Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/GJ4F9arEms2JMDHB2980e7rxGdo.roa
File: GJ4F9arEms2JMDHB2980e7rxGdo.roa (raw, json)
Hash identifier: AWV/g9+NL1V5tZwQPI3ZVCqzeAgnubQanU8uGZiggaI=
Subject key identifier: 18:9E:05:F5:AA:C4:9A:CD:89:30:31:C1:DB:DF:34:7B:BA:F1:19:DA
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018E6568B7FF8AEB1A149A04CF8405F262A2
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/GJ4F9arEms2JMDHB2980e7rxGdo.roa
Signing time: Fri 22 Mar 2024 09:05:45 +0000
ROA not before: Fri 22 Mar 2024 09:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216300
IP address blocks: 2a12:b3c0::/48 maxlen: 48
2a12:b3c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 08:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:68:b7:ff:8a:eb:1a:14:9a:04:cf:84:05:f2:62:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Mar 22 09:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=189e05f5aac49acd893031c1dbdf347bbaf119da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:63:2d:13:47:d4:8c:c7:d9:61:45:2b:79:9b:
e6:08:b5:30:3f:27:e5:a8:8c:94:d8:5c:5e:ec:72:
a4:8b:a3:a4:fb:98:f5:65:c9:b1:ef:ec:07:86:16:
7b:2b:cd:bd:c7:0c:8d:3f:9e:f4:ef:18:7f:f4:1e:
39:0a:45:4b:ea:06:f1:55:ec:79:eb:de:9f:d6:09:
74:a5:31:21:af:54:19:59:18:b5:15:7c:a9:89:81:
9d:0b:a5:a1:2a:c2:e0:a7:0f:1b:de:dc:af:89:fe:
19:ca:05:b8:de:1e:bd:38:bc:90:e0:c3:03:cd:47:
16:2d:f1:6a:8a:80:42:24:c8:82:a0:35:d1:f5:a0:
e0:02:79:95:ef:6d:59:6e:5f:5c:12:de:53:1c:fa:
07:c2:df:92:48:8e:01:3e:3d:d8:93:70:cd:58:1f:
3a:31:5b:69:dc:df:b2:5c:d7:4f:04:33:28:d5:28:
50:82:3b:f8:3b:a7:7d:40:f9:b1:d3:e6:5c:40:f4:
47:be:b6:73:22:bb:c4:b7:d1:0e:c5:df:28:30:7d:
9c:0f:dd:8d:99:37:a0:db:e9:22:7a:49:87:e5:a9:
e1:60:eb:3b:09:fc:78:29:06:72:92:1b:9c:2f:c8:
06:af:43:08:8b:bd:fb:73:0e:6d:bb:f3:b9:a8:22:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9E:05:F5:AA:C4:9A:CD:89:30:31:C1:DB:DF:34:7B:BA:F1:19:DA
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/GJ4F9arEms2JMDHB2980e7rxGdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b3c0::/48
2a12:b3c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
0f:07:33:9b:21:33:05:da:3e:94:34:72:1b:c2:67:c0:e5:f8:
10:e2:e0:b6:d8:bb:7e:e0:45:56:63:c5:90:88:17:6f:6b:11:
90:d6:37:de:42:04:76:f9:e4:f1:04:be:ea:ff:b0:92:1d:3f:
d0:99:78:d7:92:cc:e6:2a:70:8d:1d:12:5f:a1:35:a8:26:16:
7f:6f:15:de:3b:a9:02:63:a9:ca:72:20:4a:90:6d:50:d3:d4:
99:f9:f9:2d:c1:ec:37:20:8d:22:9a:89:92:21:5d:d1:dc:c6:
65:f7:89:44:ba:0b:22:62:1c:c1:1e:81:7a:91:8e:87:a3:46:
6b:11:c9:81:a3:e3:e6:db:37:12:37:f4:54:0e:de:51:9e:c1:
d9:85:96:99:cf:41:d5:c5:b7:e5:b0:40:78:12:f0:c8:7f:0d:
71:e7:f7:a4:13:60:84:4b:62:14:e2:f6:a7:38:4f:fc:ab:99:
6f:10:2a:67:e2:b2:57:41:86:9e:08:9b:ad:33:20:c1:c6:3f:
91:75:1a:89:52:84:69:be:47:11:26:6d:21:23:0a:37:f8:6c:
bd:da:a9:24:d8:4d:49:7a:93:38:82:7d:c6:63:50:84:22:51:
0b:e9:b0:4d:93:04:8c:78:20:65:55:01:3b:fe:26:10:4b:fa:
a1:d7:98:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5laLf/iusaFJoEz4QF8mKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjQwMzIyMDkwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODllMDVmNWFhYzQ5YWNkODkzMDMxYzFkYmRmMzQ3YmJhZjExOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWMtE0fUjMfZYUUreZvmCLUwPyfl
qIyU2Fxe7HKki6Ok+5j1Zcmx7+wHhhZ7K829xwyNP5707xh/9B45CkVL6gbxVex5
696f1gl0pTEhr1QZWRi1FXypiYGdC6WhKsLgpw8b3tyvif4ZygW43h69OLyQ4MMD
zUcWLfFqioBCJMiCoDXR9aDgAnmV721Zbl9cEt5THPoHwt+SSI4BPj3Yk3DNWB86
MVtp3N+yXNdPBDMo1ShQgjv4O6d9QPmx0+ZcQPRHvrZzIrvEt9EOxd8oMH2cD92N
mTeg2+kiekmH5anhYOs7Cfx4KQZykhucL8gGr0MIi737cw5tu/O5qCISGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBieBfWqxJrNiTAxwdvfNHu68RnaMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvR0o0RjlhckVtczJKTURIQjI5ODBlN3J4R2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhKzwAAA
AwcAKhKzwAACMA0GCSqGSIb3DQEBCwUAA4IBAQAPBzObITMF2j6UNHIbwmfA5fgQ
4uC22Lt+4EVWY8WQiBdvaxGQ1jfeQgR2+eTxBL7q/7CSHT/QmXjXkszmKnCNHRJf
oTWoJhZ/bxXeO6kCY6nKciBKkG1Q09SZ+fktwew3II0imomSIV3R3MZl94lEugsi
YhzBHoF6kY6Ho0ZrEcmBo+Pm2zcSN/RUDt5RnsHZhZaZz0HVxbflsEB4EvDIfw1x
5/ekE2CES2IU4vanOE/8q5lvECpn4rJXQYaeCJutMyDBxj+RdRqJUoRpvkcRJm0h
Iwo3+Gy92qkk2E1JepM4gn3GY1CEIlEL6bBNkwSMeCBlVQE7/iYQS/qh15g/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:58 2024 by rpki-client on console-ams.rpki-client.org