Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/g23-oIbWoQ8i1SukSCq_82J0D7Q.roa
File: g23-oIbWoQ8i1SukSCq_82J0D7Q.roa (raw, json)
Hash identifier: 8NXuEY6vXu3TswDSeha11m4aOZyIB5sEh4RrZ9TgV4c=
Subject key identifier: 83:6D:FE:A0:86:D6:A1:0F:22:D5:2B:A4:48:2A:BF:F3:62:74:0F:B4
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0192B9A1BAA24B74CC8A2843EE5045A15EEC
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/g23-oIbWoQ8i1SukSCq_82J0D7Q.roa
Signing time: Wed 23 Oct 2024 13:47:17 +0000
ROA not before: Wed 23 Oct 2024 13:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:dfc0::/32 maxlen: 32
2a0e:dfc3::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:a1:ba:a2:4b:74:cc:8a:28:43:ee:50:45:a1:5e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Oct 23 13:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=836dfea086d6a10f22d52ba4482abff362740fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7a:0c:1b:9b:c1:f9:b2:0c:79:75:79:ff:09:
ca:92:eb:e4:c8:e5:9b:49:68:47:b4:c7:74:17:f1:
f4:b0:22:10:c2:64:cf:64:b1:42:a3:1e:12:e7:12:
88:22:f9:bf:5e:ef:31:c4:d0:59:59:da:49:3c:3e:
38:96:ec:ab:59:2c:a8:ec:6c:2c:2d:b8:dd:f6:e4:
9f:8b:56:cb:7f:01:59:51:12:c6:3c:9d:0c:a5:70:
7e:4d:76:6f:de:8d:3b:80:0f:ef:d1:23:be:28:e5:
62:bb:09:52:d0:14:a0:73:0d:dd:c9:d7:f7:5c:7a:
ef:69:b0:71:6e:ee:e1:d9:3c:b1:a5:18:16:8f:e6:
f6:b0:15:57:1a:af:27:72:63:5f:b4:1f:64:4d:77:
84:12:f2:e6:de:5c:e7:7e:4c:8c:18:85:d5:f2:21:
0c:05:95:30:f7:33:2c:00:d5:79:1a:55:a4:a7:14:
94:4a:76:8a:14:f6:65:16:9f:e9:b6:60:0a:a2:7f:
db:b3:7d:ff:0d:88:e4:87:34:fe:ab:ca:00:c0:7c:
f9:e0:4c:0e:88:ec:23:51:b2:f7:d0:f0:4c:74:17:
2c:87:51:4d:77:f6:84:d9:07:a7:49:8e:38:46:c9:
12:e1:64:cb:1b:f2:fd:6a:aa:a2:40:a3:1f:c7:4e:
11:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:6D:FE:A0:86:D6:A1:0F:22:D5:2B:A4:48:2A:BF:F3:62:74:0F:B4
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/g23-oIbWoQ8i1SukSCq_82J0D7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc0::/32
2a0e:dfc3::/32
Signature Algorithm: sha256WithRSAEncryption
b9:7d:b0:2d:ce:b4:f2:9a:5f:ec:c0:a8:9e:89:46:47:bc:b8:
34:4c:d8:ab:91:0c:87:d6:c3:fb:ca:8d:b8:c0:ec:5a:15:29:
cf:8f:28:c4:88:eb:11:26:dc:dc:cd:5d:bc:b8:74:33:82:74:
f4:42:d5:d8:e7:a5:7d:fc:c4:32:eb:e7:6b:c1:19:44:ca:ef:
27:7f:fa:65:92:a9:f8:8e:5b:42:4b:6f:6d:87:d8:2c:d1:8f:
88:ad:61:f8:36:e0:1b:c6:fa:2b:64:9b:d6:7d:f7:bb:fb:0a:
11:f3:8b:17:ec:05:b6:a7:d6:80:81:54:4c:9c:d6:e2:28:7d:
a6:5d:31:81:71:bd:73:55:e2:d0:ae:80:14:fc:7a:f4:8a:8a:
b8:2d:89:cf:34:35:43:ae:6b:fe:eb:f1:af:f6:c4:ba:ab:f5:
57:13:d3:eb:6b:52:ae:93:5b:d1:0e:a1:8c:28:fa:0b:e1:d9:
ef:2a:f5:72:d4:fb:2d:b2:d2:44:b5:ee:31:39:52:bf:45:4d:
34:f1:be:46:9f:ab:52:48:a4:12:84:f0:19:34:83:c2:ac:16:
cf:04:2a:7b:8d:8a:41:0f:5d:53:7c:f2:11:cd:03:45:10:82:
a2:ad:0f:f6:ee:80:e2:75:46:52:10:df:bd:5b:f6:ea:c1:e7:
f1:00:38:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZK5obqiS3TMiihD7lBFoV7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQxMDIzMTM0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZkZmVhMDg2ZDZhMTBmMjJkNTJiYTQ0ODJhYmZmMzYyNzQwZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+HoMG5vB+bIMeXV5/wnKkuvkyOWb
SWhHtMd0F/H0sCIQwmTPZLFCox4S5xKIIvm/Xu8xxNBZWdpJPD44luyrWSyo7Gws
Lbjd9uSfi1bLfwFZURLGPJ0MpXB+TXZv3o07gA/v0SO+KOViuwlS0BSgcw3dydf3
XHrvabBxbu7h2TyxpRgWj+b2sBVXGq8ncmNftB9kTXeEEvLm3lznfkyMGIXV8iEM
BZUw9zMsANV5GlWkpxSUSnaKFPZlFp/ptmAKon/bs33/DYjkhzT+q8oAwHz54EwO
iOwjUbL30PBMdBcsh1FNd/aE2QenSY44RskS4WTLG/L9aqqiQKMfx04RmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFINt/qCG1qEPItUrpEgqv/NidA+0MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvZzIzLW9JYldvUThpMVN1a1NDcV84MkowRDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg7fwAMF
ACoO38MwDQYJKoZIhvcNAQELBQADggEBALl9sC3OtPKaX+zAqJ6JRke8uDRM2KuR
DIfWw/vKjbjA7FoVKc+PKMSI6xEm3NzNXby4dDOCdPRC1djnpX38xDLr52vBGUTK
7yd/+mWSqfiOW0JLb22H2CzRj4itYfg24BvG+itkm9Z997v7ChHzixfsBban1oCB
VEyc1uIofaZdMYFxvXNV4tCugBT8evSKirgtic80NUOua/7r8a/2xLqr9VcT0+tr
Uq6TW9EOoYwo+gvh2e8q9XLU+y2y0kS17jE5Ur9FTTTxvkafq1JIpBKE8Bk0g8Ks
Fs8EKnuNikEPXVN88hHNA0UQgqKtD/bugOJ1RlIQ371b9urB5/EAOLY=
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:48 2024 by rpki-client on console-fra.rpki-client.org