr8LKzOAMAM/Om
HV45gzvtHsr4CVA7r3EmbVf9T9kypT6NLAE7CtngrP6LdZTR68LEWT6sGrY65Whg
nU7SirICaXiLScg++eIDgcEXsyIipIYp2WZ8ZEHNYFHsZttqjsjhGeCT/SQIJOYe
UClKy7urtJc7SmyJLl9JKe7pNBkeDIq1p58HNN9wUYtdC+sh+ilPH+wtQnW3bfvx
mG4H+vUkFLvfGHM0eBUZLmcTbOBymK+Z1BovenIMFWveQuLed4kuS7B9+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBuTApDTFlOX3UG5f3O2GCYJHrSiMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvRzVNQ2tOTVdVNWZkUWJsX2M3WVlKZ2tldEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAfwAAJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBDgld3ZM1aeP1l2EBE4oTia5++Pyw6u1ZnDwA0
TX8i8E7imralpir9hlnAX5gk1WHRvu0BuYy/vj91blIFg13IWRZkwi4qORd5FSZ1
TxSgPrC+gh6EeO7SYBNOEPY08a2lcYkHcEaH4gxj/SbNJND0DkPLB7H8RyAYRCOJ
vObCF9i9/5WjCkpj53tVp2jOhITbod6O0fc2gOb56QTFh90pjp3TlDsDXdGEaUxy
AVqSRxK8dRN/7HR038g9ewcPwgTPy0jNmAKidyhKhepX1cDkwWD61uOryVHH49fq
NwTsaJ2TvhS45y1d2KkCp9tKGazBrdyxodPLwPYvFAXdtOyN
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:52 2024 by rpki-client on console-fra.rpki-client.org