Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GnKgpfMLZULVl108M-b-Vc6Ik6k.roa
File: GnKgpfMLZULVl108M-b-Vc6Ik6k.roa (raw, json)
Hash identifier: NODDV63JotVcfP1KPOVNHxtpBDyyENE3pZICcWx0gL4=
Subject key identifier: 1A:72:A0:A5:F3:0B:65:42:D5:97:5D:3C:33:E6:FE:55:CE:88:93:A9
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42F3C12837B56603B17B5AA339AB5C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GnKgpfMLZULVl108M-b-Vc6Ik6k.roa
Signing time: Sun 01 Jan 2023 21:35:36 +0000
ROA not before: Sun 01 Jan 2023 21:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213126
IP address blocks: 2a0e:8f02:f001::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f3:c1:28:37:b5:66:03:b1:7b:5a:a3:39:ab:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a72a0a5f30b6542d5975d3c33e6fe55ce8893a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:5b:82:a2:db:9c:49:9d:0f:fc:68:5d:f6:
69:25:7c:1a:6b:1d:1b:83:a0:ed:8b:ff:f4:66:06:
fb:00:e2:f8:60:a4:46:8f:07:da:1c:94:ed:c2:bc:
ad:20:82:b4:c4:a1:b5:59:46:d2:1d:35:1e:e6:34:
1c:15:13:24:6b:83:fb:db:12:18:49:29:54:be:40:
2d:87:14:2f:db:72:dc:17:40:c9:33:38:4c:72:a4:
21:a7:65:11:42:e8:a9:ac:15:ab:af:da:fb:1b:12:
f7:d8:b1:44:59:6f:c8:49:56:c5:79:d6:da:8f:cb:
0f:88:ef:99:62:dc:df:3e:93:e1:3a:f6:d5:32:d9:
93:77:6b:a5:e4:6d:a3:0e:42:12:06:29:99:2b:6d:
e9:af:35:85:55:af:97:f8:68:d9:5e:42:83:df:eb:
11:2b:c9:84:22:94:70:3d:c4:0e:b2:6b:db:e4:5a:
c9:98:69:f8:63:f7:fb:22:b2:48:51:b2:f9:d8:02:
16:6a:9d:0d:f0:98:b6:4f:5c:d7:80:cf:98:2f:da:
2d:e5:82:6d:55:00:90:a3:8c:0a:a6:82:f3:c4:57:
f5:70:b5:aa:b4:d9:98:17:b4:20:73:5b:66:cf:8e:
4d:76:87:1b:1c:8f:80:98:0d:7c:68:42:27:5c:35:
06:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:72:A0:A5:F3:0B:65:42:D5:97:5D:3C:33:E6:FE:55:CE:88:93:A9
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GnKgpfMLZULVl108M-b-Vc6Ik6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f001::/48
Signature Algorithm: sha256WithRSAEncryption
7a:e5:cc:4b:55:8b:cd:7f:23:e5:e4:3b:c5:39:ef:42:7b:2a:
5c:d7:83:eb:e3:31:e4:7f:87:16:07:4e:1d:40:a2:7e:fd:38:
02:28:4a:e1:58:8f:e5:35:0e:4b:e9:14:1b:c6:3a:a6:a8:bf:
cd:5d:cf:9b:c0:d5:d3:f9:2f:02:11:99:4a:85:49:e0:bd:09:
e5:94:b6:0b:fe:ad:77:f6:7d:2e:4c:6a:35:ab:e8:60:bc:37:
52:5a:aa:c4:1b:da:c1:cc:6a:a5:03:a9:cc:5d:65:14:25:f0:
da:68:c8:21:1d:b2:c1:58:41:03:e8:22:06:3a:64:b6:4b:2c:
10:2e:0a:05:5a:41:4a:f9:e0:19:28:bc:3a:13:86:63:92:79:
79:ee:b9:37:2e:e3:4a:56:37:ea:48:06:8a:0b:4d:50:b3:56:
1c:d7:39:51:71:66:25:4a:19:f4:f7:98:a6:6d:ef:9c:97:f2:
e1:10:8e:10:d3:76:52:91:db:1c:8a:e0:e2:01:08:c0:02:72:
f1:fb:1a:af:de:69:dd:e6:33:18:78:cf:56:dc:4c:b5:7e:11:
52:dd:0b:db:21:dd:64:3d:53:df:b9:6e:8d:00:29:53:84:a9:
bf:6d:83:94:61:9c:54:16:40:df:44:c5:2a:13:1d:bb:6c:94:
f5:34:f3:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQvPBKDe1ZgOxe1qjOatcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTcyYTBhNWYzMGI2NTQyZDU5NzVkM2MzM2U2ZmU1NWNlODg5M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvdbgqLbnEmdD/xoXfZpJXwaax0b
g6Dti//0Zgb7AOL4YKRGjwfaHJTtwrytIIK0xKG1WUbSHTUe5jQcFRMka4P72xIY
SSlUvkAthxQv23LcF0DJMzhMcqQhp2URQuiprBWrr9r7GxL32LFEWW/ISVbFedba
j8sPiO+ZYtzfPpPhOvbVMtmTd2ul5G2jDkISBimZK23przWFVa+X+GjZXkKD3+sR
K8mEIpRwPcQOsmvb5FrJmGn4Y/f7IrJIUbL52AIWap0N8Ji2T1zXgM+YL9ot5YJt
VQCQo4wKpoLzxFf1cLWqtNmYF7Qgc1tmz45NdocbHI+AmA18aEInXDUG8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBpyoKXzC2VC1ZddPDPm/lXOiJOpMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvR25LZ3BmTUxaVUxWbDEwOE0tYi1WYzZJazZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB65cxLVYvNfyPl5DvFOe9Ceypc14Pr4zHkf4cW
B04dQKJ+/TgCKErhWI/lNQ5L6RQbxjqmqL/NXc+bwNXT+S8CEZlKhUngvQnllLYL
/q139n0uTGo1q+hgvDdSWqrEG9rBzGqlA6nMXWUUJfDaaMghHbLBWEED6CIGOmS2
SywQLgoFWkFK+eAZKLw6E4Zjknl57rk3LuNKVjfqSAaKC01Qs1Yc1zlRcWYlShn0
95imbe+cl/LhEI4Q03ZSkdsciuDiAQjAAnLx+xqv3mnd5jMYeM9W3Ey1fhFS3Qvb
Id1kPVPfuW6NAClThKm/bYOUYZxUFkDfRMUqEx27bJT1NPNY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org