Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/gSP_tvB88pTi3D1t77WFHYcuv-U.roa
File: gSP_tvB88pTi3D1t77WFHYcuv-U.roa (raw, json)
Hash identifier: f3lArBGIVjsaBdu+NGJTZccdTTH1W32DZIvdUHp1G/k=
Subject key identifier: 81:23:FF:B6:F0:7C:F2:94:E2:DC:3D:6D:EF:B5:85:1D:87:2E:BF:E5
Certificate issuer: /CN=0d4885a8b5a4f6b4ac0e45d11838951e94e6ef3e
Certificate serial: 01856C1CA1CE9F4EEC8E6A61968FD67852D1
Authority key identifier: 0D:48:85:A8:B5:A4:F6:B4:AC:0E:45:D1:18:38:95:1E:94:E6:EF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUiFqLWk9rSsDkXRGDiVHpTm7z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/gSP_tvB88pTi3D1t77WFHYcuv-U.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212609
IP address blocks: 193.189.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a1:ce:9f:4e:ec:8e:6a:61:96:8f:d6:78:52:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4885a8b5a4f6b4ac0e45d11838951e94e6ef3e
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8123ffb6f07cf294e2dc3d6defb5851d872ebfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ca:19:7a:f6:64:6c:38:40:72:5a:8c:75:fe:
49:ef:b6:8f:b2:b7:49:b0:85:62:ea:47:af:c1:74:
a1:a7:68:5e:62:97:81:1c:02:77:29:19:1a:66:e0:
8d:ff:3e:fa:fc:7a:86:f7:c8:7e:cc:3e:30:f1:92:
9e:3c:60:b5:e2:c2:1b:a3:94:06:42:13:55:b6:67:
c0:5d:f7:87:17:f4:f5:64:84:21:f4:25:b4:bc:2a:
2f:6e:63:d5:5e:4e:60:ff:29:bb:f2:f6:a1:70:a0:
57:75:47:41:bd:dd:a8:08:78:9f:fb:e0:98:89:00:
b2:28:48:3f:f7:3e:8c:29:57:75:a9:b4:e8:4d:7c:
80:37:dd:63:54:b9:2b:7c:3c:c4:ff:3f:c1:06:1a:
3f:3b:5e:f1:c7:f2:b8:c4:7c:77:e1:f6:53:3a:8e:
ba:71:bf:2d:70:47:e6:6c:25:85:f0:24:79:e3:1e:
5c:b7:30:2c:2d:c0:78:60:5a:be:c9:f2:a7:b3:31:
26:d6:d0:41:28:d8:4b:d3:52:25:51:04:9b:ac:9b:
e4:d7:f8:31:66:d4:a2:f5:9e:fe:08:78:95:fb:da:
c0:1b:29:13:53:43:55:42:c1:d7:41:19:77:26:07:
33:3a:f5:40:38:a7:83:1a:5f:3b:13:77:c6:65:51:
64:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:23:FF:B6:F0:7C:F2:94:E2:DC:3D:6D:EF:B5:85:1D:87:2E:BF:E5
X509v3 Authority Key Identifier:
keyid:0D:48:85:A8:B5:A4:F6:B4:AC:0E:45:D1:18:38:95:1E:94:E6:EF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUiFqLWk9rSsDkXRGDiVHpTm7z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/gSP_tvB88pTi3D1t77WFHYcuv-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/885e4a-9c09-467e-804c-d8fb33f30452/1/DUiFqLWk9rSsDkXRGDiVHpTm7z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.137.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:03:97:93:c2:e6:6b:98:6b:08:24:37:d5:80:02:53:2d:3b:
03:ee:83:7f:34:86:79:d7:b2:51:8d:cb:9e:c2:1a:da:6e:89:
e2:39:60:e8:85:7a:8d:04:04:92:29:21:b3:68:8d:a1:0c:3e:
9e:d5:e4:d9:10:e3:49:4a:e7:c9:c3:57:26:3a:54:01:ae:ca:
86:39:1a:2c:5b:4d:20:ae:3b:da:93:7d:e3:58:de:57:d8:f9:
bb:17:18:06:2e:84:41:56:de:2a:d5:80:ac:23:47:71:26:5b:
f6:db:c6:09:d5:57:f0:54:8b:dc:fb:2b:8a:12:59:2b:6a:94:
8f:02:c1:99:0d:18:99:fd:d0:a5:08:bd:50:02:aa:21:6e:04:
c1:20:e7:e7:63:19:b8:b3:e2:fa:22:00:2b:43:f0:42:b9:52:
d3:f8:ee:37:18:bd:7e:a9:c2:62:48:00:e9:c0:68:85:45:8e:
be:d4:7e:11:ce:a3:4a:fb:fb:92:2b:6b:4c:47:5f:71:53:a7:
a8:37:e1:91:ea:00:61:61:25:d2:e4:b6:f0:a5:29:fb:d3:c8:
77:ac:ad:0a:a6:a6:8d:f5:a2:af:c1:b2:b7:5a:92:10:ee:3a:
d8:e9:5f:6e:9c:e2:14:21:43:95:6c:6e:c9:b3:c3:52:0b:72:
4c:4c:cc:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHKHOn07sjmphlo/WeFLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDg4NWE4YjVhNGY2YjRhYzBlNDVkMTE4Mzg5NTFlOTRl
NmVmM2UwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTIzZmZiNmYwN2NmMjk0ZTJkYzNkNmRlZmI1ODUxZDg3MmViZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8oZevZkbDhAclqMdf5J77aPsrdJ
sIVi6kevwXShp2heYpeBHAJ3KRkaZuCN/z76/HqG98h+zD4w8ZKePGC14sIbo5QG
QhNVtmfAXfeHF/T1ZIQh9CW0vCovbmPVXk5g/ym78vahcKBXdUdBvd2oCHif++CY
iQCyKEg/9z6MKVd1qbToTXyAN91jVLkrfDzE/z/BBho/O17xx/K4xHx34fZTOo66
cb8tcEfmbCWF8CR54x5ctzAsLcB4YFq+yfKnszEm1tBBKNhL01IlUQSbrJvk1/gx
ZtSi9Z7+CHiV+9rAGykTU0NVQsHXQRl3JgczOvVAOKeDGl87E3fGZVFkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEj/7bwfPKU4tw9be+1hR2HLr/lMB8GA1UdIwQY
MBaAFA1Ihai1pPa0rA5F0Rg4lR6U5u8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVpRnFMV2s5clNzRGtYUkdEaVZIcFRtN3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84ODVlNGEtOWMwOS00NjdlLTgwNGMt
ZDhmYjMzZjMwNDUyLzEvZ1NQX3R2Qjg4cFRpM0QxdDc3V0ZIWWN1di1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84ODVlNGEtOWMwOS00NjdlLTgwNGMtZDhmYjMzZjMwNDUy
LzEvRFVpRnFMV2s5clNzRGtYUkdEaVZIcFRtN3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwb2JMA0G
CSqGSIb3DQEBCwUAA4IBAQBaA5eTwuZrmGsIJDfVgAJTLTsD7oN/NIZ517JRjcue
whraboniOWDohXqNBASSKSGzaI2hDD6e1eTZEONJSufJw1cmOlQBrsqGORosW00g
rjvak33jWN5X2Pm7FxgGLoRBVt4q1YCsI0dxJlv228YJ1VfwVIvc+yuKElkrapSP
AsGZDRiZ/dClCL1QAqohbgTBIOfnYxm4s+L6IgArQ/BCuVLT+O43GL1+qcJiSADp
wGiFRY6+1H4RzqNK+/uSK2tMR19xU6eoN+GR6gBhYSXS5LbwpSn708h3rK0KpqaN
9aKvwbK3WpIQ7jrY6V9unOIUIUOVbG7Js8NSC3JMTMyL
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:41 2024 by rpki-client on console-fra.rpki-client.org