Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/1-Gcs0_Hz1Pb7RJF7-EQbBrqa79Y.roa
File: 1-Gcs0_Hz1Pb7RJF7-EQbBrqa79Y.roa (raw, json)
Hash identifier: 0YL9q+BQ0wndSMnCQhJLpPDS8YmkS68SAdX5GskTVaY=
Subject key identifier: F8:67:2C:D3:F1:F3:D4:F6:FB:44:91:7B:F8:44:1B:06:BA:9A:EF:D6
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018CC80136B163CD0DAF5F3C384B3CE562B7
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/1-Gcs0_Hz1Pb7RJF7-EQbBrqa79Y.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53358
IP address blocks: 2a05:f300::/29 maxlen: 64
2a12:4b40::/29 maxlen: 64
2a13:c800::/29 maxlen: 64
2a13:c400::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 26 Mar 2024 19:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:36:b1:63:cd:0d:af:5f:3c:38:4b:3c:e5:62:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8672cd3f1f3d4f6fb44917bf8441b06ba9aefd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:40:6d:70:52:87:60:6b:e3:16:1b:91:b6:dd:
4a:d2:6a:81:a7:6a:34:8f:26:c6:de:26:c2:82:f0:
65:f4:40:82:f4:cf:8a:b0:d6:49:bf:f0:19:1e:79:
26:d5:a7:9b:d3:e4:51:31:44:32:b5:e1:4e:28:f6:
a1:9b:e2:28:84:c6:2a:a4:2b:39:d3:f0:af:22:df:
e0:52:ed:5b:67:18:3f:69:e8:58:aa:06:56:ac:2d:
57:b2:cc:1f:9d:ce:42:c3:7c:b1:2d:68:bd:fd:3d:
db:61:35:7e:d0:97:4b:7f:84:96:30:0a:b9:dc:1a:
a4:e7:68:20:04:16:43:fe:7a:af:44:89:0f:6b:e1:
35:f5:3a:80:84:4c:97:95:4b:2d:df:e0:c8:59:ed:
9d:f2:b8:d7:4d:b0:31:f5:e7:90:71:a0:32:14:15:
9a:91:93:3e:3f:cb:57:4d:89:3f:2c:f5:ac:3d:67:
14:07:7c:0f:4e:a4:d1:bb:c3:03:49:2d:de:7b:8b:
56:7a:49:22:e6:5c:20:20:06:79:20:eb:53:97:96:
1b:b8:b4:b0:30:2a:e2:05:a5:06:d6:d1:b4:ea:cc:
5b:b0:79:15:22:38:14:e7:8c:9b:df:3e:1f:20:d5:
48:89:37:fb:56:b1:86:c1:e9:46:27:19:7e:79:29:
88:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:67:2C:D3:F1:F3:D4:F6:FB:44:91:7B:F8:44:1B:06:BA:9A:EF:D6
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/1-Gcs0_Hz1Pb7RJF7-EQbBrqa79Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
2a12:4b40::/29
2a13:c400::/29
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
35:8a:c6:62:20:ef:0b:cf:04:ba:c4:67:e2:24:c8:fe:be:c2:
06:70:a7:34:46:b5:69:85:33:d7:57:f7:51:70:37:ba:53:a0:
e0:6a:fc:8d:e7:70:4b:ba:48:e1:86:51:ca:38:83:e7:39:a3:
ce:84:bf:fd:ca:36:6e:35:28:46:d2:cf:13:c6:b9:78:ae:f1:
03:3a:42:97:7d:de:13:ea:95:5b:c5:da:07:a2:0b:94:c5:5c:
0b:d3:d0:b8:71:df:2d:d6:69:8e:36:09:7d:c2:a7:b5:6e:96:
01:b9:35:cc:db:80:25:1a:58:49:05:46:16:ef:06:43:9d:71:
28:2b:43:98:7c:7c:58:24:96:91:12:46:f3:11:ba:2c:b4:02:
3d:dc:0c:b0:a2:d0:c8:94:c2:36:43:6b:0e:b8:ce:02:b5:27:
5c:00:dd:7d:0c:a8:25:72:29:41:19:b4:9e:55:ff:45:44:3e:
a2:f3:82:3d:dd:c6:19:bd:8c:de:54:b6:64:c3:da:03:90:af:
64:5c:b3:27:64:0e:ec:85:e7:7f:e5:4a:62:f8:4a:fe:11:95:
e4:55:ef:f9:e8:14:71:40:d4:ef:7c:88:c2:38:7d:ae:35:5b:
4e:e6:f8:0e:d9:63:1b:18:74:1a:76:2f:76:e8:f0:4d:99:cf:
94:0b:56:53
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIATaxY80Nr188OEs85WK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY3MmNkM2YxZjNkNGY2ZmI0NDkxN2JmODQ0MWIwNmJhOWFlZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUBtcFKHYGvjFhuRtt1K0mqBp2o0
jybG3ibCgvBl9ECC9M+KsNZJv/AZHnkm1aeb0+RRMUQyteFOKPahm+IohMYqpCs5
0/CvIt/gUu1bZxg/aehYqgZWrC1Xsswfnc5Cw3yxLWi9/T3bYTV+0JdLf4SWMAq5
3Bqk52ggBBZD/nqvRIkPa+E19TqAhEyXlUst3+DIWe2d8rjXTbAx9eeQcaAyFBWa
kZM+P8tXTYk/LPWsPWcUB3wPTqTRu8MDSS3ee4tWekki5lwgIAZ5IOtTl5YbuLSw
MCriBaUG1tG06sxbsHkVIjgU54yb3z4fINVIiTf7VrGGwelGJxl+eSmI8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPhnLNPx89T2+0SRe/hEGwa6mu/WMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvMS1HY3MwX0h6MVBiN1JKRjctRVFiQnJxYTc5WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTkvM2MwMjY5LWMxOTQtNGU2ZC1hYmNlLTcyNzM1ZTExOGQ1
MS8xL2lMSVR2eFluVkk3OS14c3VKa1c2cngyWU9xQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAIwHAMFAyoF8wAD
BQMqEktAAwUDKhPEAAMFAyoTyAAwDQYJKoZIhvcNAQELBQADggEBADWKxmIg7wvP
BLrEZ+IkyP6+wgZwpzRGtWmFM9dX91FwN7pToOBq/I3ncEu6SOGGUco4g+c5o86E
v/3KNm41KEbSzxPGuXiu8QM6Qpd93hPqlVvF2geiC5TFXAvT0Lhx3y3WaY42CX3C
p7VulgG5NczbgCUaWEkFRhbvBkOdcSgrQ5h8fFgklpESRvMRuiy0Aj3cDLCi0MiU
wjZDaw64zgK1J1wA3X0MqCVyKUEZtJ5V/0VEPqLzgj3dxhm9jN5UtmTD2gOQr2Rc
sydkDuyF53/lSmL4Sv4RleRV7/noFHFA1O98iMI4fa41W07m+A7ZYxsYdBp2L3bo
8E2Zz5QLVlM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org