Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gBdSOrbcY402GRbRW7n5FwpLdwM.roa
File: gBdSOrbcY402GRbRW7n5FwpLdwM.roa (raw, json)
Hash identifier: lPSXjramlUkHAiRrG9Tt9HzmTWFYTVgoIHEo4sdk3TM=
Subject key identifier: 80:17:52:3A:B6:DC:63:8D:36:19:16:D1:5B:B9:F9:17:0A:4B:77:03
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018977C1F8581E237513A15241C387D0FF1D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gBdSOrbcY402GRbRW7n5FwpLdwM.roa
Signing time: Fri 21 Jul 2023 09:22:28 +0000
ROA not before: Fri 21 Jul 2023 09:22:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198276
IP address blocks: 2a0e:b107:2030::/48 maxlen: 48
2a0e:b107:2030::/44 maxlen: 48
2a0e:b107:2032::/48 maxlen: 48
2a0e:b107:2031::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Aug 2023 08:44:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:c1:f8:58:1e:23:75:13:a1:52:41:c3:87:d0:ff:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 21 09:22:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8017523ab6dc638d361916d15bb9f9170a4b7703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:a3:05:f6:22:3a:b2:45:bc:89:4c:af:b8:
49:94:cb:c7:25:ad:6a:dc:1f:f4:15:df:5c:0b:89:
19:36:33:ff:c9:01:3f:fe:dc:57:3e:14:75:28:ea:
62:3a:cb:d1:49:21:ad:af:ce:b1:76:2d:82:d0:8a:
aa:ed:41:55:b1:1c:ed:10:1b:1d:a0:71:6c:42:c6:
5b:ce:f0:7c:25:d9:92:1c:e2:1e:ca:a1:42:b9:78:
3a:72:4e:bf:7d:fa:f3:31:e7:bd:98:0b:72:fe:63:
11:b0:f4:cf:df:15:45:46:bf:f6:8b:27:94:8e:ef:
0a:91:fd:9d:9e:06:12:a7:ed:bb:2c:4b:91:89:98:
31:d3:5e:35:eb:0e:76:9f:8c:52:fc:5f:c7:34:19:
b9:95:5f:70:3f:35:d3:5a:2e:e9:ab:a7:0c:0f:c1:
79:cd:d9:a6:aa:ba:7e:04:f7:23:e1:0a:27:cf:e6:
ae:2d:06:bb:c7:e0:be:ad:c3:d2:33:79:aa:dd:02:
8f:d2:58:9c:94:14:d9:0d:40:a8:93:66:08:3d:fa:
6c:e5:9f:9e:84:6e:a0:a3:ca:7c:27:23:ec:ee:66:
1f:d4:ff:a7:f3:3e:6b:5a:59:7b:e8:4f:80:b3:e9:
cd:c5:0b:bb:73:36:52:d5:16:71:43:46:84:e5:27:
4a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:17:52:3A:B6:DC:63:8D:36:19:16:D1:5B:B9:F9:17:0A:4B:77:03
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gBdSOrbcY402GRbRW7n5FwpLdwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2030::/44
Signature Algorithm: sha256WithRSAEncryption
61:0d:eb:8f:d5:25:17:b8:3d:54:59:c7:16:83:a5:c4:fb:95:
51:25:2d:20:30:76:6f:74:45:c6:6b:c6:56:26:ff:03:34:21:
6a:4e:be:38:a7:ca:4e:d9:0d:fb:25:74:57:d0:43:c8:14:88:
e5:73:cf:80:97:97:58:c6:db:fe:0c:9b:23:69:43:36:e0:da:
50:d5:b3:c1:b1:19:94:f1:07:43:58:cb:13:83:15:9c:15:ad:
0d:c3:a6:91:72:9b:9e:9e:f0:1e:55:ec:b0:0c:1f:d5:14:53:
ae:cb:c6:19:88:44:4c:db:0c:a8:d3:f8:d3:35:7d:80:5a:7b:
5e:7e:6c:a9:45:53:09:be:dc:f4:33:5a:c3:d7:c6:4a:c0:c9:
f6:e5:1b:76:b6:65:d7:db:c4:84:cc:18:37:46:bc:c0:04:bc:
04:a5:46:51:e5:ee:fb:b6:12:76:7b:48:2f:44:a2:b8:14:53:
03:bf:0d:92:cf:cd:d9:ca:3c:f4:28:ea:dd:c0:72:e3:38:d9:
c9:60:cd:7d:cc:2e:ce:36:9f:26:94:5b:69:07:ed:45:17:f0:
b0:13:ca:88:46:92:84:31:6a:7f:77:a2:94:bf:b3:a9:f7:25:
9a:ad:08:01:fe:ef:3a:31:62:aa:1c:da:f0:cd:5a:52:01:f2:
d9:5a:72:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYl3wfhYHiN1E6FSQcOH0P8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzIxMDkyMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE3NTIzYWI2ZGM2MzhkMzYxOTE2ZDE1YmI5ZjkxNzBhNGI3NzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6yjBfYiOrJFvIlMr7hJlMvHJa1q
3B/0Fd9cC4kZNjP/yQE//txXPhR1KOpiOsvRSSGtr86xdi2C0Iqq7UFVsRztEBsd
oHFsQsZbzvB8JdmSHOIeyqFCuXg6ck6/ffrzMee9mAty/mMRsPTP3xVFRr/2iyeU
ju8Kkf2dngYSp+27LEuRiZgx01416w52n4xS/F/HNBm5lV9wPzXTWi7pq6cMD8F5
zdmmqrp+BPcj4Qonz+auLQa7x+C+rcPSM3mq3QKP0liclBTZDUCok2YIPfps5Z+e
hG6go8p8JyPs7mYf1P+n8z5rWll76E+As+nNxQu7czZS1RZxQ0aE5SdKSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIAXUjq23GONNhkW0Vu5+RcKS3cDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ0JkU09yYmNZNDAyR1JiUlc3bjVGd3BMZHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByAw
MA0GCSqGSIb3DQEBCwUAA4IBAQBhDeuP1SUXuD1UWccWg6XE+5VRJS0gMHZvdEXG
a8ZWJv8DNCFqTr44p8pO2Q37JXRX0EPIFIjlc8+Al5dYxtv+DJsjaUM24NpQ1bPB
sRmU8QdDWMsTgxWcFa0Nw6aRcpuenvAeVeywDB/VFFOuy8YZiERM2wyo0/jTNX2A
WntefmypRVMJvtz0M1rD18ZKwMn25Rt2tmXX28SEzBg3RrzABLwEpUZR5e77thJ2
e0gvRKK4FFMDvw2Sz83Zyjz0KOrdwHLjONnJYM19zC7ONp8mlFtpB+1FF/CwE8qI
RpKEMWp/d6KUv7Op9yWarQgB/u86MWKqHNrwzVpSAfLZWnLR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org