Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/gcUwA5ONoc27lLZVwvhEzLJfLqo.roa
File: gcUwA5ONoc27lLZVwvhEzLJfLqo.roa (raw, json)
Hash identifier: mYeo/Gc7CxManfrFmi/T8NZhG0GpAibk1FLoRo8r9u8=
Subject key identifier: 81:C5:30:03:93:8D:A1:CD:BB:94:B6:55:C2:F8:44:CC:B2:5F:2E:AA
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0191A33F56F13F8B6CCBF08E16A9FEFAEE42
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/gcUwA5ONoc27lLZVwvhEzLJfLqo.roa
Signing time: Fri 30 Aug 2024 12:25:22 +0000
ROA not before: Fri 30 Aug 2024 12:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 2a0e:7780::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:dcc0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 18 Sep 2024 20:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a3:3f:56:f1:3f:8b:6c:cb:f0:8e:16:a9:fe:fa:ee:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 30 12:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81c53003938da1cdbb94b655c2f844ccb25f2eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cc:9d:41:e3:a8:7c:ba:1e:3b:ef:c6:d2:00:
9e:3d:b4:5a:6a:14:64:f9:f0:9d:f7:31:5f:8f:50:
03:66:82:e3:ed:90:4f:08:f2:ed:39:0f:25:4c:ce:
31:dc:11:c9:95:9f:7c:9b:27:05:70:e5:d5:9a:3b:
14:1c:da:52:fc:36:98:89:55:2e:85:4e:3e:26:3e:
79:31:57:4d:90:8a:da:4b:90:f9:08:e9:5a:a2:07:
f6:7d:b9:99:ec:8f:be:e9:72:09:70:db:80:1a:51:
44:ee:a7:e7:3d:5c:ba:51:ed:18:13:74:45:dd:92:
1b:29:e8:3f:cc:e8:34:23:60:bb:eb:c5:be:42:c3:
51:b1:65:fd:d4:9c:a8:3e:71:7d:58:f4:e5:c2:95:
15:20:c7:18:25:19:1d:a7:24:72:64:96:85:c7:be:
12:f4:fa:db:08:78:d4:ab:31:b5:90:4a:09:b5:66:
85:83:18:d7:b7:12:d7:c0:d3:b3:0e:b8:1d:51:98:
28:49:c5:fe:87:60:3d:ac:d0:0d:99:cb:a1:5e:c9:
54:1a:56:22:5c:7a:24:ef:65:95:fb:59:47:51:9c:
8a:88:4a:1e:b0:90:58:18:5c:4d:26:ab:e8:78:13:
64:a8:5b:2b:99:79:33:0e:78:ee:93:e4:69:b9:3b:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C5:30:03:93:8D:A1:CD:BB:94:B6:55:C2:F8:44:CC:B2:5F:2E:AA
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/gcUwA5ONoc27lLZVwvhEzLJfLqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7780::/29
2a11:3b40::/29
2a11:9600::/29
2a11:dcc0::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
90:12:33:18:c0:7c:6d:28:ec:6e:c2:14:bf:a9:78:5f:e8:ed:
ca:89:90:ff:a1:a9:c3:14:cc:b4:12:e2:84:53:c3:2c:bb:7c:
76:fd:7d:09:fa:8e:8e:69:b0:60:c4:37:b3:04:0c:5b:f1:b7:
b0:a3:e6:d7:a0:4b:71:93:aa:5a:8b:48:c0:a2:3b:89:9e:60:
86:78:8c:c5:bb:c6:4a:17:3a:b5:2d:45:dc:bb:e0:c3:5b:19:
38:bf:22:4f:58:11:e2:36:36:62:d5:85:08:14:be:6a:f0:3b:
48:92:ee:d1:b4:b0:0c:5d:c7:b5:03:7a:e0:d1:a4:d0:8d:01:
2e:37:b1:ab:ce:c3:b4:87:b4:09:0f:22:6d:ed:92:05:6d:cb:
5b:ad:a9:15:51:0b:4e:e7:06:7b:e2:97:ac:b7:f0:74:ad:12:
e4:fe:5d:17:18:c4:ce:bf:eb:21:ec:b8:a6:44:82:c0:6c:99:
68:bf:27:7e:a6:38:29:a0:01:78:51:62:ba:2b:9c:5c:a6:3c:
7b:0b:2e:9d:3c:d7:bb:bd:62:76:92:f7:c1:98:6d:b5:18:b8:
35:e5:76:e1:2f:07:62:b5:59:93:00:ef:45:db:1e:e7:f1:60:
5d:bf:30:90:08:d1:04:12:3d:20:e7:af:a8:4d:db:eb:e4:ba:
73:fb:4a:73
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZGjP1bxP4tsy/COFqn++u5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODMwMTIyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWM1MzAwMzkzOGRhMWNkYmI5NGI2NTVjMmY4NDRjY2IyNWYyZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58ydQeOofLoeO+/G0gCePbRaahRk
+fCd9zFfj1ADZoLj7ZBPCPLtOQ8lTM4x3BHJlZ98mycFcOXVmjsUHNpS/DaYiVUu
hU4+Jj55MVdNkIraS5D5COlaogf2fbmZ7I++6XIJcNuAGlFE7qfnPVy6Ue0YE3RF
3ZIbKeg/zOg0I2C768W+QsNRsWX91JyoPnF9WPTlwpUVIMcYJRkdpyRyZJaFx74S
9PrbCHjUqzG1kEoJtWaFgxjXtxLXwNOzDrgdUZgoScX+h2A9rNANmcuhXslUGlYi
XHok72WV+1lHUZyKiEoesJBYGFxNJqvoeBNkqFsrmXkzDnjuk+RpuTvzEwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIHFMAOTjaHNu5S2VcL4RMyyXy6qMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvZ2NVd0E1T05vYzI3bExaVnd2aEV6TEpmTHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg53gAMF
AyoRO0ADBQMqEZYAAwUDKhHcwAMFAyoUAMADBQMqFAFAAwUDKhQBwAMFAyoUD0Aw
DQYJKoZIhvcNAQELBQADggEBAJASMxjAfG0o7G7CFL+peF/o7cqJkP+hqcMUzLQS
4oRTwyy7fHb9fQn6jo5psGDEN7MEDFvxt7Cj5tegS3GTqlqLSMCiO4meYIZ4jMW7
xkoXOrUtRdy74MNbGTi/Ik9YEeI2NmLVhQgUvmrwO0iS7tG0sAxdx7UDeuDRpNCN
AS43savOw7SHtAkPIm3tkgVty1utqRVRC07nBnvil6y38HStEuT+XRcYxM6/6yHs
uKZEgsBsmWi/J36mOCmgAXhRYrornFymPHsLLp0817u9YnaS98GYbbUYuDXlduEv
B2K1WZMA70XbHufxYF2/MJAI0QQSPSDnr6hN2+vkunP7SnM=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:46:08 2024 by rpki-client on console-ams.rpki-client.org