Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GpNBPWL74tPfmq_xa8nET9MTT0E.roa
File: GpNBPWL74tPfmq_xa8nET9MTT0E.roa (raw, json)
Hash identifier: rGPFUD44MXgx+dvFwN4zvxVFIwtCMl9z70lFEj2rKI0=
Subject key identifier: 1A:93:41:3D:62:FB:E2:D3:DF:9A:AF:F1:6B:C9:C4:4F:D3:13:4F:41
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01927145CC31C5A26C6B76F9841233443E54
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GpNBPWL74tPfmq_xa8nET9MTT0E.roa
Signing time: Wed 09 Oct 2024 12:34:12 +0000
ROA not before: Wed 09 Oct 2024 12:34:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214471
IP address blocks: 2.59.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 11:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:71:45:cc:31:c5:a2:6c:6b:76:f9:84:12:33:44:3e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 9 12:34:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a93413d62fbe2d3df9aaff16bc9c44fd3134f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1e:fe:82:6f:6f:a0:9e:77:29:bd:d7:9d:22:
a9:f4:a6:8d:12:4a:dd:b2:a6:e2:de:f0:1a:ce:e7:
13:7f:22:97:d0:26:7b:62:ce:db:3a:f1:a4:59:69:
84:e9:5d:4b:58:bd:3f:ba:ae:98:34:0e:d0:f6:7b:
38:38:83:7f:40:5b:d5:f2:ff:73:2a:f2:a2:d9:10:
d8:01:f0:13:c2:5c:8a:01:1d:88:15:72:a4:ca:89:
a0:ea:37:5b:1b:71:d6:0b:02:71:4c:e9:c7:24:2f:
95:a2:03:c4:73:60:64:0a:30:d3:eb:61:93:c1:d4:
d2:28:ea:20:ef:94:00:a0:a7:de:7a:cb:f5:7e:84:
4d:5a:fa:fe:24:7a:34:87:9d:06:98:4d:04:9e:a1:
fa:6f:27:0a:30:21:fa:38:fc:ed:10:a0:5e:dd:f9:
db:e0:d0:04:ec:fd:f9:04:07:ad:60:e8:72:ed:36:
65:83:f9:c7:9c:ee:87:80:96:37:6b:ff:f8:0c:4b:
a0:b4:26:b3:df:38:24:13:e0:ef:ca:34:c2:58:07:
01:64:95:ea:70:23:43:30:ce:ee:9a:82:fe:c9:20:
66:62:f4:62:31:0b:03:94:81:e5:1b:e6:83:3a:f0:
b5:e6:4f:69:8b:15:64:72:6a:22:de:36:99:db:cc:
c7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:93:41:3D:62:FB:E2:D3:DF:9A:AF:F1:6B:C9:C4:4F:D3:13:4F:41
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GpNBPWL74tPfmq_xa8nET9MTT0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:07:b9:81:f7:6b:2e:92:83:90:69:62:f0:98:b4:5a:41:50:
e2:e3:e4:78:d3:08:43:74:db:d4:75:08:87:d3:60:f5:18:69:
41:fc:e0:a6:c3:cf:64:6f:c5:e5:0d:16:63:e0:0f:62:61:95:
ef:29:41:d3:13:d2:dd:5a:85:d7:5a:82:17:bb:05:d0:5f:b1:
a0:30:28:76:48:fb:ee:ea:53:bd:33:eb:7e:df:15:0c:23:6b:
28:de:dd:86:bd:bf:4a:23:f8:ee:4a:5d:59:e4:85:3c:a9:bb:
da:f7:79:e2:65:2e:f4:43:ab:28:3b:f8:6c:eb:98:04:86:88:
62:74:7f:d6:bb:b9:47:d5:be:db:52:54:3c:78:b7:a0:7a:7a:
ad:cc:55:66:aa:e5:7f:50:56:05:21:59:8b:48:b8:5a:57:93:
38:cf:38:e8:7e:33:fd:b2:8e:c7:f3:1b:6c:41:22:10:b3:9a:
32:e7:19:6b:6a:ab:6a:14:78:0a:d9:bd:49:3f:ef:8e:70:76:
27:35:5d:27:5e:7c:26:d8:80:03:0a:51:88:c8:25:10:c5:ad:
84:30:58:e1:66:17:2c:58:76:d6:b2:7a:00:2d:73:0f:8e:20:
72:47:d2:2d:b8:81:7d:9d:d9:a6:dc:ec:4f:fe:3c:ca:da:7e:
74:fe:25:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJxRcwxxaJsa3b5hBIzRD5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA5MTIzNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkzNDEzZDYyZmJlMmQzZGY5YWFmZjE2YmM5YzQ0ZmQzMTM0ZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx7+gm9voJ53Kb3XnSKp9KaNEkrd
sqbi3vAazucTfyKX0CZ7Ys7bOvGkWWmE6V1LWL0/uq6YNA7Q9ns4OIN/QFvV8v9z
KvKi2RDYAfATwlyKAR2IFXKkyomg6jdbG3HWCwJxTOnHJC+VogPEc2BkCjDT62GT
wdTSKOog75QAoKfeesv1foRNWvr+JHo0h50GmE0EnqH6bycKMCH6OPztEKBe3fnb
4NAE7P35BAetYOhy7TZlg/nHnO6HgJY3a//4DEugtCaz3zgkE+DvyjTCWAcBZJXq
cCNDMM7umoL+ySBmYvRiMQsDlIHlG+aDOvC15k9pixVkcmoi3jaZ28zHEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqTQT1i++LT35qv8WvJxE/TE09BMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR3BOQlBXTDc0dFBmbXFfeGE4bkVUOU1UVDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjv8MA0G
CSqGSIb3DQEBCwUAA4IBAQCLB7mB92sukoOQaWLwmLRaQVDi4+R40whDdNvUdQiH
02D1GGlB/OCmw89kb8XlDRZj4A9iYZXvKUHTE9LdWoXXWoIXuwXQX7GgMCh2SPvu
6lO9M+t+3xUMI2so3t2Gvb9KI/juSl1Z5IU8qbva93niZS70Q6soO/hs65gEhohi
dH/Wu7lH1b7bUlQ8eLegenqtzFVmquV/UFYFIVmLSLhaV5M4zzjofjP9so7H8xts
QSIQs5oy5xlraqtqFHgK2b1JP++OcHYnNV0nXnwm2IADClGIyCUQxa2EMFjhZhcs
WHbWsnoALXMPjiByR9ItuIF9ndmm3OxP/jzK2n50/iXF
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:33:53 2024 by rpki-client on console-ams.rpki-client.org