Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GmDyIXgCwtN6rpQdpnWWnQ9X08M.roa
File: GmDyIXgCwtN6rpQdpnWWnQ9X08M.roa (raw, json)
Hash identifier: SvvHR0a+c15W2fo42DkRvupLvhiOleG8z0ClQVfIiDg=
Subject key identifier: 1A:60:F2:21:78:02:C2:D3:7A:AE:94:1D:A6:75:96:9D:0F:57:D3:C3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F1F797EA9E2755804635F93164B36A83D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GmDyIXgCwtN6rpQdpnWWnQ9X08M.roa
Signing time: Sat 27 Apr 2024 12:13:27 +0000
ROA not before: Sat 27 Apr 2024 12:13:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200239
IP address blocks: 193.124.90.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 12:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:79:7e:a9:e2:75:58:04:63:5f:93:16:4b:36:a8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 27 12:13:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a60f2217802c2d37aae941da675969d0f57d3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b8:32:a7:01:80:94:75:94:57:99:e4:24:da:
aa:51:4a:a4:be:f4:4e:ac:50:a2:30:e4:40:d5:e8:
46:90:60:d7:eb:ef:90:9f:35:83:8f:b1:e3:88:d0:
8e:f3:ef:3e:b7:eb:98:5b:82:8c:47:79:da:1a:0b:
b4:89:20:2c:09:00:5c:af:de:84:56:12:e3:ba:d1:
19:eb:4a:ad:f8:ed:14:b2:98:5e:9b:12:86:e5:6c:
bc:34:09:fd:4d:64:db:df:62:12:fc:e5:88:6c:92:
0d:c7:27:e1:e0:21:87:c5:88:2f:1c:5e:d8:e9:5e:
56:0a:f6:82:11:f7:6b:a6:0e:5d:5d:42:54:dd:14:
87:88:ec:9b:bf:ed:ae:08:e4:36:ea:00:04:42:a4:
88:a1:e9:5b:b1:50:1e:4e:bd:13:8e:e9:e1:58:e7:
c9:4e:53:ce:5a:d2:74:96:c2:da:f9:ad:47:72:75:
e9:c2:c3:24:e3:2a:90:3d:9c:62:11:78:eb:a3:5a:
b3:7a:13:40:f2:27:c5:cc:b3:42:61:93:64:d9:2a:
38:7f:f6:24:01:f5:56:46:2b:de:f5:b4:8b:0f:ea:
44:c2:63:11:a2:fb:55:bf:c5:80:c6:bc:73:16:e1:
da:e0:50:a5:63:b1:a7:59:4f:93:b0:3d:bf:49:25:
2b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:60:F2:21:78:02:C2:D3:7A:AE:94:1D:A6:75:96:9D:0F:57:D3:C3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/GmDyIXgCwtN6rpQdpnWWnQ9X08M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.90.0/24
194.87.91.0/24
Signature Algorithm: sha256WithRSAEncryption
07:49:d2:07:30:7d:82:42:4a:cf:0f:e3:c6:89:fd:40:a1:81:
da:ab:04:2c:5f:71:c5:bf:f9:d6:29:14:9e:14:b4:8c:02:be:
65:18:fd:4c:34:3d:30:ab:59:0d:76:d1:0a:4e:b5:c5:31:8f:
dc:7d:4d:b1:8b:78:26:74:88:33:ae:54:0c:70:8c:29:62:44:
d6:b5:03:3a:0d:6f:0b:db:9a:9e:e9:55:11:6d:f1:9d:fb:8a:
7a:83:8e:fa:3b:aa:17:35:19:7a:9a:5d:9c:9b:8a:04:e4:bc:
7d:b0:3c:4e:17:1f:eb:93:06:be:c8:f9:3b:e2:0b:99:b4:3b:
64:a8:f0:3e:2c:45:dc:d1:86:a0:d3:14:4d:06:96:92:b0:bf:
bd:42:ed:85:b9:b3:c3:eb:8a:41:15:2c:88:6f:f2:c6:d0:64:
a0:d7:68:a9:6b:7b:ba:4f:17:8e:e7:a2:14:3e:39:06:e5:aa:
f3:dc:55:a0:e5:18:0b:82:80:a1:ee:fa:fd:88:20:8b:c0:eb:
0f:25:ce:7f:07:f3:ff:e2:59:d1:bf:e1:10:ab:66:f7:f8:20:
c3:4e:05:38:c0:01:75:d8:9a:30:87:39:e5:8f:7f:60:e7:73:
cf:e6:81:bf:16:dd:95:b0:19:e5:e7:db:91:ba:ca:4d:01:52:
98:95:6c:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8feX6p4nVYBGNfkxZLNqg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDI3MTIxMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTYwZjIyMTc4MDJjMmQzN2FhZTk0MWRhNjc1OTY5ZDBmNTdkM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbgypwGAlHWUV5nkJNqqUUqkvvRO
rFCiMORA1ehGkGDX6++QnzWDj7HjiNCO8+8+t+uYW4KMR3naGgu0iSAsCQBcr96E
VhLjutEZ60qt+O0UsphemxKG5Wy8NAn9TWTb32IS/OWIbJINxyfh4CGHxYgvHF7Y
6V5WCvaCEfdrpg5dXUJU3RSHiOybv+2uCOQ26gAEQqSIoelbsVAeTr0TjunhWOfJ
TlPOWtJ0lsLa+a1HcnXpwsMk4yqQPZxiEXjro1qzehNA8ifFzLNCYZNk2So4f/Yk
AfVWRive9bSLD+pEwmMRovtVv8WAxrxzFuHa4FClY7GnWU+TsD2/SSUrLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpg8iF4AsLTeq6UHaZ1lp0PV9PDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR21EeUlYZ0N3dE42cnBRZHBuV1duUTlYMDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXxaAwQA
wldbMA0GCSqGSIb3DQEBCwUAA4IBAQAHSdIHMH2CQkrPD+PGif1AoYHaqwQsX3HF
v/nWKRSeFLSMAr5lGP1MND0wq1kNdtEKTrXFMY/cfU2xi3gmdIgzrlQMcIwpYkTW
tQM6DW8L25qe6VURbfGd+4p6g476O6oXNRl6ml2cm4oE5Lx9sDxOFx/rkwa+yPk7
4guZtDtkqPA+LEXc0Yag0xRNBpaSsL+9Qu2FubPD64pBFSyIb/LG0GSg12ipa3u6
TxeO56IUPjkG5arz3FWg5RgLgoCh7vr9iCCLwOsPJc5/B/P/4lnRv+EQq2b3+CDD
TgU4wAF12Jowhznlj39g53PP5oG/Ft2VsBnl59uRuspNAVKYlWxY
-----END CERTIFICATE-----
Generated at Mon Jul 8 14:04:15 2024 by rpki-client on console-ams.rpki-client.org