Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/GpDmbLQRbpdTvNtBMuPLPoVc8Is.roa
File: GpDmbLQRbpdTvNtBMuPLPoVc8Is.roa (raw, json)
Hash identifier: LIJOJfrDPEpHY5dWjzE6WzkFSO9Nf15jvmeYgqloUKo=
Subject key identifier: 1A:90:E6:6C:B4:11:6E:97:53:BC:DB:41:32:E3:CB:3E:85:5C:F0:8B
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 018571B0FBF93C05E59540A1A0FCF3F3FC5C
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/GpDmbLQRbpdTvNtBMuPLPoVc8Is.roa
Signing time: Mon 02 Jan 2023 08:55:02 +0000
ROA not before: Mon 02 Jan 2023 08:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56729
IP address blocks: 89.40.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:fb:f9:3c:05:e5:95:40:a1:a0:fc:f3:f3:fc:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 2 08:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a90e66cb4116e9753bcdb4132e3cb3e855cf08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:aa:65:b4:98:c6:17:da:76:91:a5:17:ef:
de:05:6f:29:df:34:65:d5:29:5d:b8:d5:ae:dc:8f:
54:2f:10:ab:bc:24:e6:0a:82:21:87:5f:bd:1d:f6:
fa:08:f9:3a:ee:1a:1f:5b:c3:25:bb:66:7f:87:3b:
82:b9:52:d9:1e:ec:cf:28:ed:40:c4:9b:eb:95:ea:
42:e7:d6:9a:78:20:e2:89:19:80:1c:ce:ba:4b:c3:
f7:77:df:82:ff:3c:5e:3a:34:44:e4:95:52:32:e8:
ec:87:db:27:bf:89:94:78:50:2b:6b:c1:e6:7c:61:
d6:6b:9c:b6:23:5b:44:fa:4f:4d:6f:82:99:eb:18:
fa:b1:3d:17:23:25:a2:61:35:22:00:39:81:d8:29:
85:cc:88:d4:33:1e:93:21:7c:87:08:aa:1d:bc:7f:
5d:2d:f7:9e:d3:1f:a3:73:63:ac:32:22:74:50:96:
63:84:89:ae:e1:f0:75:76:5d:77:87:8a:43:05:59:
c6:cd:e2:38:ab:26:38:38:7d:d3:42:88:ee:d8:5f:
c0:60:01:83:2e:49:42:09:5b:17:cf:5b:7e:e7:e0:
5d:f8:1d:24:98:c7:25:16:8e:ec:00:47:3c:f7:ec:
b5:17:c4:01:96:68:f1:0e:36:67:28:0a:9f:86:dc:
87:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:90:E6:6C:B4:11:6E:97:53:BC:DB:41:32:E3:CB:3E:85:5C:F0:8B
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/GpDmbLQRbpdTvNtBMuPLPoVc8Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.96.0/22
Signature Algorithm: sha256WithRSAEncryption
31:01:7c:0b:5e:2a:3a:4b:26:2e:20:b6:c7:6e:ab:49:ee:59:
81:ae:61:7e:12:cc:07:08:8b:2a:0c:de:3d:f9:9a:ef:35:e4:
63:f2:63:f8:18:f2:d8:8a:e3:e5:8a:63:4b:9d:42:93:90:d2:
2d:f9:fc:ce:d3:92:60:35:e6:e0:6f:80:fe:ef:40:2e:9e:b7:
15:bb:b2:c1:1c:63:76:82:8a:f7:16:dd:12:e8:36:05:af:bd:
5f:4c:4d:b7:a7:bf:68:3b:3c:a5:bd:33:66:3b:86:90:6d:a7:
e7:76:f5:0d:c6:fc:31:3f:01:2e:3b:cf:aa:2c:bf:57:40:3d:
ba:38:10:f6:9e:97:ba:62:3e:eb:a6:8e:5e:95:90:b5:87:19:
c1:7d:e6:65:65:71:ef:5b:20:f9:8e:0a:91:64:6f:79:7c:65:
d4:cd:1f:3a:29:40:68:93:bc:b6:8a:d2:9b:5c:9a:9f:b7:ed:
65:ad:d6:5a:0f:04:99:86:e0:42:69:5e:a8:5a:51:90:41:e5:
64:e3:6b:66:56:16:58:5e:0d:a0:4f:99:d0:11:64:16:b5:3e:
07:d4:a7:2f:7e:93:c9:fd:f8:db:f7:2f:20:87:ef:63:8b:fd:
a1:86:2d:d3:ac:b2:19:12:67:16:77:76:20:66:0e:48:37:ac:
33:16:e1:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsPv5PAXllUChoPzz8/xcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjMwMTAyMDg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkwZTY2Y2I0MTE2ZTk3NTNiY2RiNDEzMmUzY2IzZTg1NWNmMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfKqZbSYxhfadpGlF+/eBW8p3zRl
1SlduNWu3I9ULxCrvCTmCoIhh1+9Hfb6CPk67hofW8Mlu2Z/hzuCuVLZHuzPKO1A
xJvrlepC59aaeCDiiRmAHM66S8P3d9+C/zxeOjRE5JVSMujsh9snv4mUeFAra8Hm
fGHWa5y2I1tE+k9Nb4KZ6xj6sT0XIyWiYTUiADmB2CmFzIjUMx6TIXyHCKodvH9d
Lfee0x+jc2OsMiJ0UJZjhImu4fB1dl13h4pDBVnGzeI4qyY4OH3TQoju2F/AYAGD
LklCCVsXz1t+5+Bd+B0kmMclFo7sAEc89+y1F8QBlmjxDjZnKAqfhtyHMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqQ5my0EW6XU7zbQTLjyz6FXPCLMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvR3BEbWJMUVJicGRUdk50Qk11UExQb1ZjOElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWShgMA0G
CSqGSIb3DQEBCwUAA4IBAQAxAXwLXio6SyYuILbHbqtJ7lmBrmF+EswHCIsqDN49
+ZrvNeRj8mP4GPLYiuPlimNLnUKTkNIt+fzO05JgNebgb4D+70AunrcVu7LBHGN2
gor3Ft0S6DYFr71fTE23p79oOzylvTNmO4aQbafndvUNxvwxPwEuO8+qLL9XQD26
OBD2npe6Yj7rpo5elZC1hxnBfeZlZXHvWyD5jgqRZG95fGXUzR86KUBok7y2itKb
XJqft+1lrdZaDwSZhuBCaV6oWlGQQeVk42tmVhZYXg2gT5nQEWQWtT4H1KcvfpPJ
/fjb9y8gh+9ji/2hhi3TrLIZEmcWd3YgZg5IN6wzFuF/
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:29:59 2024 by rpki-client on console-ams.rpki-client.org