Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/jGSm8XXVVouJnSfPE040NX3qTCI.roa
File: jGSm8XXVVouJnSfPE040NX3qTCI.roa (raw, json)
Hash identifier: 7S5f5cJ6N++GRWovvmjUgI5bb7H/t0e2OjNuSgTPA7o=
Subject key identifier: 8C:64:A6:F1:75:D5:56:8B:89:9D:27:CF:13:4E:34:35:7D:EA:4C:22
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018AFC1AA081D281B673DB736A9A288380B6
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/jGSm8XXVVouJnSfPE040NX3qTCI.roa
Signing time: Wed 04 Oct 2023 19:11:58 +0000
ROA not before: Wed 04 Oct 2023 19:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a07:db82::/32 maxlen: 32
2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Oct 2023 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:1a:a0:81:d2:81:b6:73:db:73:6a:9a:28:83:80:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Oct 4 19:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c64a6f175d5568b899d27cf134e34357dea4c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0c:fa:a5:88:c0:48:03:79:c2:8b:2b:ea:e5:
7f:be:5c:0f:4b:69:c2:81:9d:2f:e0:4c:86:be:36:
f8:41:80:8c:fc:53:ae:a3:69:3a:37:7f:45:d0:2e:
92:fd:9a:78:77:a4:0d:d6:9d:ae:13:e7:f0:c3:40:
81:6d:ee:04:35:30:34:dd:2c:1e:8c:88:f7:f1:4d:
d8:02:bf:08:4f:d0:e9:30:3e:3a:78:a8:70:7a:b1:
ea:a6:39:9f:e1:ab:f5:9d:13:52:52:98:e6:21:40:
0b:26:8f:d6:71:d0:bb:0c:46:e2:50:36:f7:bb:4a:
3b:3c:26:e7:83:a4:0a:1a:3d:e4:16:98:b9:45:41:
a3:83:fe:66:78:57:f3:51:ee:7d:13:0b:80:fc:b7:
63:82:5b:90:3f:de:f8:6e:b4:a8:7c:e6:eb:cc:c9:
95:86:3b:0f:bd:e0:32:9a:92:0a:3b:31:e5:83:99:
b0:27:aa:33:0d:b5:8c:64:9e:8e:05:2e:0b:22:d5:
c8:4d:d6:d4:53:f0:9c:8d:08:54:b2:41:40:0c:58:
1c:2a:0c:18:75:de:00:a8:d0:a2:4f:fc:aa:bd:72:
be:39:47:b4:d5:57:13:18:87:6f:17:b8:57:cf:4d:
59:0f:92:bd:be:5a:5f:38:03:79:cc:fc:70:e1:4b:
2b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:64:A6:F1:75:D5:56:8B:89:9D:27:CF:13:4E:34:35:7D:EA:4C:22
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/jGSm8XXVVouJnSfPE040NX3qTCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/32
2a07:db82::/32
Signature Algorithm: sha256WithRSAEncryption
29:fd:16:1d:98:40:9e:2c:82:19:65:ff:3e:36:50:04:de:92:
be:2a:32:18:54:60:61:c5:6e:67:3c:cf:6e:97:a7:58:73:9a:
1f:24:82:82:55:ac:bc:3c:26:5f:39:d7:e3:d2:1f:80:36:c2:
df:e6:76:58:e0:e1:8d:a5:c4:9c:95:20:81:7e:27:99:20:51:
18:f3:d8:68:5f:7f:28:70:97:a4:67:73:5b:42:c4:40:94:d8:
d0:8a:79:cd:f2:2d:4c:ba:59:32:ee:14:f2:6f:64:a6:60:f3:
91:aa:1c:f9:51:ba:db:0b:48:61:d6:c6:a9:33:6c:1a:d7:05:
70:c0:7a:b7:71:fc:6b:3b:1c:65:6a:79:20:96:47:b5:6f:75:
a8:cb:21:ff:9d:06:0b:bf:17:c3:d4:80:32:7a:06:c2:73:fa:
02:a6:8d:9e:cf:30:ac:48:0f:ce:c6:93:cd:b9:d2:44:81:76:
61:0f:35:62:96:6b:64:60:a8:23:40:30:a1:14:d7:d2:ed:88:
b5:82:d7:e5:32:64:1a:37:38:d7:63:36:61:4c:b3:30:64:32:
66:01:2f:90:8d:8e:66:b8:af:62:fc:0e:ab:a1:36:5c:b7:aa:
54:2c:02:9a:ae:67:72:bf:83:24:bb:a9:7e:68:39:f6:a3:ef:
90:d7:51:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYr8GqCB0oG2c9tzapoog4C2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMxMDA0MTkxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY0YTZmMTc1ZDU1NjhiODk5ZDI3Y2YxMzRlMzQzNTdkZWE0YzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQz6pYjASAN5wosr6uV/vlwPS2nC
gZ0v4EyGvjb4QYCM/FOuo2k6N39F0C6S/Zp4d6QN1p2uE+fww0CBbe4ENTA03Swe
jIj38U3YAr8IT9DpMD46eKhwerHqpjmf4av1nRNSUpjmIUALJo/WcdC7DEbiUDb3
u0o7PCbng6QKGj3kFpi5RUGjg/5meFfzUe59EwuA/LdjgluQP974brSofObrzMmV
hjsPveAympIKOzHlg5mwJ6ozDbWMZJ6OBS4LItXITdbUU/CcjQhUskFADFgcKgwY
dd4AqNCiT/yqvXK+OUe01VcTGIdvF7hXz01ZD5K9vlpfOAN5zPxw4Usr7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIxkpvF11VaLiZ0nzxNONDV96kwiMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvakdTbThYWFZWb3VKblNmUEUwNDBOWDNxVENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgfbgAMF
ACoH24IwDQYJKoZIhvcNAQELBQADggEBACn9Fh2YQJ4sghll/z42UATekr4qMhhU
YGHFbmc8z26Xp1hzmh8kgoJVrLw8Jl851+PSH4A2wt/mdljg4Y2lxJyVIIF+J5kg
URjz2Ghffyhwl6Rnc1tCxECU2NCKec3yLUy6WTLuFPJvZKZg85GqHPlRutsLSGHW
xqkzbBrXBXDAerdx/Gs7HGVqeSCWR7VvdajLIf+dBgu/F8PUgDJ6BsJz+gKmjZ7P
MKxID87Gk8250kSBdmEPNWKWa2RgqCNAMKEU19LtiLWC1+UyZBo3ONdjNmFMszBk
MmYBL5CNjma4r2L8DquhNly3qlQsApquZ3K/gyS7qX5oOfaj75DXUS4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org