Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/gofDmUrgiegQNTmdRPpYnsG7yD4.roa
File: gofDmUrgiegQNTmdRPpYnsG7yD4.roa (raw, json)
Hash identifier: UcuMFpGCzqMCix1GZm6weEJztpcddOYg4sI/JY+DR2g=
Subject key identifier: 82:87:C3:99:4A:E0:89:E8:10:35:39:9D:44:FA:58:9E:C1:BB:C8:3E
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018B96D187BE86A36BEA6E58594B02456213
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/gofDmUrgiegQNTmdRPpYnsG7yD4.roa
Signing time: Fri 03 Nov 2023 20:13:15 +0000
ROA not before: Fri 03 Nov 2023 20:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21473
IP address blocks: 152.89.92.0/22 maxlen: 24
2a0c:6b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:d1:87:be:86:a3:6b:ea:6e:58:59:4b:02:45:62:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 3 20:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8287c3994ae089e81035399d44fa589ec1bbc83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:36:35:cc:cc:7b:6e:45:a3:92:82:f7:25:a0:
4c:80:29:3e:d5:89:03:72:53:ac:18:5f:bf:fb:a7:
84:1a:c0:29:6f:04:57:41:b0:ec:e0:43:ca:93:84:
f6:e8:19:44:b3:86:e9:31:2b:6d:9e:fb:af:c0:e8:
1b:00:ac:51:d0:4a:c0:79:ad:3c:d8:e2:03:c7:17:
d2:54:ca:35:16:a1:50:f5:74:86:71:a3:d4:bf:91:
38:db:a3:9c:bd:dc:25:fd:c2:95:27:73:c7:fa:6e:
01:c6:48:15:4a:7f:bc:15:29:67:7a:a2:bc:12:c9:
43:41:6b:1c:02:0e:15:4f:3e:e0:93:84:8a:91:ef:
b3:b6:22:f6:b4:9a:00:65:13:1c:a7:92:e3:25:6d:
90:46:cf:f9:7e:c5:25:92:1e:ce:0c:51:28:f1:9d:
0c:58:16:71:03:49:4b:fe:e6:57:03:ee:35:8c:46:
d6:54:66:3b:b7:bd:cb:12:ec:f0:fb:67:99:b3:f8:
42:32:f8:91:a7:e6:68:26:f1:a3:58:86:3d:6e:17:
f6:28:ee:cc:32:2d:3d:67:6d:1e:48:39:99:75:97:
79:ea:fa:83:5c:a5:45:cf:f9:31:48:7c:7f:59:44:
38:1a:41:d8:55:1d:33:f2:0a:8f:af:6b:12:60:ea:
66:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:87:C3:99:4A:E0:89:E8:10:35:39:9D:44:FA:58:9E:C1:BB:C8:3E
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/gofDmUrgiegQNTmdRPpYnsG7yD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.92.0/22
IPv6:
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
19:3e:86:06:df:07:c3:e3:f2:f3:f3:47:d3:d5:87:2f:57:dd:
30:50:17:2e:a3:e4:ef:84:d0:61:85:10:7a:fd:f8:e8:85:9f:
a9:86:dd:b0:d1:75:d2:24:ae:e0:92:a3:0a:e8:8f:2e:db:11:
32:cb:ae:29:fd:8e:3d:4f:fa:34:24:8e:ad:c6:46:40:ab:1d:
39:8a:d4:f9:1c:db:31:f0:1a:0e:57:38:b3:30:86:50:a0:62:
b4:48:a4:91:4e:03:5a:3e:3f:d2:2f:77:9b:62:e6:6a:fc:36:
ec:5a:67:14:e5:fc:ad:a0:e0:48:68:8e:0e:2b:86:8e:63:8b:
73:c9:7c:6e:01:a9:6c:c2:88:01:81:51:2e:2c:ad:3f:07:51:
a9:ed:ef:8c:47:de:c3:f4:d5:db:24:f5:1b:d7:95:df:71:c2:
91:c1:66:06:8d:e5:dc:33:b6:f6:23:a7:2f:bc:18:4c:65:ea:
2f:42:ec:34:90:16:2c:b0:41:57:d5:f2:9a:b4:61:d4:a0:bd:
2c:8b:86:94:7e:34:12:86:62:57:6e:d3:06:da:8f:0d:24:6a:
92:ed:c8:7d:61:2d:64:15:31:ea:af:d7:66:20:ac:39:66:47:
64:cf:af:91:04:9b:5b:2b:5e:ab:ff:54:77:5e:2b:02:a0:fd:
a6:a3:05:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuW0Ye+hqNr6m5YWUsCRWITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMxMTAzMjAxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg3YzM5OTRhZTA4OWU4MTAzNTM5OWQ0NGZhNTg5ZWMxYmJjODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDY1zMx7bkWjkoL3JaBMgCk+1YkD
clOsGF+/+6eEGsApbwRXQbDs4EPKk4T26BlEs4bpMSttnvuvwOgbAKxR0ErAea08
2OIDxxfSVMo1FqFQ9XSGcaPUv5E426Ocvdwl/cKVJ3PH+m4BxkgVSn+8FSlneqK8
EslDQWscAg4VTz7gk4SKke+ztiL2tJoAZRMcp5LjJW2QRs/5fsUlkh7ODFEo8Z0M
WBZxA0lL/uZXA+41jEbWVGY7t73LEuzw+2eZs/hCMviRp+ZoJvGjWIY9bhf2KO7M
Mi09Z20eSDmZdZd56vqDXKVFz/kxSHx/WUQ4GkHYVR0z8gqPr2sSYOpmBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIKHw5lK4InoEDU5nUT6WJ7Bu8g+MB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvZ29mRG1VcmdpZWdRTlRtZFJQcFluc0c3eUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFlcMA0E
AgACMAcDBQAqDGsAMA0GCSqGSIb3DQEBCwUAA4IBAQAZPoYG3wfD4/Lz80fT1Ycv
V90wUBcuo+TvhNBhhRB6/fjohZ+pht2w0XXSJK7gkqMK6I8u2xEyy64p/Y49T/o0
JI6txkZAqx05itT5HNsx8BoOVzizMIZQoGK0SKSRTgNaPj/SL3ebYuZq/DbsWmcU
5fytoOBIaI4OK4aOY4tzyXxuAalswogBgVEuLK0/B1Gp7e+MR97D9NXbJPUb15Xf
ccKRwWYGjeXcM7b2I6cvvBhMZeovQuw0kBYssEFX1fKatGHUoL0si4aUfjQShmJX
btMG2o8NJGqS7ch9YS1kFTHqr9dmIKw5Zkdkz6+RBJtbK16r/1R3XisCoP2mowUN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org