Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/gb1M8YxanSoXXTYNg1EwSFu_7lc.roa
File: gb1M8YxanSoXXTYNg1EwSFu_7lc.roa (raw, json)
Hash identifier: pRNFCTj6GULc0YTTB2c98hj9aolyIKktEK2wvgqn8Pw=
Subject key identifier: 81:BD:4C:F1:8C:5A:9D:2A:17:5D:36:0D:83:51:30:48:5B:BF:EE:57
Certificate issuer: /CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Certificate serial: 01856DDD6B2AD5F8170AC95668F4FDCDD445
Authority key identifier: A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/gb1M8YxanSoXXTYNg1EwSFu_7lc.roa
Signing time: Sun 01 Jan 2023 15:05:05 +0000
ROA not before: Sun 01 Jan 2023 15:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41075
IP address blocks: 5.56.32.0/24 maxlen: 24
5.56.39.0/24 maxlen: 24
2a01:47c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:6b:2a:d5:f8:17:0a:c9:56:68:f4:fd:cd:d4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Validity
Not Before: Jan 1 15:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81bd4cf18c5a9d2a175d360d835130485bbfee57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:7b:cd:eb:9b:da:23:ae:d0:6d:25:b9:21:
cd:c6:cb:b8:81:04:41:fb:61:18:3b:b7:74:9d:e2:
00:d9:21:34:bb:ae:f5:ed:17:e7:79:00:05:5c:61:
14:6e:79:c2:c5:0b:c0:6e:8f:62:d6:7c:b8:99:a9:
01:07:7a:7c:3e:1d:e6:f6:7d:8b:0f:bc:a7:96:b2:
f8:a7:a2:0c:3f:63:12:34:bd:70:10:d1:22:98:ec:
7d:a9:bf:8c:e0:6e:9f:f4:7b:b5:2f:b8:dd:d8:9d:
1a:61:eb:f1:e5:c2:82:9b:64:aa:ee:54:02:4d:9c:
f8:67:e7:a4:ea:43:3c:60:99:b3:0e:c8:76:e2:db:
ef:e4:dd:87:dc:2f:4e:72:2a:b3:0d:1a:66:09:8a:
06:ab:55:68:00:01:07:10:e5:af:21:9b:a9:2f:f2:
1c:f3:85:75:c5:17:5a:77:53:d5:f2:f1:8f:7f:b8:
29:32:c3:79:62:15:90:05:df:ac:f0:2a:71:4b:b1:
ab:68:93:3b:e1:ad:51:c0:36:57:5b:e7:c8:cf:be:
24:f2:ab:5e:c3:88:38:f3:fc:b2:b5:bf:09:66:70:
a8:30:c4:72:25:cf:ab:21:a7:dd:5c:2c:1c:02:fe:
d6:37:a2:a3:91:2b:3e:f6:e6:48:37:f1:eb:ba:c9:
9d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BD:4C:F1:8C:5A:9D:2A:17:5D:36:0D:83:51:30:48:5B:BF:EE:57
X509v3 Authority Key Identifier:
keyid:A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/gb1M8YxanSoXXTYNg1EwSFu_7lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.32.0/24
5.56.39.0/24
IPv6:
2a01:47c1::/32
Signature Algorithm: sha256WithRSAEncryption
1e:f0:21:85:1e:ab:b7:9d:e4:4b:d1:b3:1f:46:55:31:95:31:
1c:0a:c7:2f:da:83:82:c0:e3:f9:a2:cb:74:91:10:64:82:87:
d6:6f:d7:df:0a:72:ea:6c:7d:3a:10:71:85:53:79:7a:2f:79:
dc:44:8a:50:1a:81:d3:3c:06:18:86:c5:cd:91:88:bf:25:01:
59:6e:83:c1:71:c8:bc:2c:e9:68:73:e4:74:0a:df:7a:a8:95:
7e:8c:63:1c:8f:f1:e2:68:a5:40:43:2d:43:00:81:03:0c:4c:
3b:4a:03:41:7c:5e:01:3a:6a:69:6a:21:44:03:db:f2:9c:0e:
f3:75:df:93:7a:5d:54:07:c7:bf:35:c3:70:49:49:d0:24:7f:
01:e6:b6:10:f6:13:69:a1:7f:ac:26:44:fb:58:47:45:94:d5:
a7:c2:9b:0f:69:e4:3a:8e:50:ac:99:ec:b5:4a:5c:20:37:aa:
b5:4b:4d:6f:c8:53:29:89:91:a7:2f:10:79:20:7d:2f:5c:83:
5d:40:4a:1b:97:e6:1a:d4:66:79:ce:ed:d0:ae:f4:28:9f:a6:
0f:84:a7:a0:16:11:fd:3f:79:aa:32:59:6d:79:49:a5:4c:e9:
b4:c2:3f:ed:0c:44:55:a0:c3:d6:80:1b:81:40:e6:e2:05:ad:
bf:c9:be:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVt3Wsq1fgXCslWaPT9zdRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWNjMGQ1OGIxNmFkYmJmN2ZhNWMyZmRiYzM2NTlmOWM3
M2M3YmEwHhcNMjMwMTAxMTUwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWJkNGNmMThjNWE5ZDJhMTc1ZDM2MGQ4MzUxMzA0ODViYmZlZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu17zeub2iOu0G0luSHNxsu4gQRB
+2EYO7d0neIA2SE0u6717RfneQAFXGEUbnnCxQvAbo9i1ny4makBB3p8Ph3m9n2L
D7ynlrL4p6IMP2MSNL1wENEimOx9qb+M4G6f9Hu1L7jd2J0aYevx5cKCm2Sq7lQC
TZz4Z+ek6kM8YJmzDsh24tvv5N2H3C9OciqzDRpmCYoGq1VoAAEHEOWvIZupL/Ic
84V1xRdad1PV8vGPf7gpMsN5YhWQBd+s8CpxS7GraJM74a1RwDZXW+fIz74k8qte
w4g48/yytb8JZnCoMMRyJc+rIafdXCwcAv7WN6KjkSs+9uZIN/Hrusmd8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIG9TPGMWp0qF102DYNRMEhbv+5XMB8GA1UdIwQY
MBaAFKccwNWLFq279/pcL9vDZZ+cc8e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEt
ZGU2NDBkMDEyMDY1LzEvZ2IxTThZeGFuU29YWFRZTmcxRXdTRnVfN2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEtZGU2NDBkMDEyMDY1
LzEvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABTggAwQA
BTgnMA0EAgACMAcDBQAqAUfBMA0GCSqGSIb3DQEBCwUAA4IBAQAe8CGFHqu3neRL
0bMfRlUxlTEcCscv2oOCwOP5ost0kRBkgofWb9ffCnLqbH06EHGFU3l6L3ncRIpQ
GoHTPAYYhsXNkYi/JQFZboPBcci8LOloc+R0Ct96qJV+jGMcj/HiaKVAQy1DAIED
DEw7SgNBfF4BOmppaiFEA9vynA7zdd+Tel1UB8e/NcNwSUnQJH8B5rYQ9hNpoX+s
JkT7WEdFlNWnwpsPaeQ6jlCsmey1SlwgN6q1S01vyFMpiZGnLxB5IH0vXINdQEob
l+Ya1GZ5zu3QrvQon6YPhKegFhH9P3mqMllteUmlTOm0wj/tDERVoMPWgBuBQObi
Ba2/yb4O
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:03 2024 by rpki-client on console-ams.rpki-client.org