Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/glDXllyNSykF9uDWJVsHqJsDLH8.roa
File: glDXllyNSykF9uDWJVsHqJsDLH8.roa (raw, json)
Hash identifier: 8jwPQESCkja99qG83AyQ288ttDeknaiGb/NAmVKfjCQ=
Subject key identifier: 82:50:D7:96:5C:8D:4B:29:05:F6:E0:D6:25:5B:07:A8:9B:03:2C:7F
Certificate issuer: /CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Certificate serial: 01856F14A4DC4DAAD289408D970596CA2D80
Authority key identifier: CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/glDXllyNSykF9uDWJVsHqJsDLH8.roa
Signing time: Sun 01 Jan 2023 20:45:01 +0000
ROA not before: Sun 01 Jan 2023 20:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202789
IP address blocks: 185.154.112.0/22 maxlen: 24
2a07:8c80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a4:dc:4d:aa:d2:89:40:8d:97:05:96:ca:2d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Validity
Not Before: Jan 1 20:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8250d7965c8d4b2905f6e0d6255b07a89b032c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2f:b9:21:75:3e:4e:10:ce:be:64:8c:8d:42:
4a:83:7f:19:54:d9:1f:d2:ad:da:35:b2:44:17:a0:
98:5e:89:54:af:65:02:e1:ca:9a:03:b1:39:49:7f:
b5:09:15:0a:a7:09:86:a2:de:41:3a:f1:a4:7a:9d:
e4:a7:f0:a4:e4:aa:a3:48:af:fb:fe:f9:85:7b:42:
d5:72:70:6e:49:c1:5d:a6:7b:a3:e9:e1:4b:ad:ea:
0d:90:17:2f:ae:70:23:33:ee:b2:1e:a7:8d:90:a4:
42:2d:0a:2a:92:55:88:6a:28:f7:e4:66:cf:fd:66:
7f:59:12:6e:cf:bf:1e:72:27:22:cf:2e:39:e3:ca:
c5:2a:60:26:35:d1:9b:80:5c:aa:df:dc:41:45:50:
0f:3f:9e:39:0f:b1:cf:0d:b0:0c:d2:f3:b9:0b:36:
e0:36:e0:73:fa:65:f0:2b:f4:09:42:c7:78:1f:cb:
2d:c1:e0:f5:d2:1c:7f:f6:f0:82:19:c8:27:2c:f8:
b9:3e:c6:7a:8b:62:b9:d2:12:c0:9a:6a:86:8e:9a:
20:5f:38:d4:1c:f9:bc:56:a8:ee:b5:c9:03:ed:c8:
73:14:c9:40:6b:f4:aa:33:51:f8:9f:f2:4c:df:ca:
90:eb:10:17:0b:32:e2:09:4c:76:45:cf:73:03:59:
dd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:50:D7:96:5C:8D:4B:29:05:F6:E0:D6:25:5B:07:A8:9B:03:2C:7F
X509v3 Authority Key Identifier:
keyid:CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/glDXllyNSykF9uDWJVsHqJsDLH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.112.0/22
IPv6:
2a07:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
60:9e:49:89:57:03:20:2b:c1:71:bf:e4:c4:cf:3f:6e:e6:b3:
68:09:9c:dc:0f:20:cc:c8:39:ea:30:0a:65:fe:5c:80:37:a9:
52:7b:c0:04:1c:cc:67:cc:34:50:c3:70:ee:ed:f4:46:6a:6f:
6b:58:de:84:0e:2d:f3:95:df:f5:48:42:74:25:62:e9:1b:4d:
bf:1e:77:02:7e:34:86:ba:0e:66:ed:fa:93:03:4d:4f:88:d0:
8e:62:01:4a:aa:6a:fe:1e:11:4e:c6:12:8d:f7:2d:4c:15:61:
2d:67:4c:4a:90:dc:3b:7d:55:a8:56:de:48:56:ab:c2:30:5d:
23:ed:f1:f8:61:e4:7f:bf:16:88:21:d1:1a:dc:89:83:05:ec:
22:5f:1e:98:36:e5:92:db:d2:ac:f1:54:0b:d2:e8:e9:6b:a4:
e8:82:aa:24:39:f3:fe:44:fe:2d:62:a4:66:67:df:6b:f0:d2:
d8:2c:c7:9e:50:52:81:87:39:de:a0:88:09:e0:46:57:58:bd:
b4:c3:d5:b5:cb:cf:e1:7f:9e:60:31:a7:02:5a:ba:08:ec:f1:
8b:7b:bd:71:b9:7a:80:3c:90:2a:1e:72:24:31:b7:f3:3b:f1:
52:2a:12:42:07:1f:3f:1d:11:c2:f0:5f:eb:f0:ac:06:ab:5b:
e4:b4:0a:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFKTcTarSiUCNlwWWyi2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGIzZDkwNGIzNDQ0MDU0NmI2MjQxZDc4OTRkOTMzMDBi
Y2JkMjgwHhcNMjMwMTAxMjA0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjUwZDc5NjVjOGQ0YjI5MDVmNmUwZDYyNTViMDdhODliMDMyYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS+5IXU+ThDOvmSMjUJKg38ZVNkf
0q3aNbJEF6CYXolUr2UC4cqaA7E5SX+1CRUKpwmGot5BOvGkep3kp/Ck5KqjSK/7
/vmFe0LVcnBuScFdpnuj6eFLreoNkBcvrnAjM+6yHqeNkKRCLQoqklWIaij35GbP
/WZ/WRJuz78ecicizy4548rFKmAmNdGbgFyq39xBRVAPP545D7HPDbAM0vO5Czbg
NuBz+mXwK/QJQsd4H8stweD10hx/9vCCGcgnLPi5PsZ6i2K50hLAmmqGjpogXzjU
HPm8VqjutckD7chzFMlAa/SqM1H4n/JM38qQ6xAXCzLiCUx2Rc9zA1ndQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIJQ15ZcjUspBfbg1iVbB6ibAyx/MB8GA1UdIwQY
MBaAFM/bPZBLNEQFRrYkHXiU2TMAvL0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUt
NmU3NTYxNTM1YmJkLzEvZ2xEWGxseU5TeWtGOXVEV0pWc0hxSnNETEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJk
LzEvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZpwMA0E
AgACMAcDBQMqB4yAMA0GCSqGSIb3DQEBCwUAA4IBAQBgnkmJVwMgK8Fxv+TEzz9u
5rNoCZzcDyDMyDnqMApl/lyAN6lSe8AEHMxnzDRQw3Du7fRGam9rWN6EDi3zld/1
SEJ0JWLpG02/HncCfjSGug5m7fqTA01PiNCOYgFKqmr+HhFOxhKN9y1MFWEtZ0xK
kNw7fVWoVt5IVqvCMF0j7fH4YeR/vxaIIdEa3ImDBewiXx6YNuWS29Ks8VQL0ujp
a6TogqokOfP+RP4tYqRmZ99r8NLYLMeeUFKBhzneoIgJ4EZXWL20w9W1y8/hf55g
MacCWroI7PGLe71xuXqAPJAqHnIkMbfzO/FSKhJCBx8/HRHC8F/r8KwGq1vktApY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:25 2024 by rpki-client on console-ams.rpki-client.org