Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GZgr7BdSpOVsZUk_Am74aiDjq3g.roa
File: GZgr7BdSpOVsZUk_Am74aiDjq3g.roa (raw, json)
Hash identifier: vF8/QKcGTmEjJ+nh6c+PEVmxMCImJLnqcESvdxbfdfI=
Subject key identifier: 19:98:2B:EC:17:52:A4:E5:6C:65:49:3F:02:6E:F8:6A:20:E3:AB:78
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018D7A6D1899D3CCCB94C9AB847AB2CA00C7
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GZgr7BdSpOVsZUk_Am74aiDjq3g.roa
Signing time: Mon 05 Feb 2024 17:59:46 +0000
ROA not before: Mon 05 Feb 2024 17:59:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0a:e2c0::/29 maxlen: 32
2a0e:7780::/29 maxlen: 32
2a0f:e000::/29 maxlen: 32
2a12:6b80::/29 maxlen: 32
2a13:ba00::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a14:7e00::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 18:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:6d:18:99:d3:cc:cb:94:c9:ab:84:7a:b2:ca:00:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 5 17:59:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19982bec1752a4e56c65493f026ef86a20e3ab78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5f:ce:45:5b:f4:04:f5:4f:2c:84:b1:d0:da:
66:f5:2d:17:7a:85:b9:f4:a2:85:f3:a5:f0:fe:d5:
3c:2e:8a:ef:fa:0e:41:07:c0:9d:4e:89:f2:3c:3e:
72:2c:0b:ef:87:b3:fe:17:6d:08:4d:5f:2d:5a:cd:
12:a9:6b:74:e1:5f:d2:63:0e:68:67:a0:2b:9d:0e:
2b:06:36:f7:56:d8:2e:0d:4a:2a:a3:02:cd:97:d9:
36:de:f3:fd:4a:54:f3:e2:94:90:07:5f:64:7a:30:
cf:fd:7b:c3:40:e9:12:68:f9:f1:40:de:0b:ff:22:
6c:6f:00:81:cc:fc:6b:5d:8b:ba:f0:18:13:67:0b:
3e:d1:a5:5b:7b:40:b0:93:e1:5b:b4:40:b5:0f:de:
b3:2c:f0:ad:77:98:e9:df:0d:42:45:89:6e:6e:0e:
7d:16:ff:8c:1d:5b:e6:3e:14:c4:36:46:8d:16:f4:
9a:75:8e:3c:7d:71:3e:a6:07:56:3d:df:d1:dc:94:
a4:1c:a8:cd:f7:43:78:77:28:a4:61:40:9f:fc:d1:
87:66:ec:75:41:b2:6d:2c:54:ba:05:dc:12:64:49:
b6:90:0d:ea:cd:0f:59:d3:c0:6f:7f:6f:53:db:39:
2f:f5:76:81:db:66:f8:1b:67:b8:df:ee:ee:3f:25:
d2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:98:2B:EC:17:52:A4:E5:6C:65:49:3F:02:6E:F8:6A:20:E3:AB:78
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GZgr7BdSpOVsZUk_Am74aiDjq3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
8f:29:68:c2:29:ab:12:51:02:54:8c:fa:6e:48:bb:94:40:c6:
07:60:95:e1:7b:9f:05:71:74:f7:0d:06:b2:c1:7c:d8:3c:29:
73:50:bc:06:b3:c8:fe:a7:37:5d:4d:15:01:4b:2f:63:8f:da:
d5:55:aa:65:eb:0a:89:30:04:61:4e:33:72:89:5b:a5:23:9c:
2e:ed:20:b4:5f:2e:71:ea:1d:06:ef:c1:4f:bb:ba:d2:74:3c:
3a:e2:0a:22:66:6d:64:5e:f2:01:24:46:4f:53:f7:85:cd:1c:
89:eb:90:83:18:13:bf:2a:a1:4c:6c:d0:5d:49:5d:11:3f:fa:
45:58:c9:7b:e5:87:7b:5a:8b:3b:49:cc:e0:d4:16:a5:88:cc:
9b:86:7d:cb:55:40:82:5d:5b:68:3b:9c:25:6c:ae:62:f8:75:
cb:53:e5:5e:4b:cc:0e:ad:ac:6f:a5:05:db:49:db:78:e0:c9:
70:3c:d5:00:a1:6a:4f:d7:30:26:84:10:79:71:0d:23:5e:31:
28:53:fa:56:d7:b3:2d:72:bc:c6:04:87:c7:36:6e:3d:d3:f9:
5e:2b:b7:8e:37:6a:42:ae:a8:02:2f:a4:e7:4d:db:de:c0:68:
be:d3:e4:06:d9:3b:a9:a4:09:55:19:76:fd:02:d7:5c:b4:90:
b9:79:ac:06
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY16bRiZ08zLlMmrhHqyygDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjA1MTc1OTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk4MmJlYzE3NTJhNGU1NmM2NTQ5M2YwMjZlZjg2YTIwZTNhYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF/ORVv0BPVPLISx0Npm9S0XeoW5
9KKF86Xw/tU8Lorv+g5BB8CdTonyPD5yLAvvh7P+F20ITV8tWs0SqWt04V/SYw5o
Z6ArnQ4rBjb3VtguDUoqowLNl9k23vP9SlTz4pSQB19kejDP/XvDQOkSaPnxQN4L
/yJsbwCBzPxrXYu68BgTZws+0aVbe0Cwk+FbtEC1D96zLPCtd5jp3w1CRYlubg59
Fv+MHVvmPhTENkaNFvSadY48fXE+pgdWPd/R3JSkHKjN90N4dyikYUCf/NGHZux1
QbJtLFS6BdwSZEm2kA3qzQ9Z08Bvf29T2zkv9XaB22b4G2e43+7uPyXSswIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBmYK+wXUqTlbGVJPwJu+Gog46t4MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvR1pncjdCZFNwT1ZzWlVrX0FtNzRhaURqcTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgriwAMF
AyoOd4ADBQMqD+AAAwUDKhJrgAMFAyoTugADBQMqE9rAAwUDKhR+ADANBgkqhkiG
9w0BAQsFAAOCAQEAjylowimrElECVIz6bki7lEDGB2CV4XufBXF09w0GssF82Dwp
c1C8BrPI/qc3XU0VAUsvY4/a1VWqZesKiTAEYU4zcolbpSOcLu0gtF8uceodBu/B
T7u60nQ8OuIKImZtZF7yASRGT1P3hc0cieuQgxgTvyqhTGzQXUldET/6RVjJe+WH
e1qLO0nM4NQWpYjMm4Z9y1VAgl1baDucJWyuYvh1y1PlXkvMDq2sb6UF20nbeODJ
cDzVAKFqT9cwJoQQeXENI14xKFP6VtezLXK8xgSHxzZuPdP5Xiu3jjdqQq6oAi+k
503b3sBovtPkBtk7qaQJVRl2/QLXXLSQuXmsBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org