Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/gjixTwcou-8rlJs-czur7qsKTKM.roa
File: gjixTwcou-8rlJs-czur7qsKTKM.roa (raw, json)
Hash identifier: V68kg1a1KNrjP4lw0Om2UfZuUmusuk42W67f1gRDp+U=
Subject key identifier: 82:38:B1:4F:07:28:BB:EF:2B:94:9B:3E:73:3B:AB:EE:AB:0A:4C:A3
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 01874B3AC1883B6B010DA96A829D4404D173
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/gjixTwcou-8rlJs-czur7qsKTKM.roa
Signing time: Tue 04 Apr 2023 07:45:54 +0000
ROA not before: Tue 04 Apr 2023 07:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43402
IP address blocks: 84.232.59.0/24 maxlen: 24
94.76.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:3a:c1:88:3b:6b:01:0d:a9:6a:82:9d:44:04:d1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Apr 4 07:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8238b14f0728bbef2b949b3e733babeeab0a4ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:18:d7:2b:1b:47:6f:1a:bf:58:75:19:a4:90:
3c:2a:00:16:fe:b4:26:47:cb:65:3f:51:a5:ae:14:
ce:da:ea:8f:0e:f8:72:47:b9:83:e0:cb:1a:62:84:
00:fd:da:f5:89:20:66:49:b1:cc:04:e5:1f:af:ab:
ff:b1:ee:02:5c:bd:70:d4:31:99:f3:51:1b:d3:9e:
92:9a:dc:14:f2:70:3b:0c:81:3b:2c:3f:20:9a:31:
f7:8c:49:0f:07:9b:76:07:4d:a4:db:66:b4:44:46:
46:ae:db:72:93:12:da:81:9d:93:d3:db:d8:8a:fc:
b7:71:cf:03:54:df:db:5f:4e:25:de:35:21:3b:71:
36:13:4d:9b:dc:e4:5f:42:d0:ff:f4:e6:1d:39:72:
64:d4:48:40:ec:32:23:8e:30:a4:56:6d:60:7b:72:
28:e5:95:4c:ad:08:83:f2:3b:1a:b6:56:6e:73:f5:
77:6d:cf:24:ad:b9:71:76:2e:6d:3e:88:62:3d:5b:
fb:98:9f:d6:02:93:84:da:0d:7e:92:38:0f:48:cc:
ef:22:8d:6c:80:17:e2:d4:a0:9c:89:43:23:2a:e1:
23:21:7d:e8:f9:94:91:ac:d3:e3:23:5b:ee:9e:86:
48:76:86:d3:2d:63:12:f7:42:f8:b9:43:0c:99:e9:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:38:B1:4F:07:28:BB:EF:2B:94:9B:3E:73:3B:AB:EE:AB:0A:4C:A3
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/gjixTwcou-8rlJs-czur7qsKTKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.59.0/24
94.76.189.0/24
Signature Algorithm: sha256WithRSAEncryption
07:a3:bd:a1:cb:be:1e:a0:4d:d6:48:8f:5f:40:7b:de:37:fd:
bb:86:97:43:91:67:7a:ba:61:d3:f2:c3:3b:4b:c9:0b:d7:78:
0c:2f:fb:a7:b9:82:a5:58:ae:cc:7a:a2:5b:85:d4:28:0a:af:
5f:c2:8a:fa:07:9e:b8:df:57:bc:63:c5:7d:29:02:dd:6a:73:
5a:b2:9f:b9:98:0c:28:a5:d4:e0:55:41:1d:66:df:1a:6f:d2:
e1:0c:1d:13:90:50:44:43:eb:92:c9:c2:3b:78:fb:c6:e9:48:
5b:a6:bd:01:54:60:bc:95:5a:0c:0c:7c:25:bc:29:eb:ef:bb:
8d:d3:94:26:82:6c:a5:41:15:ee:1c:d2:29:10:0c:ee:43:c7:
f8:57:7a:13:bb:6c:66:2e:21:e3:e7:bf:74:a7:a4:6b:1a:d0:
8e:c5:cd:6d:e6:76:58:2f:1d:b9:a2:bd:02:a5:a9:99:5c:70:
19:f2:ea:5c:c8:5a:31:42:fd:71:17:6f:e0:d5:fe:78:e1:e6:
78:dd:03:3d:24:ff:37:db:76:bc:5c:ab:4a:10:ed:5d:17:95:
c2:55:de:da:66:fa:f0:41:8e:fb:61:aa:d7:05:19:00:e4:be:
a8:a2:88:c5:05:e7:fa:e7:f3:fe:2d:3d:1c:01:9c:36:2a:25:
b5:2e:a7:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdLOsGIO2sBDalqgp1EBNFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwNDA0MDc0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM4YjE0ZjA3MjhiYmVmMmI5NDliM2U3MzNiYWJlZWFiMGE0Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xjXKxtHbxq/WHUZpJA8KgAW/rQm
R8tlP1GlrhTO2uqPDvhyR7mD4MsaYoQA/dr1iSBmSbHMBOUfr6v/se4CXL1w1DGZ
81Eb056SmtwU8nA7DIE7LD8gmjH3jEkPB5t2B02k22a0REZGrttykxLagZ2T09vY
ivy3cc8DVN/bX04l3jUhO3E2E02b3ORfQtD/9OYdOXJk1EhA7DIjjjCkVm1ge3Io
5ZVMrQiD8jsatlZuc/V3bc8krblxdi5tPohiPVv7mJ/WApOE2g1+kjgPSMzvIo1s
gBfi1KCciUMjKuEjIX3o+ZSRrNPjI1vunoZIdobTLWMS90L4uUMMmenOZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFII4sU8HKLvvK5SbPnM7q+6rCkyjMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZ2ppeFR3Y291LThybEpzLWN6dXI3cXNLVEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVOg7AwQA
Xky9MA0GCSqGSIb3DQEBCwUAA4IBAQAHo72hy74eoE3WSI9fQHveN/27hpdDkWd6
umHT8sM7S8kL13gML/unuYKlWK7MeqJbhdQoCq9fwor6B56431e8Y8V9KQLdanNa
sp+5mAwopdTgVUEdZt8ab9LhDB0TkFBEQ+uSycI7ePvG6Uhbpr0BVGC8lVoMDHwl
vCnr77uN05QmgmylQRXuHNIpEAzuQ8f4V3oTu2xmLiHj5790p6RrGtCOxc1t5nZY
Lx25or0CpamZXHAZ8upcyFoxQv1xF2/g1f544eZ43QM9JP8323a8XKtKEO1dF5XC
Vd7aZvrwQY77YarXBRkA5L6ooojFBef65/P+LT0cAZw2KiW1Lqdp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org