Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/GRfnwaiErTw5rnFt0J-IB4-l9y4.roa
File: GRfnwaiErTw5rnFt0J-IB4-l9y4.roa (raw, json)
Hash identifier: 0aIiDlTB2Fa7yVfLZFiUCiLr0gqNBYXfHyKmKNmbDb0=
Subject key identifier: 19:17:E7:C1:A8:84:AD:3C:39:AE:71:6D:D0:9F:88:07:8F:A5:F7:2E
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0186547BD69AA42E7B7DB173F03C3491623B
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/GRfnwaiErTw5rnFt0J-IB4-l9y4.roa
Signing time: Wed 15 Feb 2023 09:50:47 +0000
ROA not before: Wed 15 Feb 2023 09:50:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a0e:4200::/29 maxlen: 29
2a10:2380::/29 maxlen: 29
2a10:3e40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:7b:d6:9a:a4:2e:7b:7d:b1:73:f0:3c:34:91:62:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Feb 15 09:50:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1917e7c1a884ad3c39ae716dd09f88078fa5f72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:89:bd:bc:bc:19:eb:b1:dc:44:0b:2d:c9:f1:
4d:4c:2e:de:d4:32:21:08:07:8f:f0:db:01:77:8e:
24:3b:ba:24:96:c1:13:0b:57:bb:bb:b8:46:33:04:
ef:32:1a:46:11:5c:be:10:9b:2e:ac:f9:ae:e9:f4:
54:b3:86:d8:43:01:cd:c2:eb:39:7e:f2:d7:b6:fd:
86:14:33:47:a3:f4:76:c4:d1:dc:3b:51:f0:e8:30:
67:ff:bb:62:a3:d2:f8:03:f9:a8:4c:18:5f:5b:8b:
6e:ec:b0:9f:8a:8b:23:bd:30:54:59:22:15:7b:6f:
be:18:4c:72:cd:83:0d:00:23:8d:e3:be:00:4e:b9:
04:97:63:48:20:c2:fd:2c:9c:bb:0f:21:13:f1:99:
d3:39:b5:84:ba:34:ad:4a:57:78:09:8a:ad:57:19:
00:27:0a:a9:1e:f7:71:7b:fc:84:20:1a:16:dd:15:
e4:f6:68:1b:f5:73:95:48:e8:f7:c5:53:4c:ee:a8:
44:03:6b:93:d8:e5:59:5c:2f:a5:3d:4e:6a:72:21:
2e:62:06:5e:11:d9:89:27:c9:c1:5a:25:37:4f:cb:
c1:7e:93:7a:89:b7:63:da:16:2b:ee:57:83:33:27:
2b:d9:90:8b:bb:5a:56:a1:52:35:f2:26:0c:e5:ba:
68:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:17:E7:C1:A8:84:AD:3C:39:AE:71:6D:D0:9F:88:07:8F:A5:F7:2E
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/GRfnwaiErTw5rnFt0J-IB4-l9y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4200::/29
2a10:2380::/29
2a10:3e40::/29
Signature Algorithm: sha256WithRSAEncryption
40:81:42:00:ea:04:db:0c:ac:3e:fc:c5:35:ed:f4:19:cb:fe:
2c:06:1a:de:79:51:9d:38:83:30:1e:95:03:51:92:f8:ac:c2:
1b:5c:33:22:e9:0e:ec:18:c3:12:d4:28:0a:0f:14:36:6a:67:
63:f3:3c:8f:4f:cc:09:04:94:07:b3:31:f7:82:ce:f6:13:18:
3f:18:17:00:3e:a3:a0:76:9c:ab:db:39:13:3d:6b:a6:d4:b4:
47:f1:16:c7:e3:b9:c2:26:fa:14:42:90:29:65:f3:b6:b0:03:
2c:fb:fa:6e:97:01:c7:6e:96:07:fc:a6:7a:bb:51:0a:e1:af:
5d:ae:4f:49:69:9b:c1:c7:59:eb:d0:40:ef:2f:de:9a:d1:ac:
6a:27:53:58:3c:d6:28:3f:10:90:78:12:af:ab:e6:ec:e4:c6:
4c:59:23:e6:b3:4b:ab:48:18:ae:fe:be:0a:25:1f:2d:5f:fc:
4d:6f:54:9d:ac:63:8f:e2:3f:61:50:a4:07:21:26:6e:19:ea:
06:32:f4:6c:d7:ca:f6:16:57:0c:3f:c0:8c:d3:97:1b:71:21:
cb:2a:70:80:f8:2b:15:e0:90:b3:f5:7a:0f:da:69:71:4f:52:
c6:a6:6f:7a:35:8b:05:86:49:6a:81:1b:b9:2f:b6:42:50:74:
13:ce:e9:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZUe9aapC57fbFz8Dw0kWI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMwMjE1MDk1MDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTE3ZTdjMWE4ODRhZDNjMzlhZTcxNmRkMDlmODgwNzhmYTVmNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ym9vLwZ67HcRAstyfFNTC7e1DIh
CAeP8NsBd44kO7oklsETC1e7u7hGMwTvMhpGEVy+EJsurPmu6fRUs4bYQwHNwus5
fvLXtv2GFDNHo/R2xNHcO1Hw6DBn/7tio9L4A/moTBhfW4tu7LCfiosjvTBUWSIV
e2++GExyzYMNACON474ATrkEl2NIIML9LJy7DyET8ZnTObWEujStSld4CYqtVxkA
JwqpHvdxe/yEIBoW3RXk9mgb9XOVSOj3xVNM7qhEA2uT2OVZXC+lPU5qciEuYgZe
EdmJJ8nBWiU3T8vBfpN6ibdj2hYr7leDMycr2ZCLu1pWoVI18iYM5bpowQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBkX58GohK08Oa5xbdCfiAePpfcuMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvR1JmbndhaUVyVHc1cm5GdDBKLUlCNC1sOXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5CAAMF
AyoQI4ADBQMqED5AMA0GCSqGSIb3DQEBCwUAA4IBAQBAgUIA6gTbDKw+/MU17fQZ
y/4sBhreeVGdOIMwHpUDUZL4rMIbXDMi6Q7sGMMS1CgKDxQ2amdj8zyPT8wJBJQH
szH3gs72Exg/GBcAPqOgdpyr2zkTPWum1LRH8RbH47nCJvoUQpApZfO2sAMs+/pu
lwHHbpYH/KZ6u1EK4a9drk9JaZvBx1nr0EDvL96a0axqJ1NYPNYoPxCQeBKvq+bs
5MZMWSPms0urSBiu/r4KJR8tX/xNb1SdrGOP4j9hUKQHISZuGeoGMvRs18r2FlcM
P8CM05cbcSHLKnCA+CsV4JCz9XoP2mlxT1LGpm96NYsFhklqgRu5L7ZCUHQTzukb
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:44 2024 by rpki-client on console-fra.rpki-client.org