Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/gNf2x6kqPDybWAIYauYfZF7tqYI.roa
File: gNf2x6kqPDybWAIYauYfZF7tqYI.roa (raw, json)
Hash identifier: HF/LUAoWk2yEnJoqbR6Lt2r9JYBi5pq8LwPjnlS3o7M=
Subject key identifier: 80:D7:F6:C7:A9:2A:3C:3C:9B:58:02:18:6A:E6:1F:64:5E:ED:A9:82
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 01856FA6E36E50314C530BAD404BB40B9C3F
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/gNf2x6kqPDybWAIYauYfZF7tqYI.roa
Signing time: Sun 01 Jan 2023 23:24:46 +0000
ROA not before: Sun 01 Jan 2023 23:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38913
IP address blocks: 88.214.28.0/22 maxlen: 22
2a09:8b00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:e3:6e:50:31:4c:53:0b:ad:40:4b:b4:0b:9c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Jan 1 23:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80d7f6c7a92a3c3c9b5802186ae61f645eeda982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e3:26:80:10:6f:e2:f5:33:ad:53:1a:f4:77:
fe:75:e4:cb:5f:3c:47:23:c0:c4:13:c6:9b:0e:62:
93:ac:97:dd:97:a1:bd:e8:14:14:5e:ff:44:dc:e5:
16:4f:1a:6a:43:de:a3:2b:f0:1f:9c:f9:27:3f:a5:
b6:39:bb:9b:43:67:f6:fc:10:32:67:26:47:d5:bb:
31:ae:1a:b3:cb:12:d6:be:de:34:94:16:74:a0:87:
d5:95:59:45:cc:ac:72:a0:03:33:3e:e3:37:2b:1d:
91:52:14:0c:62:e9:f2:a5:93:4f:25:a3:17:2e:1b:
9d:f8:ef:00:fa:67:95:92:6c:58:8e:0e:1b:bd:75:
56:db:6b:da:6e:67:75:cb:6c:a0:55:f5:4a:a4:cf:
07:37:98:d2:35:22:03:8b:15:15:a9:3a:b0:94:18:
51:6b:4e:f1:6a:76:dd:53:ec:1a:8a:62:f7:e7:b8:
d6:19:46:aa:2f:be:b8:14:9f:fb:62:5a:cf:59:85:
c1:1d:a0:76:fc:5a:33:64:14:7e:cb:a5:e8:72:56:
48:73:71:16:be:37:de:68:f0:e8:37:5f:36:04:31:
2e:d2:64:93:05:5d:26:d0:42:29:7b:3b:56:6f:42:
fe:fd:18:43:66:b2:d0:2f:d4:a1:9b:f7:81:ce:40:
93:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D7:F6:C7:A9:2A:3C:3C:9B:58:02:18:6A:E6:1F:64:5E:ED:A9:82
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/gNf2x6kqPDybWAIYauYfZF7tqYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.28.0/22
IPv6:
2a09:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
45:6d:54:b0:39:b2:54:28:d6:35:72:da:64:04:02:8f:be:ab:
d7:e9:37:f3:5a:fc:4f:4a:05:b0:32:f3:9d:b2:5c:d7:87:ed:
9e:ef:5d:7d:f1:2c:d7:9d:d6:3f:85:6f:7e:3a:27:a5:8e:66:
06:10:81:55:88:a4:c0:c0:95:55:2b:27:28:3d:67:74:8c:62:
31:7d:68:e7:fe:2c:f6:6b:1d:88:7c:01:65:ae:d6:e4:35:da:
70:96:2b:fa:0c:b9:cf:8c:db:17:81:9c:f3:c5:d9:ad:e6:44:
99:8b:0a:98:ba:01:f2:21:af:eb:2e:c9:38:fe:7e:47:b7:52:
29:8c:93:9a:4b:f2:9d:0c:e1:e7:78:d7:38:e1:7c:d2:ba:f0:
b9:fc:1c:cb:27:b5:2f:db:c1:99:af:e2:4e:4b:23:c2:35:f0:
6f:70:3a:b8:f9:6d:4e:80:41:9e:21:b7:df:d1:ca:e8:6f:29:
d9:ab:0b:ae:e9:50:68:e0:c8:05:54:44:3f:a1:8d:29:4c:4a:
4c:33:b6:cf:26:d7:c5:63:b1:e9:c9:bb:07:d5:47:ee:74:3a:
60:e9:a8:ba:99:69:8f:f1:91:bf:4d:4f:09:ff:2f:e9:2f:09:
8d:a0:9e:2b:e8:de:f5:30:e7:cd:93:12:92:d0:2f:5c:03:97:
9e:dc:7d:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpuNuUDFMUwutQEu0C5w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjMwMTAxMjMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ3ZjZjN2E5MmEzYzNjOWI1ODAyMTg2YWU2MWY2NDVlZWRhOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeMmgBBv4vUzrVMa9Hf+deTLXzxH
I8DEE8abDmKTrJfdl6G96BQUXv9E3OUWTxpqQ96jK/AfnPknP6W2ObubQ2f2/BAy
ZyZH1bsxrhqzyxLWvt40lBZ0oIfVlVlFzKxyoAMzPuM3Kx2RUhQMYunypZNPJaMX
Lhud+O8A+meVkmxYjg4bvXVW22vabmd1y2ygVfVKpM8HN5jSNSIDixUVqTqwlBhR
a07xanbdU+waimL357jWGUaqL764FJ/7YlrPWYXBHaB2/FozZBR+y6XoclZIc3EW
vjfeaPDoN182BDEu0mSTBV0m0EIpeztWb0L+/RhDZrLQL9Shm/eBzkCThQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIDX9sepKjw8m1gCGGrmH2Re7amCMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvZ05mMng2a3FQRHliV0FJWWF1WWZaRjd0cVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWNYcMA0E
AgACMAcDBQMqCYsAMA0GCSqGSIb3DQEBCwUAA4IBAQBFbVSwObJUKNY1ctpkBAKP
vqvX6TfzWvxPSgWwMvOdslzXh+2e71198SzXndY/hW9+OieljmYGEIFViKTAwJVV
KycoPWd0jGIxfWjn/iz2ax2IfAFlrtbkNdpwliv6DLnPjNsXgZzzxdmt5kSZiwqY
ugHyIa/rLsk4/n5Ht1IpjJOaS/KdDOHneNc44XzSuvC5/BzLJ7Uv28GZr+JOSyPC
NfBvcDq4+W1OgEGeIbff0crobynZqwuu6VBo4MgFVEQ/oY0pTEpMM7bPJtfFY7Hp
ybsH1UfudDpg6ai6mWmP8ZG/TU8J/y/pLwmNoJ4r6N71MOfNkxKS0C9cA5ee3H31
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:20 2024 by rpki-client on console-ams.rpki-client.org