Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/gXPSmRgr1uLiO5fU8cHC8FydXQE.roa
File: gXPSmRgr1uLiO5fU8cHC8FydXQE.roa (raw, json)
Hash identifier: JZiYs+4sUXwRompFmWpLYMtl3r6JCh5IKRAXVpLjtJs=
Subject key identifier: 81:73:D2:99:18:2B:D6:E2:E2:3B:97:D4:F1:C1:C2:F0:5C:9D:5D:01
Certificate issuer: /CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Certificate serial: 018570399B9E93F8E9BE67B5ECD51362A42D
Authority key identifier: 68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/gXPSmRgr1uLiO5fU8cHC8FydXQE.roa
Signing time: Mon 02 Jan 2023 02:05:01 +0000
ROA not before: Mon 02 Jan 2023 02:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 2001:67c:4f0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:9b:9e:93:f8:e9:be:67:b5:ec:d5:13:62:a4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Validity
Not Before: Jan 2 02:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8173d299182bd6e2e23b97d4f1c1c2f05c9d5d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:40:cc:ad:b9:4a:02:eb:24:95:8d:36:3f:
91:74:bd:9a:76:58:fc:13:14:17:b7:61:07:b1:d3:
50:eb:85:9b:f3:a9:fc:70:2c:03:e0:c8:74:7f:d4:
ef:84:df:21:8c:ac:fa:d3:68:ca:49:9c:19:02:ff:
03:09:94:2a:1c:61:d5:b3:22:b0:10:fb:66:e4:17:
6a:1f:eb:99:c7:e4:b0:8c:3e:14:89:e2:57:78:0d:
5f:1a:f3:9b:8d:2d:93:7c:e2:e5:f0:0d:63:58:91:
67:bb:64:81:f7:18:3f:db:9c:38:d9:e8:11:64:f2:
1a:fd:f0:4f:bd:f4:2c:5e:f5:b9:1a:a6:24:59:7b:
dc:38:06:50:65:e7:a8:03:db:f3:53:66:c3:6e:1c:
3b:48:16:9d:47:8c:9a:11:0e:aa:4c:dc:0f:8a:da:
f6:c5:11:ed:ed:ab:61:87:1b:71:3c:19:4f:02:2e:
7b:91:9a:cd:36:02:9c:b9:39:df:88:e6:e4:8f:00:
8d:6d:fc:48:ff:da:50:95:46:04:3d:27:ad:62:36:
94:8e:31:86:b1:95:d7:b8:a7:e4:12:ff:58:6f:e0:
b6:34:9e:d5:a2:68:2d:6f:23:ee:e3:86:9e:7f:c4:
6a:c4:18:78:ae:5b:58:16:05:44:e0:f1:ea:4c:7e:
ae:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:73:D2:99:18:2B:D6:E2:E2:3B:97:D4:F1:C1:C2:F0:5C:9D:5D:01
X509v3 Authority Key Identifier:
keyid:68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/gXPSmRgr1uLiO5fU8cHC8FydXQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:4f0::/48
Signature Algorithm: sha256WithRSAEncryption
55:12:26:34:cc:0d:d5:57:cd:5b:6e:ab:5f:64:4d:76:3b:83:
46:5b:88:ff:39:eb:21:0d:39:0f:73:70:1e:40:89:ad:32:65:
ff:f0:08:f7:b6:9f:d8:fb:a9:8a:b1:df:25:fa:86:3d:0e:11:
30:b2:46:89:e1:50:85:39:a8:5a:95:46:07:50:69:f6:8b:97:
b7:f5:7a:bc:c0:53:28:34:49:37:b4:0c:60:ab:70:32:e4:ea:
91:86:bc:c9:aa:de:e0:d6:83:42:ac:85:5a:96:50:26:ab:c1:
3f:ff:68:60:44:76:13:14:dc:b6:ba:0f:71:12:7d:d2:d1:3d:
ae:e6:b4:77:83:3d:c5:72:91:28:51:0a:f3:ed:d7:9d:41:a0:
43:a5:53:45:d5:c1:bc:42:36:ac:bf:60:13:a0:ad:4e:37:c1:
35:0b:48:88:5d:13:a5:4a:74:e5:03:d9:0c:4f:97:ef:ba:63:
40:7d:48:9c:a8:8c:bf:93:bb:b0:cf:67:3a:95:54:4c:1a:a1:
ee:7b:c9:18:53:bb:ee:ce:65:82:e8:eb:0a:58:bd:58:dd:f5:
48:cf:13:ac:78:dd:71:77:c5:ca:96:c8:6a:c2:33:e4:0b:1b:
9b:60:6d:d4:b2:14:e3:6b:20:1e:8b:89:17:13:1c:56:58:02:
6d:b9:60:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwOZuek/jpvme17NUTYqQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NzcyNmQzOGZjZjJhN2ZiYmI3YmZjMjhkNjNmZTM1Nzll
ZDIxMWQwHhcNMjMwMTAyMDIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTczZDI5OTE4MmJkNmUyZTIzYjk3ZDRmMWMxYzJmMDVjOWQ1ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFdAzK25SgLrJJWNNj+RdL2adlj8
ExQXt2EHsdNQ64Wb86n8cCwD4Mh0f9TvhN8hjKz602jKSZwZAv8DCZQqHGHVsyKw
EPtm5BdqH+uZx+SwjD4UieJXeA1fGvObjS2TfOLl8A1jWJFnu2SB9xg/25w42egR
ZPIa/fBPvfQsXvW5GqYkWXvcOAZQZeeoA9vzU2bDbhw7SBadR4yaEQ6qTNwPitr2
xRHt7athhxtxPBlPAi57kZrNNgKcuTnfiObkjwCNbfxI/9pQlUYEPSetYjaUjjGG
sZXXuKfkEv9Yb+C2NJ7VomgtbyPu44aef8RqxBh4rltYFgVE4PHqTH6upQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIFz0pkYK9bi4juX1PHBwvBcnV0BMB8GA1UdIwQY
MBaAFGh3JtOPzyp/u7e/wo1j/jV57SEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAt
NGIyZGExOTdhN2U2LzEvZ1hQU21SZ3IxdUxpTzVmVThjSEM4RnlkWFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAtNGIyZGExOTdhN2U2
LzEvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfATw
MA0GCSqGSIb3DQEBCwUAA4IBAQBVEiY0zA3VV81bbqtfZE12O4NGW4j/OeshDTkP
c3AeQImtMmX/8Aj3tp/Y+6mKsd8l+oY9DhEwskaJ4VCFOahalUYHUGn2i5e39Xq8
wFMoNEk3tAxgq3Ay5OqRhrzJqt7g1oNCrIVallAmq8E//2hgRHYTFNy2ug9xEn3S
0T2u5rR3gz3FcpEoUQrz7dedQaBDpVNF1cG8Qjasv2AToK1ON8E1C0iIXROlSnTl
A9kMT5fvumNAfUicqIy/k7uwz2c6lVRMGqHue8kYU7vuzmWC6OsKWL1Y3fVIzxOs
eN1xd8XKlshqwjPkCxubYG3UshTjayAei4kXExxWWAJtuWA2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:43 2024 by rpki-client on console-fra.rpki-client.org