Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/GkcXET2666xlSMKfTIsqdsZ3_78.roa
File: GkcXET2666xlSMKfTIsqdsZ3_78.roa (raw, json)
Hash identifier: mbz5Yehoq97D8vfa6zXZf9HiiSqRgog/TAIE6gLAxqc=
Subject key identifier: 1A:47:17:11:3D:BA:EB:AC:65:48:C2:9F:4C:8B:2A:76:C6:77:FF:BF
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0F8FD7273353E83C0A83173D4E1A5
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/GkcXET2666xlSMKfTIsqdsZ3_78.roa
Signing time: Mon 02 Jan 2023 10:04:55 +0000
ROA not before: Mon 02 Jan 2023 10:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60397
IP address blocks: 84.236.152.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f8:fd:72:73:35:3e:83:c0:a8:31:73:d4:e1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a4717113dbaebac6548c29f4c8b2a76c677ffbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3f:06:5a:32:09:09:b3:8a:e7:80:9c:e0:9a:
f8:05:ce:f7:43:3b:6b:03:eb:0d:08:d5:63:77:81:
34:67:65:0b:b2:a4:0d:60:a8:53:04:d7:df:92:31:
7b:7d:73:3c:d3:ad:7d:eb:d2:7a:c5:0f:28:bc:cc:
d4:fa:86:f2:81:92:7a:fc:39:1c:9b:51:60:8f:1f:
5e:10:bd:4c:52:e9:29:11:03:c6:54:4c:4b:8a:4e:
47:f1:d7:2d:2c:fc:ed:7e:c5:03:02:b9:f6:8d:e4:
ba:c1:5f:a3:72:20:c1:00:f4:38:d7:1a:7d:0d:4b:
52:f0:20:a6:10:cd:ce:a5:3e:af:f3:b8:07:b7:61:
9a:0e:78:cc:36:ec:cd:c1:45:e4:96:45:7a:97:e7:
3d:b1:8b:1f:2e:a9:1d:83:7b:55:80:0e:06:ec:5e:
f8:57:2b:f1:69:3c:17:66:3e:50:8e:ac:63:07:c1:
98:98:27:74:c7:41:34:f0:bb:8b:35:08:15:43:ee:
f7:52:82:f1:6f:60:fd:cf:a4:4f:d1:5f:a7:e3:0f:
63:12:04:f8:f6:c4:6f:29:be:42:cf:bf:1f:c8:44:
fc:c4:eb:89:e5:c8:5d:d4:bf:f5:8b:5f:b9:db:37:
7c:3d:4e:b6:77:c0:f1:b5:22:21:ee:a1:cb:79:e3:
de:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:47:17:11:3D:BA:EB:AC:65:48:C2:9F:4C:8B:2A:76:C6:77:FF:BF
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/GkcXET2666xlSMKfTIsqdsZ3_78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.152.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:f7:2e:5e:b2:d8:c0:be:de:70:ea:e4:96:1b:0d:1b:11:8b:
39:cf:24:1a:1c:33:fd:71:b9:4b:cf:f5:20:5e:a9:1c:c1:86:
ec:d9:14:2b:7b:fd:3a:b4:63:7c:f0:1c:37:3e:25:d3:2d:dd:
3e:1b:7b:18:13:7a:10:46:1d:0c:e3:5f:93:09:ee:a5:b8:5b:
61:cd:e5:f0:ae:a7:8a:4a:b5:1d:9b:e9:16:6d:a5:71:10:09:
be:4c:87:a3:22:32:dc:92:a3:00:80:66:d4:03:12:65:35:58:
76:d7:db:f8:1f:e3:b6:85:6c:9f:2e:6e:0c:b2:ab:d6:9c:41:
48:6c:15:13:a1:dd:a3:43:f3:af:bf:16:7a:df:a7:06:a2:bb:
e2:c0:b5:c4:a4:ef:c3:d1:32:71:71:cc:3c:55:4b:c3:ae:90:
d7:2f:78:04:2a:20:4b:89:28:31:f5:bf:4a:30:c0:0a:2b:66:
e2:7a:38:4c:81:82:90:ab:18:c7:db:b3:cf:bd:ba:c1:cc:c8:
d1:c3:f3:14:7d:52:07:2e:42:70:fc:31:da:26:30:12:8e:6a:
2f:2e:6d:54:fe:55:5d:da:5c:f4:61:87:0b:8a:c7:f6:4d:e4:
8c:75:d4:80:17:a5:2f:dd:90:04:0f:9b:2b:91:bd:29:d7:23:
fc:cb:30:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8Pj9cnM1PoPAqDFz1OGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQ3MTcxMTNkYmFlYmFjNjU0OGMyOWY0YzhiMmE3NmM2NzdmZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj8GWjIJCbOK54Cc4Jr4Bc73Qztr
A+sNCNVjd4E0Z2ULsqQNYKhTBNffkjF7fXM8061969J6xQ8ovMzU+obygZJ6/Dkc
m1Fgjx9eEL1MUukpEQPGVExLik5H8dctLPztfsUDArn2jeS6wV+jciDBAPQ41xp9
DUtS8CCmEM3OpT6v87gHt2GaDnjMNuzNwUXklkV6l+c9sYsfLqkdg3tVgA4G7F74
VyvxaTwXZj5QjqxjB8GYmCd0x0E08LuLNQgVQ+73UoLxb2D9z6RP0V+n4w9jEgT4
9sRvKb5Cz78fyET8xOuJ5chd1L/1i1+52zd8PU62d8DxtSIh7qHLeePe7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpHFxE9uuusZUjCn0yLKnbGd/+/MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvR2tjWEVUMjY2NnhsU01LZlRJc3Fkc1ozXzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVOyYMA0G
CSqGSIb3DQEBCwUAA4IBAQDF9y5estjAvt5w6uSWGw0bEYs5zyQaHDP9cblLz/Ug
XqkcwYbs2RQre/06tGN88Bw3PiXTLd0+G3sYE3oQRh0M41+TCe6luFthzeXwrqeK
SrUdm+kWbaVxEAm+TIejIjLckqMAgGbUAxJlNVh219v4H+O2hWyfLm4MsqvWnEFI
bBUTod2jQ/OvvxZ636cGorviwLXEpO/D0TJxccw8VUvDrpDXL3gEKiBLiSgx9b9K
MMAKK2biejhMgYKQqxjH27PPvbrBzMjRw/MUfVIHLkJw/DHaJjASjmovLm1U/lVd
2lz0YYcLisf2TeSMddSAF6Uv3ZAED5srkb0p1yP8yzAN
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org