Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/GXH_ErnLEr0IxzcCP-W7Ex0RfWQ.roa
File: GXH_ErnLEr0IxzcCP-W7Ex0RfWQ.roa (raw, json)
Hash identifier: /bv/dbBNcA6ZFdwH6y51+NdqUOo21TgBEuTzuDXwTTM=
Subject key identifier: 19:71:FF:12:B9:CB:12:BD:08:C7:37:02:3F:E5:BB:13:1D:11:7D:64
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018D23B21CC6FC5C7D34F0D550C4F54886B8
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/GXH_ErnLEr0IxzcCP-W7Ex0RfWQ.roa
Signing time: Fri 19 Jan 2024 21:48:11 +0000
ROA not before: Fri 19 Jan 2024 21:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 2a07:db84::/32 maxlen: 32
2a07:db85::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Jun 2024 11:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:b2:1c:c6:fc:5c:7d:34:f0:d5:50:c4:f5:48:86:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jan 19 21:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1971ff12b9cb12bd08c737023fe5bb131d117d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:66:52:94:58:d0:9e:c1:8c:50:b5:95:24:05:
b8:31:40:42:36:9d:44:99:4e:24:85:68:e4:95:69:
bd:97:59:0e:a1:7b:02:5b:90:0e:46:03:d4:80:e9:
7d:93:64:f7:fa:a3:09:dc:55:0b:1d:be:dc:ca:c8:
5e:30:1c:f6:ee:d6:8a:e3:7c:cf:48:8a:61:19:72:
19:4b:c0:4a:07:31:71:21:a9:5a:75:92:7f:d1:e8:
dc:8e:12:7f:f1:65:87:0d:90:9f:2b:77:e3:13:a5:
2c:b1:e6:1b:6f:e2:06:6d:22:3c:99:0c:f0:b3:a5:
80:02:fc:72:c9:30:5c:c5:6c:4f:3e:ab:e2:00:3e:
0c:6a:ac:eb:0f:94:f5:d7:83:b1:6c:35:63:31:fb:
3a:03:2a:34:85:26:c8:45:52:97:7a:9a:3d:ee:66:
7f:df:58:1b:2c:8e:c2:c9:04:7b:63:45:d7:44:e9:
ed:5e:97:ed:30:a2:5c:0f:b2:db:f2:23:bb:e8:a8:
90:e9:92:1f:7e:89:cc:cc:06:97:e2:64:e2:0e:a5:
42:55:17:56:0e:e0:fb:d9:4e:90:86:35:82:c7:07:
33:4b:30:29:d4:c6:58:0a:8f:44:d2:ee:9a:4c:75:
82:2c:dd:82:a8:18:3e:cb:c5:a5:f1:c6:3b:56:4f:
f9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:71:FF:12:B9:CB:12:BD:08:C7:37:02:3F:E5:BB:13:1D:11:7D:64
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/GXH_ErnLEr0IxzcCP-W7Ex0RfWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db84::/31
Signature Algorithm: sha256WithRSAEncryption
71:e0:7d:21:31:8a:bd:71:5a:8e:2b:7a:f5:86:3c:7c:02:7f:
01:d2:94:7f:75:84:d6:1a:69:9d:c8:84:77:b6:5a:2f:0a:9f:
1a:3b:db:a4:eb:18:8e:2a:ce:73:4a:4d:fd:0e:88:ee:1b:5c:
97:d3:d2:03:6a:30:60:72:05:3b:9c:a4:7f:29:18:d9:fc:22:
96:be:6c:8a:a8:81:19:21:5a:63:fe:13:34:cc:26:76:f1:00:
d0:37:a5:ef:8f:2d:5b:03:ec:59:e0:bd:1b:fe:9f:95:20:3c:
9d:55:16:da:b2:ed:5e:5c:69:2c:88:5c:90:a5:f5:52:f8:19:
d2:7d:ef:02:e0:29:79:aa:41:49:52:ec:02:60:d2:c1:50:99:
28:dd:8f:35:27:f5:eb:79:e0:d8:6f:dc:8b:e7:9b:1b:20:15:
89:a7:ad:c5:5e:d4:d3:8b:47:e0:0b:9d:66:ab:4a:ea:d2:27:
4a:78:6e:9b:77:e4:d7:74:d4:b8:25:7f:e8:ac:34:e2:86:70:
d7:24:5c:01:27:2b:05:c7:51:7f:6e:98:ae:c9:c1:79:c7:d1:
9d:3b:0b:e3:48:2b:d8:87:ce:4e:8c:72:2a:72:3f:42:92:0b:
3d:81:a0:d7:26:68:c2:8f:8a:18:a1:22:7c:0b:02:c1:c2:f5:
54:13:2d:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY0jshzG/Fx9NPDVUMT1SIa4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjQwMTE5MjE0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTcxZmYxMmI5Y2IxMmJkMDhjNzM3MDIzZmU1YmIxMzFkMTE3ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGZSlFjQnsGMULWVJAW4MUBCNp1E
mU4khWjklWm9l1kOoXsCW5AORgPUgOl9k2T3+qMJ3FULHb7cysheMBz27taK43zP
SIphGXIZS8BKBzFxIaladZJ/0ejcjhJ/8WWHDZCfK3fjE6UsseYbb+IGbSI8mQzw
s6WAAvxyyTBcxWxPPqviAD4MaqzrD5T114OxbDVjMfs6Ayo0hSbIRVKXepo97mZ/
31gbLI7CyQR7Y0XXROntXpftMKJcD7Lb8iO76KiQ6ZIffonMzAaX4mTiDqVCVRdW
DuD72U6QhjWCxwczSzAp1MZYCo9E0u6aTHWCLN2CqBg+y8Wl8cY7Vk/5XwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBlx/xK5yxK9CMc3Aj/luxMdEX1kMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvR1hIX0VybkxFcjBJeHpjQ1AtVzdFeDBSZldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgfbhDAN
BgkqhkiG9w0BAQsFAAOCAQEAceB9ITGKvXFajit69YY8fAJ/AdKUf3WE1hppnciE
d7ZaLwqfGjvbpOsYjirOc0pN/Q6I7htcl9PSA2owYHIFO5ykfykY2fwilr5siqiB
GSFaY/4TNMwmdvEA0Del748tWwPsWeC9G/6flSA8nVUW2rLtXlxpLIhckKX1UvgZ
0n3vAuApeapBSVLsAmDSwVCZKN2PNSf163ng2G/ci+ebGyAViaetxV7U04tH4Aud
ZqtK6tInSnhum3fk13TUuCV/6Kw04oZw1yRcAScrBcdRf26YrsnBecfRnTsL40gr
2IfOToxyKnI/QpILPYGg1yZowo+KGKEifAsCwcL1VBMtig==
-----END CERTIFICATE-----
Generated at Fri Jun 21 14:52:28 2024 by rpki-client on console-ams.rpki-client.org