Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/gxo60Qf9Yqe_Leyuw8mLpUn9-kI.roa
File: gxo60Qf9Yqe_Leyuw8mLpUn9-kI.roa (raw, json)
Hash identifier: QqP5SedYF+6q+3NPl6s/D+oin0eI5vaJiwgtHN9tL0A=
Subject key identifier: 83:1A:3A:D1:07:FD:62:A7:BF:2D:EC:AE:C3:C9:8B:A5:49:FD:FA:42
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCDEC3E28EC4715C656E94B82E1070
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/gxo60Qf9Yqe_Leyuw8mLpUn9-kI.roa
Signing time: Tue 02 Jan 2024 10:34:07 +0000
ROA not before: Tue 02 Jan 2024 10:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51645
IP address blocks: 2a02:2698:2000::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:de:c3:e2:8e:c4:71:5c:65:6e:94:b8:2e:10:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=831a3ad107fd62a7bf2decaec3c98ba549fdfa42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:af:44:21:d8:2b:fe:6b:bf:9d:56:80:de:71:
85:2b:c9:92:ea:d5:a8:2c:0d:bc:02:4f:6e:14:2c:
a0:be:30:9b:42:4c:46:6f:45:70:9e:97:a9:eb:6d:
df:3c:39:3f:e1:ad:d5:1c:4d:29:ba:cc:90:ad:88:
98:a8:c9:95:fb:47:46:13:6a:64:55:2d:5a:53:ed:
bc:a5:d0:af:53:82:27:af:98:b0:35:dd:cb:0c:7b:
6c:fa:37:18:d2:c0:3f:61:dd:1c:d8:fa:e2:b1:3d:
c5:f5:6b:97:8b:32:66:98:ec:a5:3b:87:78:cb:8a:
de:0d:9e:c7:6c:08:eb:ab:d6:27:e6:8b:6b:56:be:
10:0b:d4:f6:2e:3c:36:ed:63:2f:1a:9a:f9:07:f5:
d9:17:de:51:11:48:5c:ae:86:11:26:c8:b0:db:9c:
c1:37:80:31:2f:68:35:f4:ba:48:4f:82:ec:f6:54:
fd:f7:ae:b1:f8:fa:8a:0b:6e:9e:48:f8:6d:ac:ad:
33:04:cf:85:54:a0:26:20:bb:81:db:49:b3:02:32:
e9:a9:0c:1e:38:be:4a:5d:c0:87:bf:b8:c2:f7:97:
61:6c:47:d0:cd:b6:06:c0:29:02:d9:93:c6:b8:f4:
5a:ae:5f:e6:bd:1c:80:f9:46:0e:ad:45:bf:5a:89:
68:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1A:3A:D1:07:FD:62:A7:BF:2D:EC:AE:C3:C9:8B:A5:49:FD:FA:42
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/gxo60Qf9Yqe_Leyuw8mLpUn9-kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:2000::/38
Signature Algorithm: sha256WithRSAEncryption
b6:87:40:3b:2d:c4:c7:2a:6e:ab:23:ae:bf:18:e5:ae:01:6f:
c5:9f:7d:04:6f:33:64:99:a8:9a:08:64:7c:d3:44:f1:63:ad:
41:ea:ef:95:7b:25:14:90:5b:c9:9e:80:30:32:15:8c:96:d6:
81:0b:3b:7a:94:d1:7e:88:ca:68:43:2f:05:be:cc:a1:b1:2b:
aa:11:f6:c2:0c:74:b7:d8:4d:8a:ec:03:63:ce:d2:07:e5:58:
ac:ba:38:bb:cc:73:47:bb:72:97:f7:99:56:3d:8e:ce:fa:cf:
78:b6:a9:52:6c:11:ef:e0:e9:60:26:67:dc:43:3e:ca:87:1f:
d9:2c:fc:02:bb:73:86:ad:6b:a6:cc:c1:24:85:a8:dd:a5:38:
32:5f:50:b0:91:45:2d:62:76:3d:bc:9c:05:42:ab:3c:4e:70:
af:f3:64:cb:57:00:c3:a0:32:f4:ce:b9:84:bf:27:ac:2b:09:
71:14:c2:cf:11:38:d1:05:55:f0:62:f9:2f:1e:39:db:51:46:
d1:e6:a1:22:d5:d8:9b:52:ed:06:09:ed:79:13:5f:5d:1f:24:
4c:d3:63:89:55:24:48:ee:b4:34:89:31:5b:90:61:b8:18:c3:
59:79:bc:14:b7:e2:85:92:e8:71:44:d6:0c:b6:7a:48:6f:93:
8f:05:2a:75
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvN7D4o7EcVxlbpS4LhBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFhM2FkMTA3ZmQ2MmE3YmYyZGVjYWVjM2M5OGJhNTQ5ZmRmYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq9EIdgr/mu/nVaA3nGFK8mS6tWo
LA28Ak9uFCygvjCbQkxGb0Vwnpep623fPDk/4a3VHE0pusyQrYiYqMmV+0dGE2pk
VS1aU+28pdCvU4Inr5iwNd3LDHts+jcY0sA/Yd0c2PrisT3F9WuXizJmmOylO4d4
y4reDZ7HbAjrq9Yn5otrVr4QC9T2Ljw27WMvGpr5B/XZF95REUhcroYRJsiw25zB
N4AxL2g19LpIT4Ls9lT9966x+PqKC26eSPhtrK0zBM+FVKAmILuB20mzAjLpqQwe
OL5KXcCHv7jC95dhbEfQzbYGwCkC2ZPGuPRarl/mvRyA+UYOrUW/WolofwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIMaOtEH/WKnvy3srsPJi6VJ/fpCMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvZ3hvNjBRZjlZcWVfTGV5dXc4bUxwVW45LWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmCAw
DQYJKoZIhvcNAQELBQADggEBALaHQDstxMcqbqsjrr8Y5a4Bb8WffQRvM2SZqJoI
ZHzTRPFjrUHq75V7JRSQW8megDAyFYyW1oELO3qU0X6IymhDLwW+zKGxK6oR9sIM
dLfYTYrsA2PO0gflWKy6OLvMc0e7cpf3mVY9js76z3i2qVJsEe/g6WAmZ9xDPsqH
H9ks/AK7c4ata6bMwSSFqN2lODJfULCRRS1idj28nAVCqzxOcK/zZMtXAMOgMvTO
uYS/J6wrCXEUws8RONEFVfBi+S8eOdtRRtHmoSLV2JtS7QYJ7XkTX10fJEzTY4lV
JEjutDSJMVuQYbgYw1l5vBS34oWS6HFE1gy2ekhvk48FKnU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:07 2025 by rpki-client