Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gGMKpuTD3xIx2zDHBONK2dxNs5o.roa
File: gGMKpuTD3xIx2zDHBONK2dxNs5o.roa (raw, json)
Hash identifier: GtMc6yFzNZ4vYxIbbRmPFpTN1jINh3gCL3u/s2m8BRs=
Subject key identifier: 80:63:0A:A6:E4:C3:DF:12:31:DB:30:C7:04:E3:4A:D9:DC:4D:B3:9A
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8EDC6447E4499A9E59BF1C0E52C65
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gGMKpuTD3xIx2zDHBONK2dxNs5o.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211738
IP address blocks: 2a0c:9a40:82d0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Mar 2024 23:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ed:c6:44:7e:44:99:a9:e5:9b:f1:c0:e5:2c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80630aa6e4c3df1231db30c704e34ad9dc4db39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c9:55:bc:04:10:5b:55:74:ca:29:3f:c3:19:
f0:67:d3:48:a6:d7:89:e6:0a:60:86:67:b2:65:69:
19:de:4a:ca:db:69:94:45:ea:28:42:da:e7:6e:b0:
49:7e:18:dc:fe:d2:5f:05:44:99:9c:32:05:15:fc:
38:02:80:a8:ca:0b:25:35:e1:b3:49:2c:b5:e8:7e:
cf:d5:9e:8d:92:ae:c2:4e:e1:46:17:81:9a:1f:06:
e4:cd:82:b8:ef:b8:fd:5f:05:74:56:a4:7a:f0:7f:
6c:01:91:3c:3d:ea:d7:8a:ad:a0:4d:6f:70:10:6f:
0b:4c:85:be:88:0e:28:d2:2a:d6:c0:37:be:ac:1a:
69:20:44:c6:0f:40:31:13:22:58:25:40:75:f7:71:
9f:63:d1:f9:32:74:6b:60:87:04:b4:47:b4:67:6c:
4e:f3:d2:c2:8d:86:93:b2:f5:ae:35:21:ff:d3:99:
8a:68:3a:21:00:1f:74:f6:8b:42:16:8d:18:92:b7:
b5:a9:4e:8e:4d:03:12:71:c2:d0:70:c4:d2:52:1d:
3f:03:94:d4:65:52:34:e0:cd:bc:06:47:f0:02:db:
57:7c:ba:e7:15:48:93:c0:d7:b0:8e:ae:a0:ca:34:
38:1a:18:57:d2:9d:bb:fa:a2:8b:64:46:e4:ee:6b:
3a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:63:0A:A6:E4:C3:DF:12:31:DB:30:C7:04:E3:4A:D9:DC:4D:B3:9A
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gGMKpuTD3xIx2zDHBONK2dxNs5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:82d0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:b5:62:ff:98:19:fc:4c:86:8b:6b:32:ef:c8:f0:bb:a4:8b:
c9:97:18:14:b1:86:d3:1a:a9:b0:33:d9:17:e9:f5:a9:01:9a:
86:72:2a:b3:39:1c:70:63:72:fb:20:bf:fb:d8:fc:41:95:4e:
93:bb:ae:e8:31:54:a1:d8:bc:0c:38:9d:e0:f6:91:4a:a2:24:
87:6c:70:b9:fa:64:60:ea:9a:13:1e:dc:75:91:ad:42:f7:28:
40:5c:de:62:e6:f7:d2:d8:c3:cd:c4:0c:8d:08:68:8d:71:b0:
ab:3d:a7:f5:e0:29:b3:bc:ea:0f:17:01:7f:20:4c:ac:42:13:
d5:51:29:a7:d5:66:f1:49:71:c5:3b:6d:ed:d8:92:22:08:5c:
8f:09:ae:ff:29:95:2e:76:86:32:22:1f:ea:68:88:04:c0:b9:
44:df:5e:60:f1:b5:3e:fc:a7:9c:2f:5d:c3:bb:e8:c9:e5:f7:
87:f2:02:a5:23:cd:d1:e6:21:b4:6f:15:85:71:e4:1b:51:4b:
28:20:77:31:b4:b6:8c:9d:79:40:83:6d:da:ba:b8:7b:6d:8e:
48:bc:60:61:b6:48:ec:89:45:16:f5:4b:56:05:01:71:1f:6a:
00:37:5c:ef:58:d7:9f:93:83:00:f7:6e:ce:fd:3b:b8:e2:06:
5d:3a:3c:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuO3GRH5Emanlm/HA5SxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDYzMGFhNmU0YzNkZjEyMzFkYjMwYzcwNGUzNGFkOWRjNGRiMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8lVvAQQW1V0yik/wxnwZ9NIpteJ
5gpghmeyZWkZ3krK22mUReooQtrnbrBJfhjc/tJfBUSZnDIFFfw4AoCoygslNeGz
SSy16H7P1Z6Nkq7CTuFGF4GaHwbkzYK477j9XwV0VqR68H9sAZE8PerXiq2gTW9w
EG8LTIW+iA4o0irWwDe+rBppIETGD0AxEyJYJUB193GfY9H5MnRrYIcEtEe0Z2xO
89LCjYaTsvWuNSH/05mKaDohAB909otCFo0Ykre1qU6OTQMSccLQcMTSUh0/A5TU
ZVI04M28BkfwAttXfLrnFUiTwNewjq6gyjQ4GhhX0p27+qKLZEbk7ms6UQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIBjCqbkw98SMdswxwTjStncTbOaMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZ0dNS3B1VEQzeEl4MnpESEJPTksyZHhOczVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQILQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB7tWL/mBn8TIaLazLvyPC7pIvJlxgUsYbTGqmw
M9kX6fWpAZqGciqzORxwY3L7IL/72PxBlU6Tu67oMVSh2LwMOJ3g9pFKoiSHbHC5
+mRg6poTHtx1ka1C9yhAXN5i5vfS2MPNxAyNCGiNcbCrPaf14CmzvOoPFwF/IEys
QhPVUSmn1WbxSXHFO23t2JIiCFyPCa7/KZUudoYyIh/qaIgEwLlE315g8bU+/Kec
L13Du+jJ5feH8gKlI83R5iG0bxWFceQbUUsoIHcxtLaMnXlAg23aurh7bY5IvGBh
tkjsiUUW9UtWBQFxH2oAN1zvWNefk4MA927O/Tu44gZdOjx9
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:14 2025 by rpki-client