Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gYM2p_yp1YwTxCFzutGg0z8lALM.roa
File: gYM2p_yp1YwTxCFzutGg0z8lALM.roa (raw, json)
Hash identifier: X0wpoE68Z077YpZ3ffufMj4636P3QVwSzfW3L608cXg=
Subject key identifier: 81:83:36:A7:FC:A9:D5:8C:13:C4:21:73:BA:D1:A0:D3:3F:25:00:B3
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C40D64FFCE93480EF979C8CB9E86803FD
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gYM2p_yp1YwTxCFzutGg0z8lALM.roa
Signing time: Wed 06 Dec 2023 20:33:56 +0000
ROA not before: Wed 06 Dec 2023 20:33:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48612
IP address blocks: 85.140.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:d6:4f:fc:e9:34:80:ef:97:9c:8c:b9:e8:68:03:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 6 20:33:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=818336a7fca9d58c13c42173bad1a0d33f2500b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a4:28:59:a7:34:bb:01:5d:66:1c:2c:fe:60:
c5:56:5a:e7:89:f0:64:9e:3d:aa:e7:a9:d5:66:9e:
5d:bb:21:54:39:b2:eb:30:86:2e:ee:15:7e:b5:7e:
c2:19:fb:d7:85:e7:a8:e6:13:29:c0:dd:79:9d:7c:
48:f9:5c:dc:3e:be:d1:90:ab:5f:f1:7b:b8:e2:93:
0f:cb:1a:a4:34:08:b4:be:de:4a:df:cb:14:e8:a5:
d8:bc:54:35:cc:b6:ef:6a:71:4c:d8:68:e5:fd:e2:
dc:20:b9:2b:cc:25:3d:43:73:cf:04:a7:3c:db:3f:
81:08:ed:a3:5a:f3:23:82:23:0e:97:7d:f1:bd:87:
0d:fc:ab:1c:6b:f8:ae:d5:ae:54:d9:4e:a4:ba:1f:
a8:69:d6:dc:d1:97:ac:69:d4:8c:de:54:18:39:37:
a1:49:80:55:64:3d:85:c4:7f:5c:21:09:c5:c3:3a:
a6:13:3a:47:bf:1f:b5:92:62:bb:8a:8e:7d:75:a9:
04:bd:9c:d2:87:89:ea:90:1e:1a:ed:18:ad:72:05:
e0:a7:e2:c9:93:53:c7:46:86:2e:de:39:ae:5a:a2:
4d:e1:46:20:1d:b3:c1:1c:d5:77:67:7a:5e:71:f3:
e8:6d:1b:35:d1:a3:eb:40:cb:ee:9e:16:cb:35:99:
d2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:83:36:A7:FC:A9:D5:8C:13:C4:21:73:BA:D1:A0:D3:3F:25:00:B3
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/gYM2p_yp1YwTxCFzutGg0z8lALM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.126.0/24
Signature Algorithm: sha256WithRSAEncryption
07:04:d5:d9:a7:f0:c2:05:ce:d2:82:c6:f0:33:66:19:3e:40:
36:8b:13:78:39:88:fb:bc:66:5f:5b:29:02:b8:a1:c4:78:1d:
af:04:de:1b:aa:05:78:89:3c:98:90:50:32:6a:77:2f:5d:d7:
d6:02:de:fc:4f:97:c1:60:3b:f2:cf:ac:01:8c:90:77:63:9a:
a6:8b:70:da:8e:c3:05:0d:4e:81:54:61:f1:02:d8:d0:98:1a:
e9:29:a6:c6:40:1a:08:7d:3e:c8:0a:21:48:28:17:a1:06:ce:
df:2c:48:9c:f1:27:ba:1f:ee:3a:4a:ee:60:f6:2d:2b:9c:94:
52:17:a5:0f:ac:c5:c0:3a:81:0e:d1:c6:c5:df:44:29:f7:1f:
a9:2f:7a:17:7d:26:bb:05:f0:f4:b9:32:13:1c:b5:20:7f:85:
28:db:6e:66:0e:dd:7b:b8:38:ad:46:40:ff:29:32:f4:b9:3f:
19:6c:65:07:c1:07:4a:31:5d:18:8a:4c:50:fb:67:c2:45:62:
bb:16:9a:1b:c2:c2:dc:d2:57:42:9d:57:0d:59:7b:43:39:af:
c6:b4:66:9b:15:ec:c0:85:f7:3e:e3:26:a6:ef:ae:6b:1e:3d:
bc:b7:36:fb:fc:33:28:88:41:03:03:b1:14:09:33:46:7a:20:
7d:e9:04:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxA1k/86TSA75ecjLnoaAP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA2MjAzMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTgzMzZhN2ZjYTlkNThjMTNjNDIxNzNiYWQxYTBkMzNmMjUwMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6QoWac0uwFdZhws/mDFVlrnifBk
nj2q56nVZp5duyFUObLrMIYu7hV+tX7CGfvXheeo5hMpwN15nXxI+VzcPr7RkKtf
8Xu44pMPyxqkNAi0vt5K38sU6KXYvFQ1zLbvanFM2Gjl/eLcILkrzCU9Q3PPBKc8
2z+BCO2jWvMjgiMOl33xvYcN/Ksca/iu1a5U2U6kuh+oadbc0ZesadSM3lQYOTeh
SYBVZD2FxH9cIQnFwzqmEzpHvx+1kmK7io59dakEvZzSh4nqkB4a7RitcgXgp+LJ
k1PHRoYu3jmuWqJN4UYgHbPBHNV3Z3pecfPobRs10aPrQMvunhbLNZnShwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGDNqf8qdWME8Qhc7rRoNM/JQCzMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvZ1lNMnBfeXAxWXdUeENGenV0R2cwejhsQUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYx+MA0G
CSqGSIb3DQEBCwUAA4IBAQAHBNXZp/DCBc7SgsbwM2YZPkA2ixN4OYj7vGZfWykC
uKHEeB2vBN4bqgV4iTyYkFAyancvXdfWAt78T5fBYDvyz6wBjJB3Y5qmi3DajsMF
DU6BVGHxAtjQmBrpKabGQBoIfT7ICiFIKBehBs7fLEic8Se6H+46Su5g9i0rnJRS
F6UPrMXAOoEO0cbF30Qp9x+pL3oXfSa7BfD0uTITHLUgf4Uo225mDt17uDitRkD/
KTL0uT8ZbGUHwQdKMV0YikxQ+2fCRWK7FpobwsLc0ldCnVcNWXtDOa/GtGabFezA
hfc+4yam765rHj28tzb7/DMoiEEDA7EUCTNGeiB96QQ+
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:41 2024 by rpki-client on console-ams.rpki-client.org