Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/GIbu1a3IMe6MGsmb9KrSwiSmq3s.roa
File: GIbu1a3IMe6MGsmb9KrSwiSmq3s.roa (raw, json)
Hash identifier: m2dV0VFOEnvpC74sa1SOER51rFHdwMaIFoiumi6XTBE=
Subject key identifier: 18:86:EE:D5:AD:C8:31:EE:8C:1A:C9:9B:F4:AA:D2:C2:24:A6:AB:7B
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 0191B68E45BF4848F015508F92399C31B2EA
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/GIbu1a3IMe6MGsmb9KrSwiSmq3s.roa
Signing time: Tue 03 Sep 2024 06:24:22 +0000
ROA not before: Tue 03 Sep 2024 06:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a02:3040:43:ff00::/56 maxlen: 56
2a02:3040:4d::/48 maxlen: 48
2a02:3040:4e::/48 maxlen: 48
2a02:3040:4f::/50 maxlen: 50
2a02:3040:4f:8000::/50 maxlen: 50
2a02:3040:4f:c000::/50 maxlen: 50
2a02:3040:50::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:8e:45:bf:48:48:f0:15:50:8f:92:39:9c:31:b2:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Sep 3 06:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1886eed5adc831ee8c1ac99bf4aad2c224a6ab7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:a1:cb:73:92:1a:d1:44:05:a7:f4:8b:ca:
86:40:6d:6c:95:64:93:4c:ce:2b:ae:de:bf:32:13:
5a:85:7a:cb:12:d8:6a:e8:41:a5:98:09:f1:aa:ae:
38:31:7c:bd:e8:fc:81:5c:b3:47:96:dd:22:07:c4:
9e:4c:cd:15:58:ef:49:79:8f:d9:0e:be:27:bb:86:
33:43:59:e4:0f:eb:04:8d:4c:a2:50:40:a5:42:93:
c0:4a:db:d7:5f:82:53:6f:eb:30:44:d8:5e:4a:ca:
36:43:f4:ce:d8:70:a3:57:63:88:3a:ab:04:15:1c:
52:3a:6e:70:75:b1:65:dc:87:76:97:6e:f8:6f:67:
07:b0:11:a9:9b:db:9a:e6:da:1a:6a:08:a0:e7:8e:
9c:8b:54:d9:2f:ad:6e:34:56:d7:5b:fc:20:7d:e1:
39:1c:b1:e5:22:0a:3b:1d:0c:db:22:43:eb:59:81:
80:82:13:90:ee:6a:ff:57:eb:7d:e5:bd:ff:d6:91:
dd:95:36:9b:5b:c5:d7:20:57:5c:8e:d4:85:65:4e:
cc:68:c2:a9:28:5e:8d:60:f3:df:ff:64:42:34:f3:
d3:5d:c2:f9:71:3f:d6:ed:f8:26:53:ba:05:76:1c:
04:6f:a5:f4:71:5b:1d:75:88:a4:7b:9f:74:09:cb:
3f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:86:EE:D5:AD:C8:31:EE:8C:1A:C9:9B:F4:AA:D2:C2:24:A6:AB:7B
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/GIbu1a3IMe6MGsmb9KrSwiSmq3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3040:43:ff00::/56
2a02:3040:4d::-2a02:3040:4f:3fff:ffff:ffff:ffff:ffff
2a02:3040:4f:8000::-2a02:3040:50:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:7d:4a:34:1e:71:3e:df:ad:15:f1:f1:19:27:67:62:41:ec:
d9:06:5a:ea:77:ad:da:4d:94:1c:09:6a:4d:03:bb:5f:03:d6:
af:9b:f3:68:55:e4:c1:44:61:15:f4:76:80:4e:45:c0:d5:72:
92:5d:b2:9b:74:9b:74:49:5f:fd:ce:d0:cd:0e:2f:ed:1b:dc:
a2:a2:92:1b:e4:f4:98:d6:55:25:fc:e1:24:1c:44:0f:c5:00:
98:8a:c6:d2:e8:01:65:c9:e4:c1:ee:92:e7:3a:ba:db:87:62:
c5:70:da:25:99:e9:9d:c2:78:97:c9:a6:79:d1:ac:92:08:c7:
0b:77:91:30:6a:7f:3d:fc:1e:d1:7b:8d:15:3d:c6:ea:f5:20:
f8:fb:bc:a1:27:09:b0:da:cb:45:92:3c:ba:e7:77:fc:46:a6:
26:88:6e:e2:1b:99:c9:26:95:09:c3:00:9a:c3:ae:3d:b2:a9:
96:87:c9:01:85:e9:bb:a8:96:a1:37:41:02:63:f0:cf:10:df:
ee:13:19:d1:16:90:67:75:2c:6e:bb:b2:74:53:08:27:94:00:
fe:99:8f:f6:21:07:8d:b5:f6:39:ae:d7:8a:87:54:9a:08:ce:
31:54:1f:99:9a:40:d2:4e:77:8a:ca:ca:68:ab:41:58:c8:da:
b7:af:91:af
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZG2jkW/SEjwFVCPkjmcMbLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjQwOTAzMDYyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg2ZWVkNWFkYzgzMWVlOGMxYWM5OWJmNGFhZDJjMjI0YTZhYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDqhy3OSGtFEBaf0i8qGQG1slWST
TM4rrt6/MhNahXrLEthq6EGlmAnxqq44MXy96PyBXLNHlt0iB8SeTM0VWO9JeY/Z
Dr4nu4YzQ1nkD+sEjUyiUEClQpPAStvXX4JTb+swRNheSso2Q/TO2HCjV2OIOqsE
FRxSOm5wdbFl3Id2l274b2cHsBGpm9ua5toaagig546ci1TZL61uNFbXW/wgfeE5
HLHlIgo7HQzbIkPrWYGAghOQ7mr/V+t95b3/1pHdlTabW8XXIFdcjtSFZU7MaMKp
KF6NYPPf/2RCNPPTXcL5cT/W7fgmU7oFdhwEb6X0cVsddYike590Ccs/iQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBiG7tWtyDHujBrJm/Sq0sIkpqt7MB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvR0lidTFhM0lNZTZNR3NtYjlLclN3aVNtcTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAAjA0AwgAKgIwQABD
/zATAwcAKgIwQABNAwgGKgIwQABPADATAwgHKgIwQABPgAMHACoCMEAAUDANBgkq
hkiG9w0BAQsFAAOCAQEAdH1KNB5xPt+tFfHxGSdnYkHs2QZa6net2k2UHAlqTQO7
XwPWr5vzaFXkwURhFfR2gE5FwNVykl2ym3SbdElf/c7QzQ4v7RvcoqKSG+T0mNZV
JfzhJBxED8UAmIrG0ugBZcnkwe6S5zq624dixXDaJZnpncJ4l8mmedGskgjHC3eR
MGp/Pfwe0XuNFT3G6vUg+Pu8oScJsNrLRZI8uud3/EamJohu4huZySaVCcMAmsOu
PbKplofJAYXpu6iWoTdBAmPwzxDf7hMZ0RaQZ3UsbruydFMIJ5QA/pmP9iEHjbX2
Oa7XiodUmgjOMVQfmZpA0k53isrKaKtBWMjat6+Rrw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:26 2025 by rpki-client