Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G4Zyy6JO7CcY4qQsiLrgxb-Ovg4.roa
File: G4Zyy6JO7CcY4qQsiLrgxb-Ovg4.roa (raw, json)
Hash identifier: whOqAYkiTHM2Z1CIP75ae4aWTkNCpiR5fyPqrYlMUZ0=
Subject key identifier: 1B:86:72:CB:A2:4E:EC:27:18:E2:A4:2C:88:BA:E0:C5:BF:8E:BE:0E
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 0189DAAD0088F1AFE2D0C014438B70ED64A0
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G4Zyy6JO7CcY4qQsiLrgxb-Ovg4.roa
Signing time: Wed 09 Aug 2023 14:21:58 +0000
ROA not before: Wed 09 Aug 2023 14:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208022
IP address blocks: 2a0a:281::/32 maxlen: 48
2a12:ef40::/29 maxlen: 48
2a0a:282::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 17 Aug 2023 10:55:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:ad:00:88:f1:af:e2:d0:c0:14:43:8b:70:ed:64:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Aug 9 14:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b8672cba24eec2718e2a42c88bae0c5bf8ebe0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c3:85:31:ae:f0:08:31:09:b5:6d:9d:46:28:
6c:83:e1:2f:d0:1f:94:07:1c:a2:60:7b:71:c1:a6:
45:02:b8:da:f1:7c:42:7f:16:f2:f0:e5:03:bd:ff:
a0:33:58:e9:44:b2:f0:3d:37:58:ff:a4:fc:0e:60:
e9:d1:9a:67:45:4a:70:26:8e:01:0f:62:54:9f:26:
af:dc:6b:55:e5:7f:f3:3a:77:3f:63:ec:90:32:1c:
72:89:6d:14:43:1a:0b:d0:17:94:e0:ee:80:02:9a:
ff:50:03:05:e7:0a:9e:fc:67:0a:e4:19:92:b4:52:
53:64:36:9e:d1:e6:48:10:3b:33:16:46:d3:31:39:
6b:e4:42:8e:96:4c:7a:cf:ad:14:d8:d4:fe:cb:ef:
98:c1:e1:81:2e:00:22:af:2f:46:28:75:b2:e7:58:
d8:b8:9a:42:c3:ea:b7:1e:20:36:9d:25:7a:f6:be:
ca:60:51:fb:f2:c1:7e:03:48:96:07:ea:12:6c:02:
e1:23:53:c1:61:f2:7f:a3:d4:e5:80:58:e6:1a:5c:
b0:86:f2:6f:b1:fb:1e:7b:b4:0a:2e:b3:f5:74:21:
27:c7:00:5d:c5:ab:34:85:ae:2c:72:bb:43:43:1e:
a6:ba:76:42:4f:fa:76:5f:c6:8a:5b:c9:1c:d1:7c:
6b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:86:72:CB:A2:4E:EC:27:18:E2:A4:2C:88:BA:E0:C5:BF:8E:BE:0E
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G4Zyy6JO7CcY4qQsiLrgxb-Ovg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:281::-2a0a:282:ffff:ffff:ffff:ffff:ffff:ffff
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
a3:a1:ce:13:8a:a4:29:7f:f7:35:ec:01:49:19:a1:10:39:c1:
40:39:7f:59:2f:8a:6c:39:9c:9b:b5:52:e4:59:0c:ea:fa:dd:
d4:94:a1:65:3f:8c:29:4d:a3:7a:ad:94:1c:e4:07:67:07:e6:
b3:62:f5:2d:26:55:5f:0f:b2:cf:3a:8d:50:c7:68:47:cd:2e:
41:5f:52:53:38:1d:9a:b4:9f:f7:98:b7:de:0a:74:e4:43:ea:
82:de:a7:a8:12:cc:d2:fb:f3:a1:de:30:9f:e2:5d:05:75:a6:
cc:53:79:f8:25:d9:d9:b9:f3:38:b0:7d:7e:24:0c:c6:04:08:
bf:62:97:2e:a8:38:11:af:9f:a1:00:4c:70:aa:53:85:30:3c:
2d:29:46:c5:13:df:a7:ad:01:34:fd:d8:8a:bd:a4:11:3c:6c:
38:b7:f3:8a:2f:cc:05:23:ad:86:24:db:9a:2f:d1:fd:6c:ed:
ef:56:a3:27:f1:bb:a6:9d:e9:78:be:e8:8a:22:8e:0f:54:ce:
65:38:c6:a5:0d:8a:65:f0:b0:cb:c7:41:87:5e:26:31:71:35:
37:98:6f:66:60:4a:08:6d:82:f7:fd:43:48:bc:0f:c7:74:11:
56:f6:de:de:f3:d2:0f:0e:aa:db:99:e4:bf:d3:45:25:4a:c1:
c9:4c:84:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnarQCI8a/i0MAUQ4tw7WSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwODA5MTQyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg2NzJjYmEyNGVlYzI3MThlMmE0MmM4OGJhZTBjNWJmOGViZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsOFMa7wCDEJtW2dRihsg+Ev0B+U
BxyiYHtxwaZFArja8XxCfxby8OUDvf+gM1jpRLLwPTdY/6T8DmDp0ZpnRUpwJo4B
D2JUnyav3GtV5X/zOnc/Y+yQMhxyiW0UQxoL0BeU4O6AApr/UAMF5wqe/GcK5BmS
tFJTZDae0eZIEDszFkbTMTlr5EKOlkx6z60U2NT+y++YweGBLgAiry9GKHWy51jY
uJpCw+q3HiA2nSV69r7KYFH78sF+A0iWB+oSbALhI1PBYfJ/o9TlgFjmGlywhvJv
sfsee7QKLrP1dCEnxwBdxas0ha4scrtDQx6munZCT/p2X8aKW8kc0XxrrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBuGcsuiTuwnGOKkLIi64MW/jr4OMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvRzRaeXk2Sk83Q2NZNHFRc2lMcmd4Yi1Pdmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqCgKB
AwUAKgoCggMFAyoS70AwDQYJKoZIhvcNAQELBQADggEBAKOhzhOKpCl/9zXsAUkZ
oRA5wUA5f1kvimw5nJu1UuRZDOr63dSUoWU/jClNo3qtlBzkB2cH5rNi9S0mVV8P
ss86jVDHaEfNLkFfUlM4HZq0n/eYt94KdORD6oLep6gSzNL786HeMJ/iXQV1psxT
efgl2dm58ziwfX4kDMYECL9ily6oOBGvn6EATHCqU4UwPC0pRsUT36etATT92Iq9
pBE8bDi384ovzAUjrYYk25ov0f1s7e9Woyfxu6ad6Xi+6Ioijg9UzmU4xqUNimXw
sMvHQYdeJjFxNTeYb2ZgSghtgvf9Q0i8D8d0EVb23t7z0g8OqtuZ5L/TRSVKwclM
hDg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org