Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/GIL1gcl0sSHqHY8XRGqFIveSXcs.roa
File: GIL1gcl0sSHqHY8XRGqFIveSXcs.roa (raw, json)
Hash identifier: 4E3tIs9etwgCI3f6a7acJoQvxEMMWI3GY7BXTR5THNg=
Subject key identifier: 18:82:F5:81:C9:74:B1:21:EA:1D:8F:17:44:6A:85:22:F7:92:5D:CB
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018CC94E5C3FC95279AB2F18E6CB30BECE39
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/GIL1gcl0sSHqHY8XRGqFIveSXcs.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34936
IP address blocks: 2001:4ba7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5c:3f:c9:52:79:ab:2f:18:e6:cb:30:be:ce:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1882f581c974b121ea1d8f17446a8522f7925dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:1f:11:84:39:72:d3:fd:c9:cb:d8:9e:63:
66:de:2a:5d:fc:e5:40:b3:22:ba:32:2f:5a:f5:37:
74:06:c3:82:89:df:d3:75:01:0c:04:c4:85:1b:db:
1c:0d:e8:83:37:2f:c4:9c:41:39:44:7c:0a:97:3d:
df:f4:72:4b:55:6d:16:e1:00:09:75:43:f6:62:2d:
30:8f:45:0c:ac:da:a9:7e:d9:93:07:d1:5e:0e:52:
c6:0c:69:73:ef:c4:75:f7:47:88:9c:a2:1c:e9:6b:
50:01:39:66:fe:0d:3b:9d:d2:78:e7:a8:99:b1:0a:
ff:9c:bb:e1:51:81:19:ed:58:d5:a5:e4:5f:64:cc:
63:88:c0:b2:e7:02:64:4b:95:06:98:8b:a6:5a:87:
52:2e:e7:eb:16:7d:6f:8b:fe:e3:2d:5a:95:12:35:
5e:54:63:69:ed:8d:94:3c:5b:39:83:a5:4e:c5:61:
e9:13:4d:92:7c:c1:ab:ed:7e:30:10:1d:b4:f2:f6:
8e:53:72:e8:55:c3:91:c1:1d:82:9f:fa:c5:7d:f1:
c7:1e:e6:05:b0:f3:8e:b9:de:42:56:95:c0:b9:77:
59:f4:97:4e:3c:92:ee:79:17:6b:cc:69:a2:dc:96:
2d:74:9f:f0:0a:90:4b:3f:06:38:fa:13:d4:e1:95:
4e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:82:F5:81:C9:74:B1:21:EA:1D:8F:17:44:6A:85:22:F7:92:5D:CB
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/GIL1gcl0sSHqHY8XRGqFIveSXcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4ba7::/48
Signature Algorithm: sha256WithRSAEncryption
b2:ef:eb:2f:47:fc:ed:45:fa:9c:80:18:f3:04:fd:60:31:b4:
3d:15:b4:97:29:d9:fe:5c:a9:05:9b:c5:08:f9:4f:05:e1:22:
59:e7:77:ad:7b:23:45:48:91:3e:f4:fa:84:2d:58:e6:09:b1:
af:26:b9:0c:5a:c4:68:09:bd:fe:95:35:0d:ff:82:10:ca:93:
11:9a:cb:18:4a:92:9a:58:36:b7:e8:7a:53:56:5a:a4:ce:fa:
47:27:c4:b1:4e:1f:39:4a:b4:71:04:b9:e9:07:38:14:46:27:
f6:87:60:78:c0:c6:da:6f:11:b1:fa:4f:36:f7:56:80:18:99:
c2:b4:b5:88:6a:cd:44:b2:e4:e2:0a:52:d4:6c:2c:4a:fe:54:
66:89:43:c0:cc:e9:e0:49:3f:04:e1:7f:da:95:0e:07:22:9a:
f0:a5:ab:0d:4a:ec:39:bd:6f:5e:fc:58:93:aa:13:32:b3:89:
58:d1:35:7f:44:68:f2:ca:bf:5b:63:e3:37:c6:71:f7:70:19:
86:c5:8a:bd:cb:a8:7f:ef:b4:01:58:12:54:24:97:95:ea:b2:
da:0b:80:5b:12:db:11:48:96:3b:ae:b9:20:cd:ab:c9:2a:48:
b5:bc:48:ca:0b:57:c3:48:e3:a9:36:4b:b4:9a:86:f8:9f:87:
14:f3:1d:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTlw/yVJ5qy8Y5sswvs45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODgyZjU4MWM5NzRiMTIxZWExZDhmMTc0NDZhODUyMmY3OTI1ZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo54fEYQ5ctP9ycvYnmNm3ipd/OVA
syK6Mi9a9Td0BsOCid/TdQEMBMSFG9scDeiDNy/EnEE5RHwKlz3f9HJLVW0W4QAJ
dUP2Yi0wj0UMrNqpftmTB9FeDlLGDGlz78R190eInKIc6WtQATlm/g07ndJ456iZ
sQr/nLvhUYEZ7VjVpeRfZMxjiMCy5wJkS5UGmIumWodSLufrFn1vi/7jLVqVEjVe
VGNp7Y2UPFs5g6VOxWHpE02SfMGr7X4wEB208vaOU3LoVcORwR2Cn/rFffHHHuYF
sPOOud5CVpXAuXdZ9JdOPJLueRdrzGmi3JYtdJ/wCpBLPwY4+hPU4ZVOXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBiC9YHJdLEh6h2PF0RqhSL3kl3LMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvR0lMMWdjbDBzU0hxSFk4WFJHcUZJdmVTWGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAFLpwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCy7+svR/ztRfqcgBjzBP1gMbQ9FbSXKdn+XKkF
m8UI+U8F4SJZ53eteyNFSJE+9PqELVjmCbGvJrkMWsRoCb3+lTUN/4IQypMRmssY
SpKaWDa36HpTVlqkzvpHJ8SxTh85SrRxBLnpBzgURif2h2B4wMbabxGx+k8291aA
GJnCtLWIas1EsuTiClLUbCxK/lRmiUPAzOngST8E4X/alQ4HIprwpasNSuw5vW9e
/FiTqhMys4lY0TV/RGjyyr9bY+M3xnH3cBmGxYq9y6h/77QBWBJUJJeV6rLaC4Bb
EtsRSJY7rrkgzavJKki1vEjKC1fDSOOpNku0mob4n4cU8x1K
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:02:32 2025 by rpki-client