Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/gVBpksUqL5zlhJFwPwbr3BXc4Mw.roa
File: gVBpksUqL5zlhJFwPwbr3BXc4Mw.roa (raw, json)
Hash identifier: gifPbWJrBiNliStydHvczIcTGNHfwa97cPGwtUVhjNA=
Subject key identifier: 81:50:69:92:C5:2A:2F:9C:E5:84:91:70:3F:06:EB:DC:15:DC:E0:CC
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 01856BAED217C84BB0459CD3BAA81EFAD8F5
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/gVBpksUqL5zlhJFwPwbr3BXc4Mw.roa
Signing time: Sun 01 Jan 2023 04:54:57 +0000
ROA not before: Sun 01 Jan 2023 04:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 2a12:8fc6:300::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:d2:17:c8:4b:b0:45:9c:d3:ba:a8:1e:fa:d8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jan 1 04:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81506992c52a2f9ce58491703f06ebdc15dce0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b3:66:fb:31:61:37:cf:b6:fd:47:3d:f5:11:
4e:4c:f7:dc:2a:6a:31:b3:aa:69:01:58:a3:28:70:
dc:0e:28:b7:cf:32:c3:0c:54:83:d6:a9:2a:1f:10:
6f:26:01:1b:70:c0:7a:33:ea:f5:d2:27:c4:c4:5b:
fc:f0:55:8a:aa:f3:99:14:28:6a:0a:f0:f3:a3:7c:
42:5f:53:90:0a:bd:6d:be:10:3e:cd:42:7b:68:10:
02:43:63:5f:e4:d6:ea:c1:07:9e:8d:86:29:52:2f:
c6:0c:71:69:78:3c:d7:97:96:cd:ff:53:e2:74:65:
44:22:a5:e0:77:fd:ba:61:b2:44:22:58:6d:03:6f:
5f:6e:86:01:e1:d5:c4:95:c7:50:45:fa:e3:20:a3:
da:ea:ba:ea:5d:9a:48:20:11:32:4b:94:3d:cb:e5:
79:4d:9e:d2:79:9b:02:73:79:b9:18:66:96:30:7e:
38:e4:4a:50:9a:0c:11:f4:2c:34:81:7c:c7:b0:72:
f4:e5:ee:81:12:49:fc:56:35:e6:36:a2:05:62:78:
bc:e1:86:5b:a4:47:26:df:3d:41:de:66:53:ab:87:
60:83:cb:b7:db:e6:73:22:46:d6:a8:25:eb:b9:8f:
77:65:2b:ea:28:25:64:08:ad:90:ee:1b:4c:cc:f7:
15:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:50:69:92:C5:2A:2F:9C:E5:84:91:70:3F:06:EB:DC:15:DC:E0:CC
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/gVBpksUqL5zlhJFwPwbr3BXc4Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6:300::/48
Signature Algorithm: sha256WithRSAEncryption
10:7e:4f:04:39:b7:27:d4:bd:2a:a4:d0:bf:84:8f:91:46:16:
d7:ac:43:e9:18:68:8a:3a:87:68:f3:64:25:7a:1a:82:97:d7:
0f:85:31:46:5a:59:f4:e1:a5:ca:c5:b6:dc:fd:67:f6:3b:18:
21:e5:ff:65:4e:bf:fb:44:ae:82:9d:f1:40:11:cb:d5:a7:64:
1b:96:95:35:98:d2:eb:e2:60:0e:16:15:ff:aa:a0:17:a1:20:
0c:4e:c4:63:02:82:6a:8d:b4:e2:0f:66:6d:b1:ef:d2:05:12:
e8:5e:b8:f0:ad:75:bf:7b:ef:d8:b3:46:b4:f0:ad:d7:eb:75:
95:e0:c7:dc:94:3c:59:bd:bb:cb:0f:c4:d9:9b:fe:cb:45:54:
6b:c4:4d:a9:f6:ce:8c:47:4e:4c:64:e3:4b:48:07:37:bd:d8:
ed:36:6d:10:70:03:12:dc:ff:ac:5f:85:01:38:90:b0:4b:09:
56:03:90:0d:b4:53:c0:d4:0c:91:da:98:9e:66:df:72:c8:ea:
e2:54:21:c3:83:43:c6:fa:7d:2d:10:59:06:ca:86:07:5c:64:
16:c8:e6:95:ab:f5:a5:b0:1a:69:7c:bc:0f:3a:96:a2:b9:26:
9c:30:74:ba:a1:f7:bc:4b:0a:2b:a1:0d:f3:91:bb:31:9f:7d:
4b:6f:46:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrrtIXyEuwRZzTuqge+tj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMTAxMDQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTUwNjk5MmM1MmEyZjljZTU4NDkxNzAzZjA2ZWJkYzE1ZGNlMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubNm+zFhN8+2/Uc99RFOTPfcKmox
s6ppAVijKHDcDii3zzLDDFSD1qkqHxBvJgEbcMB6M+r10ifExFv88FWKqvOZFChq
CvDzo3xCX1OQCr1tvhA+zUJ7aBACQ2Nf5NbqwQeejYYpUi/GDHFpeDzXl5bN/1Pi
dGVEIqXgd/26YbJEIlhtA29fboYB4dXElcdQRfrjIKPa6rrqXZpIIBEyS5Q9y+V5
TZ7SeZsCc3m5GGaWMH445EpQmgwR9Cw0gXzHsHL05e6BEkn8VjXmNqIFYni84YZb
pEcm3z1B3mZTq4dgg8u32+ZzIkbWqCXruY93ZSvqKCVkCK2Q7htMzPcVNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIFQaZLFKi+c5YSRcD8G69wV3ODMMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvZ1ZCcGtzVXFMNXpsaEpGd1B3YnIzQlhjNE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxgMA
MA0GCSqGSIb3DQEBCwUAA4IBAQAQfk8EObcn1L0qpNC/hI+RRhbXrEPpGGiKOodo
82QlehqCl9cPhTFGWln04aXKxbbc/Wf2Oxgh5f9lTr/7RK6CnfFAEcvVp2QblpU1
mNLr4mAOFhX/qqAXoSAMTsRjAoJqjbTiD2Ztse/SBRLoXrjwrXW/e+/Ys0a08K3X
63WV4MfclDxZvbvLD8TZm/7LRVRrxE2p9s6MR05MZONLSAc3vdjtNm0QcAMS3P+s
X4UBOJCwSwlWA5ANtFPA1AyR2pieZt9yyOriVCHDg0PG+n0tEFkGyoYHXGQWyOaV
q/WlsBppfLwPOpaiuSacMHS6ofe8SworoQ3zkbsxn31Lb0bo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org