Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/Gs4tH4IVE2PsgHYc367W6VW4g-k.roa
File: Gs4tH4IVE2PsgHYc367W6VW4g-k.roa (raw, json)
Hash identifier: UNbfP0l2oHk4YAYsujSnSkxgPBkB8SPkF4o4TV+ALPQ=
Subject key identifier: 1A:CE:2D:1F:82:15:13:63:EC:80:76:1C:DF:AE:D6:E9:55:B8:83:E9
Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Certificate serial: 018CC4939D992DFCFA1AF7A1EDAFDD7B3C8B
Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/Gs4tH4IVE2PsgHYc367W6VW4g-k.roa
Signing time: Mon 01 Jan 2024 10:30:57 +0000
ROA not before: Mon 01 Jan 2024 10:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50994
IP address blocks: 2a02:4a40:108::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:9d:99:2d:fc:fa:1a:f7:a1:ed:af:dd:7b:3c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6
Validity
Not Before: Jan 1 10:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ace2d1f82151363ec80761cdfaed6e955b883e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:68:90:d1:a5:4d:4a:8c:a7:a6:73:b7:b2:
5c:78:b0:c8:5a:5b:d6:83:65:c1:9a:91:0e:00:7b:
8e:1a:95:a0:5c:21:4c:15:9a:ef:41:08:a0:c4:08:
5a:f3:22:c1:ea:49:37:ef:64:19:be:37:ca:96:d2:
02:83:2b:d0:54:2d:1c:3a:2b:34:2e:ef:bb:f3:04:
ca:0b:ee:46:c3:a0:09:07:fb:1f:b2:75:35:34:98:
40:2c:56:1d:6b:ac:7f:0c:9d:bd:f4:c7:8e:a1:6d:
a6:a9:5b:b5:73:8f:a3:26:d5:a1:22:34:b9:57:8d:
96:9e:27:c9:a7:30:80:15:da:11:11:e1:1c:25:10:
31:78:94:4e:32:ba:ef:1b:ab:8d:b3:9e:99:be:26:
f9:42:f7:96:7d:53:65:b3:ca:5d:f3:38:b5:19:cc:
58:56:73:91:fb:d2:0c:e9:f9:4f:db:3c:3d:d5:ed:
a2:6a:be:cf:71:e2:1f:84:d9:6d:f4:64:a1:1c:87:
5c:8a:b2:c5:cb:c3:16:1a:35:e3:73:f5:97:e5:c3:
32:3f:fc:80:72:a4:0a:65:b6:74:59:2b:31:2c:10:
d4:63:d5:7e:a3:9f:06:80:4a:1e:56:aa:02:97:0e:
18:10:54:a2:e3:61:39:56:93:76:3f:15:97:fc:e2:
e1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:CE:2D:1F:82:15:13:63:EC:80:76:1C:DF:AE:D6:E9:55:B8:83:E9
X509v3 Authority Key Identifier:
keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/Gs4tH4IVE2PsgHYc367W6VW4g-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:4a40:108::/48
Signature Algorithm: sha256WithRSAEncryption
9b:a2:fc:dc:c9:13:4d:85:69:f8:16:9d:e9:c4:4d:57:6c:0b:
47:f5:04:3b:ef:dd:6f:c5:00:24:67:d1:dc:df:b0:85:d4:04:
b5:21:34:98:bd:b2:41:4d:2d:b9:b6:b1:6d:de:a5:c2:c8:57:
75:52:fa:b7:43:b5:c5:f8:59:a8:be:0b:32:e7:e9:07:74:71:
d0:5f:6c:3e:07:2c:3c:0a:93:14:e3:58:08:7d:6d:dd:f6:db:
69:ea:d1:bd:50:06:0b:c8:f4:72:36:e3:e0:d9:6b:97:f4:8f:
20:b0:66:c7:32:aa:d0:16:c5:18:dc:ff:3f:8f:33:2a:89:4a:
1e:8d:7b:ba:3d:f8:2a:c1:ce:af:b3:a9:ae:17:dc:aa:11:15:
20:38:11:a3:49:b8:43:0d:1f:35:09:56:b8:30:6f:86:52:13:
3a:f4:c6:6a:cc:a5:50:9b:c8:3b:34:6c:32:0f:37:d2:d0:06:
f2:d6:26:a8:10:25:91:8a:02:c7:e0:70:d0:40:f2:5f:51:c4:
99:94:91:d6:f8:d9:0c:fd:f9:4d:09:8b:37:f6:ed:bc:14:59:
84:a4:46:83:e8:fd:b5:90:26:f6:83:31:73:7a:f0:8b:49:f2:
76:98:c6:73:0e:8b:2d:f4:9f:19:9f:ec:47:63:17:11:21:20:
c8:87:a1:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEk52ZLfz6Gveh7a/dezyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5
ZGYzZDYwHhcNMjQwMTAxMTAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWNlMmQxZjgyMTUxMzYzZWM4MDc2MWNkZmFlZDZlOTU1Yjg4M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDNokNGlTUqMp6Zzt7JceLDIWlvW
g2XBmpEOAHuOGpWgXCFMFZrvQQigxAha8yLB6kk372QZvjfKltICgyvQVC0cOis0
Lu+78wTKC+5Gw6AJB/sfsnU1NJhALFYda6x/DJ299MeOoW2mqVu1c4+jJtWhIjS5
V42WnifJpzCAFdoREeEcJRAxeJROMrrvG6uNs56Zvib5QveWfVNls8pd8zi1GcxY
VnOR+9IM6flP2zw91e2iar7PceIfhNlt9GShHIdcirLFy8MWGjXjc/WX5cMyP/yA
cqQKZbZ0WSsxLBDUY9V+o58GgEoeVqoClw4YEFSi42E5VpN2PxWX/OLhPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBrOLR+CFRNj7IB2HN+u1ulVuIPpMB8GA1UdIwQY
MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt
MzBmNjA4YWRlNDhkLzEvR3M0dEg0SVZFMlBzZ0hZYzM2N1c2Vlc0Zy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk
LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgJKQAEI
MA0GCSqGSIb3DQEBCwUAA4IBAQCbovzcyRNNhWn4Fp3pxE1XbAtH9QQ7791vxQAk
Z9Hc37CF1AS1ITSYvbJBTS25trFt3qXCyFd1Uvq3Q7XF+Fmovgsy5+kHdHHQX2w+
Byw8CpMU41gIfW3d9ttp6tG9UAYLyPRyNuPg2WuX9I8gsGbHMqrQFsUY3P8/jzMq
iUoejXu6Pfgqwc6vs6muF9yqERUgOBGjSbhDDR81CVa4MG+GUhM69MZqzKVQm8g7
NGwyDzfS0Aby1iaoECWRigLH4HDQQPJfUcSZlJHW+NkM/flNCYs39u28FFmEpEaD
6P21kCb2gzFzevCLSfJ2mMZzDost9J8Zn+xHYxcRISDIh6GZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:04:28 2025 by rpki-client