Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gncGjalkxnrGlgMARWdTydh1s6s.roa
File: gncGjalkxnrGlgMARWdTydh1s6s.roa (raw, json)
Hash identifier: yxv47FAX1s7B0vGkBV9aoCOFCfV5vKXftfhIIxAejhk=
Subject key identifier: 82:77:06:8D:A9:64:C6:7A:C6:96:03:00:45:67:53:C9:D8:75:B3:AB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018A90EDFC0F7F4FF68B64CD3E47314FDC93
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gncGjalkxnrGlgMARWdTydh1s6s.roa
Signing time: Wed 13 Sep 2023 23:43:50 +0000
ROA not before: Wed 13 Sep 2023 23:43:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216339
IP address blocks: 2a0c:9a40:8310::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:90:ed:fc:0f:7f:4f:f6:8b:64:cd:3e:47:31:4f:dc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Sep 13 23:43:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8277068da964c67ac6960300456753c9d875b3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:62:16:f2:c6:45:44:09:bb:0d:d8:e3:aa:6f:
c0:7a:e9:f2:ca:8a:9b:9b:cf:24:87:05:05:a5:49:
20:a1:3e:0c:84:8c:73:9a:51:a5:51:1e:16:43:28:
3d:78:ff:16:b3:07:cd:5a:af:ab:01:1f:af:7c:99:
6e:20:b1:4a:9c:54:3c:cd:88:75:d0:32:f1:68:0c:
1d:65:e9:8c:b9:40:57:be:3e:13:f5:c4:08:f6:39:
5d:f8:06:3b:21:eb:c8:60:d2:b1:4c:0f:c4:d1:35:
57:bf:76:72:eb:ac:b1:a9:7d:80:63:a6:90:6e:97:
87:14:40:47:f6:18:cc:da:58:25:dc:02:9f:32:ff:
7e:34:cc:c9:1f:37:ea:ec:8d:c8:a0:de:ca:1f:4a:
8b:9e:d5:cf:52:96:a1:3b:5f:85:fa:73:c1:ff:64:
b1:43:52:4b:d5:dc:fe:67:37:02:bf:73:34:19:03:
f7:b3:cd:05:3b:73:3c:33:29:4a:75:8e:84:04:84:
54:57:d9:16:e3:b2:cb:17:6d:1d:7d:4a:c7:f2:c9:
9b:c5:8a:10:eb:e5:c0:2e:dd:82:83:34:27:68:2b:
bf:5c:18:75:31:6e:6b:1a:7f:fe:49:27:0b:30:72:
77:a0:dc:72:e5:29:5a:19:9c:b1:16:23:56:84:4c:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:77:06:8D:A9:64:C6:7A:C6:96:03:00:45:67:53:C9:D8:75:B3:AB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gncGjalkxnrGlgMARWdTydh1s6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8310::/48
Signature Algorithm: sha256WithRSAEncryption
c6:be:08:81:ad:8a:5f:76:33:79:de:93:86:45:be:19:65:fb:
f2:62:b9:83:31:08:f2:0b:ef:29:f5:1c:a1:6c:66:83:1d:1a:
a8:0e:08:a7:a3:4c:06:8b:96:46:f6:23:4b:fb:20:10:e4:a6:
1b:4a:20:6f:71:f6:43:10:39:9b:77:07:f7:8c:f2:5b:1f:a0:
e3:a1:88:c4:71:73:e8:19:9d:50:ca:f6:b4:e7:b0:a6:1c:29:
89:eb:40:3d:4c:bc:d3:fa:48:0f:6c:ab:b3:a8:c1:24:5e:78:
a9:23:b0:4b:0e:11:f6:d4:1f:74:7c:32:2e:a1:89:4b:cb:44:
06:e6:8d:04:c7:f9:97:03:65:6f:4e:41:7b:6f:33:62:b7:1e:
61:3c:80:64:e3:0c:14:74:04:61:ec:7d:34:13:18:8b:5b:08:
3e:ec:34:38:f2:26:c1:07:de:71:71:50:e7:f2:60:ca:9a:02:
78:1d:c9:67:a8:76:b4:e4:8d:ec:28:3b:3e:9f:04:63:a1:fc:
41:ef:ce:25:81:8a:31:cb:75:5e:db:2a:a6:9e:4f:f7:ad:9d:
ab:c4:fa:12:3d:90:c1:6d:d8:2b:31:7f:42:1a:4e:a9:98:3d:
c0:81:9d:9d:56:6f:93:2b:2e:82:5e:6c:4b:10:87:41:de:ae:
d4:54:18:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqQ7fwPf0/2i2TNPkcxT9yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwOTEzMjM0MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc3MDY4ZGE5NjRjNjdhYzY5NjAzMDA0NTY3NTNjOWQ4NzViM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWIW8sZFRAm7Ddjjqm/Aeunyyoqb
m88khwUFpUkgoT4MhIxzmlGlUR4WQyg9eP8WswfNWq+rAR+vfJluILFKnFQ8zYh1
0DLxaAwdZemMuUBXvj4T9cQI9jld+AY7IevIYNKxTA/E0TVXv3Zy66yxqX2AY6aQ
bpeHFEBH9hjM2lgl3AKfMv9+NMzJHzfq7I3IoN7KH0qLntXPUpahO1+F+nPB/2Sx
Q1JL1dz+ZzcCv3M0GQP3s80FO3M8MylKdY6EBIRUV9kW47LLF20dfUrH8smbxYoQ
6+XALt2CgzQnaCu/XBh1MW5rGn/+SScLMHJ3oNxy5SlaGZyxFiNWhExENQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIJ3Bo2pZMZ6xpYDAEVnU8nYdbOrMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZ25jR2phbGt4bnJHbGdNQVJXZFR5ZGgxczZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDGvgiBrYpfdjN53pOGRb4ZZfvyYrmDMQjyC+8p
9RyhbGaDHRqoDgino0wGi5ZG9iNL+yAQ5KYbSiBvcfZDEDmbdwf3jPJbH6DjoYjE
cXPoGZ1Qyva057CmHCmJ60A9TLzT+kgPbKuzqMEkXnipI7BLDhH21B90fDIuoYlL
y0QG5o0Ex/mXA2VvTkF7bzNitx5hPIBk4wwUdARh7H00ExiLWwg+7DQ48ibBB95x
cVDn8mDKmgJ4HclnqHa05I3sKDs+nwRjofxB784lgYoxy3Ve2yqmnk/3rZ2rxPoS
PZDBbdgrMX9CGk6pmD3AgZ2dVm+TKy6CXmxLEIdB3q7UVBhm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org