Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/_GtDl27Qc8w0gKDAlrv3KQ7hN3k.roa
File: _GtDl27Qc8w0gKDAlrv3KQ7hN3k.roa (raw, json)
Hash identifier: 4Sw2tq+sVE5SnN26uPd0gImhNDcwH1Yf5JiEYEWNfas=
Subject key identifier: FC:6B:43:97:6E:D0:73:CC:34:80:A0:C0:96:BB:F7:29:0E:E1:37:79
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018BDC6B9D50B8539129401DF9EB7CAF1054
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/_GtDl27Qc8w0gKDAlrv3KQ7hN3k.roa
Signing time: Fri 17 Nov 2023 08:35:22 +0000
ROA not before: Fri 17 Nov 2023 08:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2600::/40 maxlen: 40
2a00:4bc0:2000::/44 maxlen: 56
Validation: Failed, certificate revoked on Fri 17 Nov 2023 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:6b:9d:50:b8:53:91:29:40:1d:f9:eb:7c:af:10:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Nov 17 08:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc6b43976ed073cc3480a0c096bbf7290ee13779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:c4:75:a4:88:bc:e0:30:7f:ec:36:5f:66:
28:a5:b4:1b:48:aa:30:f0:8d:f0:fe:7f:48:36:0c:
9f:66:bf:6c:24:dc:1c:42:01:bc:74:d7:84:f0:20:
82:2f:fc:fd:8e:af:8a:b7:be:3e:65:93:4f:ad:3d:
2b:95:dd:2a:5d:38:12:11:ee:c1:87:3c:24:28:91:
3e:64:33:5e:a8:ee:3a:3b:99:07:96:f3:55:42:d2:
d2:be:7d:fd:e1:e8:6d:5e:dc:15:1d:c1:93:eb:fe:
15:3f:f7:e3:c3:ba:5f:fb:42:f8:c8:96:58:d1:df:
c4:8a:02:bd:05:90:81:e3:a6:34:99:5f:29:cd:c0:
9c:d7:2e:aa:9f:35:66:19:08:9b:d8:9b:59:42:96:
1d:55:1b:62:c5:82:f5:95:d1:9c:a7:9d:7d:b0:9a:
a7:50:54:6b:04:77:87:bf:a9:32:fa:aa:ef:e4:23:
93:d0:be:d7:a3:82:07:ba:ce:b7:9a:32:37:10:37:
c6:f1:cb:b4:27:29:01:8b:2d:37:eb:b3:6e:d9:4d:
7f:77:9c:15:61:38:90:50:bf:9c:0f:85:2e:fb:09:
d2:ff:2e:b2:10:dd:b4:82:a0:ff:7b:7f:b1:52:01:
df:92:65:76:81:b5:8c:10:e2:4c:84:dd:60:b4:4d:
aa:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6B:43:97:6E:D0:73:CC:34:80:A0:C0:96:BB:F7:29:0E:E1:37:79
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/_GtDl27Qc8w0gKDAlrv3KQ7hN3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
2a00:4bc0:2600::/40
Signature Algorithm: sha256WithRSAEncryption
5d:cc:17:af:d0:9f:b1:93:bd:ab:ee:b9:64:06:a1:f1:f0:5b:
98:69:54:4b:11:18:2b:48:15:7c:e5:42:a2:ad:16:b6:a2:9e:
98:04:7d:a1:97:c9:4c:4f:d9:34:5e:90:5d:eb:45:02:34:00:
41:ee:9f:20:08:e1:ac:af:95:65:59:07:22:d7:13:3b:3c:37:
77:5a:c0:0a:81:ef:88:1b:40:7c:67:39:31:6a:ea:f9:2a:9d:
e4:ed:99:f2:02:6c:c3:d1:f2:34:19:88:ae:d6:b7:f1:64:e1:
05:cc:22:8b:21:1c:2a:1a:34:87:4e:a3:1e:83:48:aa:00:68:
94:b2:8c:8c:0e:b4:11:16:0f:e6:64:41:d7:b5:9b:70:39:94:
84:da:07:64:ef:c7:c3:50:0c:5c:ca:4d:22:8b:81:e1:05:37:
75:b5:78:3b:ea:30:91:ac:23:2b:a3:af:e8:a4:cb:25:a1:03:
a1:97:5a:db:cd:d3:06:d7:7a:1c:f2:03:58:f3:79:1e:7b:bc:
80:66:eb:49:e8:06:61:94:7f:c1:69:b3:56:64:8e:47:99:70:
d5:18:e4:67:bb:0d:43:9b:93:4d:08:02:57:03:3e:b2:78:4a:
a1:0e:f8:f0:4e:0d:90:cf:d4:57:4f:dd:73:95:31:61:a7:24:
8f:3a:12:9e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYvca51QuFORKUAd+et8rxBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMxMTE3MDgzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzZiNDM5NzZlZDA3M2NjMzQ4MGEwYzA5NmJiZjcyOTBlZTEzNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ3EdaSIvOAwf+w2X2YopbQbSKow
8I3w/n9INgyfZr9sJNwcQgG8dNeE8CCCL/z9jq+Kt74+ZZNPrT0rld0qXTgSEe7B
hzwkKJE+ZDNeqO46O5kHlvNVQtLSvn394ehtXtwVHcGT6/4VP/fjw7pf+0L4yJZY
0d/EigK9BZCB46Y0mV8pzcCc1y6qnzVmGQib2JtZQpYdVRtixYL1ldGcp519sJqn
UFRrBHeHv6ky+qrv5COT0L7Xo4IHus63mjI3EDfG8cu0JykBiy0367Nu2U1/d5wV
YTiQUL+cD4Uu+wnS/y6yEN20gqD/e3+xUgHfkmV2gbWMEOJMhN1gtE2qqwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPxrQ5du0HPMNICgwJa79ykO4Td5MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvX0d0RGwyN1FjOHcwZ0tEQWxydjNLUTdoTjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwcEKgBLwCAA
AwYAKgBLwCEwEAMGACoAS8AjAwYAKgBLwCQDBgAqAEvAJjANBgkqhkiG9w0BAQsF
AAOCAQEAXcwXr9CfsZO9q+65ZAah8fBbmGlUSxEYK0gVfOVCoq0WtqKemAR9oZfJ
TE/ZNF6QXetFAjQAQe6fIAjhrK+VZVkHItcTOzw3d1rACoHviBtAfGc5MWrq+Sqd
5O2Z8gJsw9HyNBmIrta38WThBcwiiyEcKho0h06jHoNIqgBolLKMjA60ERYP5mRB
17WbcDmUhNoHZO/Hw1AMXMpNIouB4QU3dbV4O+owkawjK6Ov6KTLJaEDoZda283T
Btd6HPIDWPN5Hnu8gGbrSegGYZR/wWmzVmSOR5lw1RjkZ7sNQ5uTTQgCVwM+snhK
oQ748E4NkM/UV0/dc5UxYackjzoSng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org