Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GAaaNCMCpsaqfrlEZSyWkbX5DnY.roa
File: GAaaNCMCpsaqfrlEZSyWkbX5DnY.roa (raw, json)
Hash identifier: x8CLD8Njayz088eiEwHrilTxhfIJ/GzAvXNkrGPZbL8=
Subject key identifier: 18:06:9A:34:23:02:A6:C6:AA:7E:B9:44:65:2C:96:91:B5:F9:0E:76
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019155BCC2ADF9528237DA57293B7686AF8C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GAaaNCMCpsaqfrlEZSyWkbX5DnY.roa
Signing time: Thu 15 Aug 2024 11:11:59 +0000
ROA not before: Thu 15 Aug 2024 11:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11426
IP address blocks: 130.255.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:bc:c2:ad:f9:52:82:37:da:57:29:3b:76:86:af:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 15 11:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18069a342302a6c6aa7eb944652c9691b5f90e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4a:e0:ed:a5:13:37:74:1e:c9:7e:95:61:81:
b6:9b:ec:c0:d4:46:fe:9b:e3:c7:2f:03:39:ad:ed:
95:39:7e:76:20:c3:16:fb:09:85:a6:2f:ec:6c:cb:
b2:b4:72:c6:04:fc:f3:da:01:2d:2a:aa:7e:14:c9:
5b:01:91:27:a2:59:b2:d1:dc:05:eb:ce:17:2e:15:
58:f1:14:78:9a:5c:a9:c6:4e:17:d9:ac:67:69:5f:
6c:71:e4:e0:71:13:73:85:97:a4:08:b9:bd:38:8b:
bc:ac:49:06:d9:f5:6a:e2:1f:ff:28:b9:82:18:41:
e4:f6:81:54:29:12:a8:a3:70:bc:30:2b:26:ef:e7:
ed:34:d8:7e:49:8a:06:34:df:d5:a5:af:e5:26:49:
05:d3:ea:e8:9a:d8:4e:1c:71:2f:7f:21:6b:b0:09:
4f:8c:1c:11:36:36:20:03:19:9d:0a:e5:34:fa:3c:
dd:f7:3e:a3:37:fa:82:b9:07:83:9f:8e:ad:a8:5d:
b6:5c:b9:fe:6a:d5:35:61:02:d7:77:2e:7e:71:f7:
2b:38:6b:b9:7c:94:4b:2a:71:f2:1d:e8:00:ba:a0:
ab:5b:ab:80:03:8f:41:1c:2d:49:53:3b:b0:f3:0f:
46:6f:57:09:6a:fd:95:03:64:6e:77:cf:e0:58:45:
99:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:06:9A:34:23:02:A6:C6:AA:7E:B9:44:65:2C:96:91:B5:F9:0E:76
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GAaaNCMCpsaqfrlEZSyWkbX5DnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
27:94:a7:65:c6:8d:a2:da:7b:78:e9:1f:0f:f5:a0:01:3c:90:
26:e3:55:8c:a4:3d:5f:e0:17:45:7a:19:c2:8b:c4:32:26:a9:
8a:6a:8a:45:64:3e:9e:91:58:ba:6f:63:49:87:2c:9c:be:3d:
36:70:65:0b:4d:2b:ff:51:df:d0:06:45:51:6f:2f:56:b1:cc:
5b:5a:73:ef:81:a4:86:25:98:bc:82:61:9f:79:31:63:37:3c:
58:c2:1e:d9:9a:69:a4:4b:e0:7c:07:1c:f2:19:a5:0c:a9:69:
aa:e1:86:55:93:79:4c:61:75:41:e0:cd:f4:72:4d:57:8a:fb:
49:c4:25:65:fc:a7:cc:75:45:95:93:42:2d:d6:56:99:2c:c2:
eb:b8:72:26:7b:30:ad:4b:79:26:85:1a:98:ee:fe:6b:ab:ec:
8b:0a:32:6f:b1:45:be:f9:c0:39:ba:38:65:57:18:9c:f9:e5:
75:a9:8e:63:c1:0c:c5:8b:3e:fb:59:37:2d:73:a1:cd:e6:ba:
e3:af:e4:88:55:5e:c1:c5:99:92:70:69:6d:71:ce:ec:25:ac:
c6:64:54:4a:3c:8f:95:f9:16:a5:81:75:f1:40:50:30:38:d9:
b1:61:5b:38:87:a7:e2:e7:23:4c:ca:54:3b:d5:d9:7a:18:e1:
68:d1:b5:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFVvMKt+VKCN9pXKTt2hq+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwODE1MTExMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODA2OWEzNDIzMDJhNmM2YWE3ZWI5NDQ2NTJjOTY5MWI1ZjkwZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoErg7aUTN3QeyX6VYYG2m+zA1Eb+
m+PHLwM5re2VOX52IMMW+wmFpi/sbMuytHLGBPzz2gEtKqp+FMlbAZEnolmy0dwF
684XLhVY8RR4mlypxk4X2axnaV9sceTgcRNzhZekCLm9OIu8rEkG2fVq4h//KLmC
GEHk9oFUKRKoo3C8MCsm7+ftNNh+SYoGNN/Vpa/lJkkF0+romthOHHEvfyFrsAlP
jBwRNjYgAxmdCuU0+jzd9z6jN/qCuQeDn46tqF22XLn+atU1YQLXdy5+cfcrOGu5
fJRLKnHyHegAuqCrW6uAA49BHC1JUzuw8w9Gb1cJav2VA2Rud8/gWEWZMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgGmjQjAqbGqn65RGUslpG1+Q52MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvR0FhYU5DTUNwc2FxZnJsRVpTeVdrYlg1RG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgv9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAnlKdlxo2i2nt46R8P9aABPJAm41WMpD1f4BdFehnC
i8QyJqmKaopFZD6ekVi6b2NJhyycvj02cGULTSv/Ud/QBkVRby9WscxbWnPvgaSG
JZi8gmGfeTFjNzxYwh7ZmmmkS+B8BxzyGaUMqWmq4YZVk3lMYXVB4M30ck1XivtJ
xCVl/KfMdUWVk0It1laZLMLruHImezCtS3kmhRqY7v5rq+yLCjJvsUW++cA5ujhl
Vxic+eV1qY5jwQzFiz77WTctc6HN5rrjr+SIVV7BxZmScGltcc7sJazGZFRKPI+V
+RalgXXxQFAwONmxYVs4h6fi5yNMylQ71dl6GOFo0bX0
-----END CERTIFICATE-----
Generated at Tue Nov 19 15:05:53 2024 by rpki-client on console-fra.rpki-client.org