Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/gbXRheNGw4NrnF8haqdMvLUpBE8.roa
File: gbXRheNGw4NrnF8haqdMvLUpBE8.roa (raw, json)
Hash identifier: 511HU2eje94O59TMurDTdhkVbV8Rx69FIES+czm2y+8=
Subject key identifier: 81:B5:D1:85:E3:46:C3:83:6B:9C:5F:21:6A:A7:4C:BC:B5:29:04:4F
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 0191D6EC302620304E903A71CE9CFA47EB33
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/gbXRheNGw4NrnF8haqdMvLUpBE8.roa
Signing time: Mon 09 Sep 2024 13:14:48 +0000
ROA not before: Mon 09 Sep 2024 13:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 193.102.32.0/24 maxlen: 24
193.102.33.0/24 maxlen: 24
193.102.34.0/24 maxlen: 24
193.102.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 08:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:ec:30:26:20:30:4e:90:3a:71:ce:9c:fa:47:eb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Sep 9 13:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81b5d185e346c3836b9c5f216aa74cbcb529044f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f7:d9:a4:55:8f:2a:64:17:4c:9a:11:42:68:
c3:96:f2:81:88:04:ab:d6:2a:bb:1f:52:17:fd:14:
55:c5:b2:05:d9:45:06:d4:11:fe:a0:de:cf:55:b2:
17:25:ff:50:6d:63:64:a2:1a:61:4e:19:a6:47:23:
b9:9e:d6:f6:5d:65:3d:05:b1:39:d0:de:c8:2b:6c:
91:ac:5e:ed:b0:65:4f:d2:c8:d0:a2:86:d2:74:c2:
1b:b6:2c:dc:9d:17:b7:69:8b:e4:24:54:11:d8:3e:
5c:d7:8b:56:32:a3:df:37:9a:f5:ce:a1:ac:78:9d:
5b:63:5f:01:51:27:f9:9a:b9:63:ba:2b:5b:54:79:
18:49:38:b5:08:43:94:85:be:15:06:84:a4:6b:e7:
a7:cc:55:dd:97:89:dc:66:2a:41:fd:d9:2b:03:bf:
7c:1f:f8:63:88:b5:cb:8a:44:27:5e:59:96:02:75:
21:12:ba:55:f1:c7:71:2f:3b:43:a6:60:9d:e9:55:
4a:c4:5c:e8:eb:cc:e8:da:46:fe:65:ec:23:cd:e5:
3c:8a:9f:f9:61:88:74:d4:bf:87:c0:87:55:fb:91:
0d:b1:bb:ab:91:15:61:09:4a:d4:59:d0:cd:cf:46:
44:8b:f8:04:d2:a3:ad:da:08:55:31:3a:4a:69:b7:
9d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B5:D1:85:E3:46:C3:83:6B:9C:5F:21:6A:A7:4C:BC:B5:29:04:4F
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/gbXRheNGw4NrnF8haqdMvLUpBE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.102.32.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:72:f9:3c:47:a4:ff:2b:6f:e8:09:f3:b0:39:7e:b3:be:36:
1c:c0:1f:36:0c:3d:c5:24:6b:84:0d:01:18:1e:63:ef:c2:18:
50:9a:f5:7c:1a:e5:28:19:1b:f4:a6:ea:81:3d:74:0f:aa:2f:
20:46:70:bc:08:10:2c:ab:ae:a9:23:ad:e6:5e:18:26:c4:36:
10:0f:ff:f7:61:b6:77:52:f6:a0:24:ee:a0:cb:39:19:6e:07:
64:cf:16:db:3d:83:06:ae:18:e6:d7:bb:1f:c5:0e:f1:13:a1:
c0:5f:7a:b5:f6:b1:38:76:9d:5a:da:aa:aa:c3:90:32:a2:b7:
36:c7:63:a1:05:df:d0:a7:bb:06:2e:ba:14:9f:0b:9e:a5:7a:
43:e9:d7:82:2f:41:67:b8:d5:8e:11:da:b2:9e:c8:81:e5:b9:
b1:06:12:11:9f:23:cb:d8:67:cb:e9:c0:0c:02:2f:5e:da:bb:
19:33:94:33:45:7e:5c:d2:66:3e:45:1c:99:2a:c7:34:8e:53:
13:ae:d8:f0:26:46:ca:78:11:69:b3:9b:4b:eb:16:59:b4:2c:
29:24:f6:c7:a2:b0:18:d0:77:4e:91:26:d4:d7:b7:cb:42:45:
a6:36:c6:2d:dc:0f:af:48:42:d3:10:43:76:0d:62:18:f0:e1:
ce:81:1d:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHW7DAmIDBOkDpxzpz6R+szMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjQwOTA5MTMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI1ZDE4NWUzNDZjMzgzNmI5YzVmMjE2YWE3NGNiY2I1MjkwNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPfZpFWPKmQXTJoRQmjDlvKBiASr
1iq7H1IX/RRVxbIF2UUG1BH+oN7PVbIXJf9QbWNkohphThmmRyO5ntb2XWU9BbE5
0N7IK2yRrF7tsGVP0sjQoobSdMIbtizcnRe3aYvkJFQR2D5c14tWMqPfN5r1zqGs
eJ1bY18BUSf5mrljuitbVHkYSTi1CEOUhb4VBoSka+enzFXdl4ncZipB/dkrA798
H/hjiLXLikQnXlmWAnUhErpV8cdxLztDpmCd6VVKxFzo68zo2kb+ZewjzeU8ip/5
YYh01L+HwIdV+5ENsburkRVhCUrUWdDNz0ZEi/gE0qOt2ghVMTpKabedewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIG10YXjRsODa5xfIWqnTLy1KQRPMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvZ2JYUmhlTkd3NE5ybkY4aGFxZE12TFVwQkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWYgMA0G
CSqGSIb3DQEBCwUAA4IBAQAKcvk8R6T/K2/oCfOwOX6zvjYcwB82DD3FJGuEDQEY
HmPvwhhQmvV8GuUoGRv0puqBPXQPqi8gRnC8CBAsq66pI63mXhgmxDYQD//3YbZ3
UvagJO6gyzkZbgdkzxbbPYMGrhjm17sfxQ7xE6HAX3q19rE4dp1a2qqqw5Ayorc2
x2OhBd/Qp7sGLroUnwuepXpD6deCL0FnuNWOEdqynsiB5bmxBhIRnyPL2GfL6cAM
Ai9e2rsZM5QzRX5c0mY+RRyZKsc0jlMTrtjwJkbKeBFps5tL6xZZtCwpJPbHorAY
0HdOkSbU17fLQkWmNsYt3A+vSELTEEN2DWIY8OHOgR1c
-----END CERTIFICATE-----
Generated at Tue Oct 1 12:18:48 2024 by rpki-client on console-ams.rpki-client.org