Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/gkHpb35K_AkEFbCp8U-zeemamRI.roa
File: gkHpb35K_AkEFbCp8U-zeemamRI.roa (raw, json)
Hash identifier: d0fq6+zn8tg8tx/tbhRnh/qMtKkbRqyPKqsAsJVvmc0=
Subject key identifier: 82:41:E9:6F:7E:4A:FC:09:04:15:B0:A9:F1:4F:B3:79:E9:9A:99:12
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 01857246CA3D194A0AFEB78C2B7B7F51AB82
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/gkHpb35K_AkEFbCp8U-zeemamRI.roa
Signing time: Mon 02 Jan 2023 11:38:39 +0000
ROA not before: Mon 02 Jan 2023 11:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a0d:c940::/29 maxlen: 29
2a09:2fc0::/29 maxlen: 29
2a01:64e0::/32 maxlen: 32
2a06:a640::/29 maxlen: 29
2a06:da80::/29 maxlen: 29
2a0d:db00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ca:3d:19:4a:0a:fe:b7:8c:2b:7b:7f:51:ab:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Jan 2 11:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8241e96f7e4afc090415b0a9f14fb379e99a9912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:40:22:32:86:ab:22:4a:df:b6:f1:c6:3f:b3:
7d:35:21:5a:fa:8e:94:55:24:38:f9:64:3c:6f:27:
0f:8c:29:9f:44:35:0c:25:c8:45:ef:81:9b:c4:65:
aa:b5:ac:63:c2:f0:d8:6b:78:b0:74:3f:87:89:99:
c2:b6:28:be:22:96:ae:78:5d:45:2b:3f:db:8d:ec:
8d:19:68:67:46:b6:00:b5:82:26:47:b3:28:49:c5:
2b:de:d8:87:85:1f:70:54:c1:ab:b2:d4:24:2c:71:
f1:8d:be:69:e5:77:49:1f:b9:66:88:c2:e5:ea:9f:
51:a4:ab:b3:c1:a3:54:a9:2a:0a:46:90:3e:d4:0c:
1d:1d:78:8f:7b:60:38:7e:16:4b:ef:6d:d2:80:35:
03:ce:1a:d6:a8:2a:96:7f:e0:49:b3:0f:ef:73:d6:
7f:c5:4c:cd:05:ef:d0:03:ce:34:cc:32:9c:5a:f8:
ce:5f:9b:2f:03:43:32:69:44:47:c3:02:d0:71:e9:
e2:e8:1e:82:62:3a:2a:81:56:4f:8b:08:ad:44:df:
89:ac:49:d3:a5:24:19:ba:3e:54:81:97:99:a0:0d:
02:15:be:18:a1:d5:bd:00:65:65:61:a8:9a:cd:a6:
55:e4:93:b2:83:2d:02:bb:b0:5e:1d:76:4d:ad:52:
9c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:41:E9:6F:7E:4A:FC:09:04:15:B0:A9:F1:4F:B3:79:E9:9A:99:12
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/gkHpb35K_AkEFbCp8U-zeemamRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:64e0::/32
2a06:a640::/29
2a06:da80::/29
2a09:2fc0::/29
2a0d:c940::/29
2a0d:db00::/29
Signature Algorithm: sha256WithRSAEncryption
5c:66:9c:f7:25:ad:99:ea:43:9e:80:be:20:84:f2:6b:78:11:
79:8e:3f:e3:88:cf:33:9d:06:3b:6e:d3:e2:5b:02:61:8e:c9:
bc:bf:d1:ca:72:63:c1:ff:72:aa:84:cc:fb:d3:71:d4:0d:23:
fd:72:fe:cf:4b:96:e6:2d:d9:f5:4e:ad:ba:5c:96:c1:09:5b:
9e:bd:0b:5f:97:27:2d:0f:79:fe:ab:58:01:e5:8c:2a:ea:0a:
f1:bf:e2:b5:dd:26:00:b4:86:b0:ad:90:4c:67:94:6f:19:da:
71:5c:c2:03:79:16:9d:54:35:a3:e6:1a:be:07:75:80:d8:ae:
49:fb:dc:c6:31:dd:e2:0d:8d:4f:d7:9a:e3:3f:66:17:c6:17:
57:aa:3b:a2:bf:04:e4:1b:4e:54:38:f0:3d:53:25:3c:ec:00:
19:75:b7:c4:95:5e:46:b6:d8:38:3f:db:34:31:85:e5:98:1d:
a3:37:1e:f8:6d:9a:e8:49:da:70:93:6e:1c:36:8c:54:07:ba:
49:96:cd:8d:73:9f:5d:70:21:a4:79:dd:67:ec:38:67:a1:eb:
4e:63:89:bc:69:03:56:c8:34:b0:61:aa:c0:8c:34:fe:67:8d:
1c:5f:dc:12:4f:e9:d4:da:46:5f:c0:45:af:68:83:a7:82:af:
b3:85:ba:de
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVyRso9GUoK/reMK3t/UauCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYzQ3OGRkOWNjZDYxNjJmODI0ODhhYzZmYzUwYzIxZDM2
OWYyYTAwHhcNMjMwMTAyMTEzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQxZTk2ZjdlNGFmYzA5MDQxNWIwYTlmMTRmYjM3OWU5OWE5OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUAiMoarIkrftvHGP7N9NSFa+o6U
VSQ4+WQ8bycPjCmfRDUMJchF74GbxGWqtaxjwvDYa3iwdD+HiZnCtii+IpaueF1F
Kz/bjeyNGWhnRrYAtYImR7MoScUr3tiHhR9wVMGrstQkLHHxjb5p5XdJH7lmiMLl
6p9RpKuzwaNUqSoKRpA+1AwdHXiPe2A4fhZL723SgDUDzhrWqCqWf+BJsw/vc9Z/
xUzNBe/QA840zDKcWvjOX5svA0MyaURHwwLQceni6B6CYjoqgVZPiwitRN+JrEnT
pSQZuj5UgZeZoA0CFb4YodW9AGVlYaiazaZV5JOygy0Cu7BeHXZNrVKcZwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIJB6W9+SvwJBBWwqfFPs3npmpkSMB8GA1UdIwQY
MBaAFMzEeN2czWFi+CSIrG/FDCHTafKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUt
NDI4NTk5ODM5MmQzLzEvZ2tIcGIzNUtfQWtFRmJDcDhVLXplZW1hbVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUtNDI4NTk5ODM5MmQz
LzEvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgFk4AMF
AyoGpkADBQMqBtqAAwUDKgkvwAMFAyoNyUADBQMqDdsAMA0GCSqGSIb3DQEBCwUA
A4IBAQBcZpz3Ja2Z6kOegL4ghPJreBF5jj/jiM8znQY7btPiWwJhjsm8v9HKcmPB
/3KqhMz703HUDSP9cv7PS5bmLdn1Tq26XJbBCVuevQtflyctD3n+q1gB5Ywq6grx
v+K13SYAtIawrZBMZ5RvGdpxXMIDeRadVDWj5hq+B3WA2K5J+9zGMd3iDY1P15rj
P2YXxhdXqjuivwTkG05UOPA9UyU87AAZdbfElV5Gttg4P9s0MYXlmB2jNx74bZro
Sdpwk24cNoxUB7pJls2Nc59dcCGked1n7DhnoetOY4m8aQNWyDSwYarAjDT+Z40c
X9wST+nU2kZfwEWvaIOngq+zhbre
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:56 2024 by rpki-client on console-fra.rpki-client.org