Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/GKZjGXPExrlBO04rrsxY39o5baY.roa
File: GKZjGXPExrlBO04rrsxY39o5baY.roa (raw, json)
Hash identifier: kxgcEPGqh2+vwakrzpE3pjOX0X3Qk5OjO4gmdNhAb4g=
Subject key identifier: 18:A6:63:19:73:C4:C6:B9:41:3B:4E:2B:AE:CC:58:DF:DA:39:6D:A6
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD70F906F795A2B7EDBECC7A793D69
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/GKZjGXPExrlBO04rrsxY39o5baY.roa
Signing time: Sun 01 Jan 2023 15:05:06 +0000
ROA not before: Sun 01 Jan 2023 15:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13559
IP address blocks: 194.147.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:70:f9:06:f7:95:a2:b7:ed:be:cc:7a:79:3d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18a6631973c4c6b9413b4e2baecc58dfda396da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:30:1d:9b:18:76:21:d3:c7:93:6a:ea:d5:bf:
04:f7:9f:d7:3d:26:76:8f:4b:d1:7a:13:7e:74:84:
c4:cc:a3:84:87:6c:81:be:8f:08:7d:e6:a8:91:9a:
1f:2d:95:3e:99:b2:29:1e:e8:78:ef:7f:50:ac:12:
d8:73:32:df:05:06:87:6b:1a:ce:9e:3d:b2:e7:49:
1c:86:8b:8b:ef:40:92:88:61:33:19:75:21:82:53:
d6:73:c4:31:57:42:ad:fc:1b:a6:25:fd:f7:0a:3f:
d6:65:53:cb:8c:83:f8:19:7c:4a:0c:9d:ab:fe:85:
f7:c8:cb:2d:b3:4d:30:6d:f9:5a:dc:f5:51:82:40:
a7:6a:4a:86:5b:b9:41:d0:17:ec:67:c1:f4:20:03:
18:27:67:c8:34:ae:c0:16:6b:9d:73:a3:c0:f9:9f:
58:85:13:b8:7f:95:5e:82:5f:f9:9c:88:35:8b:b7:
1c:d2:91:9a:5c:c9:d9:0f:31:33:4a:69:b7:d3:fa:
d8:e9:45:49:88:ad:a2:43:52:b3:64:38:ae:c4:9c:
f6:6d:88:c9:a0:a0:9d:60:e5:87:6c:57:62:c0:3d:
32:1f:8f:91:41:cb:3d:54:39:6c:c6:23:a6:f4:bf:
9f:ce:2f:3f:cf:3a:20:ed:12:51:01:4d:e4:6f:7e:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A6:63:19:73:C4:C6:B9:41:3B:4E:2B:AE:CC:58:DF:DA:39:6D:A6
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/GKZjGXPExrlBO04rrsxY39o5baY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.71.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a8:79:f2:0f:82:88:d0:30:5a:f8:94:a9:6b:c7:49:e7:25:
5c:74:1a:17:4c:2b:fa:8a:39:de:b2:24:89:7b:99:d0:a3:9a:
58:96:e5:b9:88:be:a2:55:57:8d:f5:ec:9b:24:d0:51:03:a4:
e7:f8:2e:73:ea:2a:8b:95:71:1b:f6:9c:b6:49:d9:2c:76:ae:
70:e0:ce:ab:8e:8a:3b:de:08:af:d4:c0:05:ab:67:cd:8a:7c:
ad:9e:ff:21:ea:ff:e9:45:49:5d:50:2c:d0:49:3f:dc:7d:ad:
18:69:89:19:63:b5:7f:7f:80:de:ee:8a:7e:47:33:d4:5f:ee:
b0:88:5b:e7:8c:79:39:5e:f9:57:d1:c9:bb:17:ce:64:2c:da:
93:0c:d0:8d:b7:b8:ad:49:37:a4:3a:cb:a2:3c:7d:cd:ee:7e:
11:12:40:00:c8:9d:8b:3f:70:9c:7c:0f:d3:f2:61:9a:a5:f0:
89:b7:98:19:b6:eb:26:50:a7:1f:3a:26:f4:4b:9d:7c:20:e5:
e7:a9:20:bf:3a:0a:c7:07:39:6a:92:f0:68:b5:f5:cd:a9:8f:
69:0c:b9:eb:ce:4a:56:75:fa:bc:a8:f1:e7:5d:c9:96:97:7f:
90:96:a2:89:24:28:be:91:bf:03:2f:6d:38:ee:93:1a:56:10:
bd:f9:a1:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3XD5BveVorftvsx6eT1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGE2NjMxOTczYzRjNmI5NDEzYjRlMmJhZWNjNThkZmRhMzk2ZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jAdmxh2IdPHk2rq1b8E95/XPSZ2
j0vRehN+dITEzKOEh2yBvo8IfeaokZofLZU+mbIpHuh4739QrBLYczLfBQaHaxrO
nj2y50kchouL70CSiGEzGXUhglPWc8QxV0Kt/BumJf33Cj/WZVPLjIP4GXxKDJ2r
/oX3yMsts00wbfla3PVRgkCnakqGW7lB0BfsZ8H0IAMYJ2fINK7AFmudc6PA+Z9Y
hRO4f5Vegl/5nIg1i7cc0pGaXMnZDzEzSmm30/rY6UVJiK2iQ1KzZDiuxJz2bYjJ
oKCdYOWHbFdiwD0yH4+RQcs9VDlsxiOm9L+fzi8/zzog7RJRAU3kb36sKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBimYxlzxMa5QTtOK67MWN/aOW2mMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvR0taakdYUEV4cmxCTzA0cnJzeFkzOW81YmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpNHMA0G
CSqGSIb3DQEBCwUAA4IBAQCQqHnyD4KI0DBa+JSpa8dJ5yVcdBoXTCv6ijnesiSJ
e5nQo5pYluW5iL6iVVeN9eybJNBRA6Tn+C5z6iqLlXEb9py2Sdksdq5w4M6rjoo7
3giv1MAFq2fNinytnv8h6v/pRUldUCzQST/cfa0YaYkZY7V/f4De7op+RzPUX+6w
iFvnjHk5XvlX0cm7F85kLNqTDNCNt7itSTekOsuiPH3N7n4REkAAyJ2LP3CcfA/T
8mGapfCJt5gZtusmUKcfOib0S518IOXnqSC/OgrHBzlqkvBotfXNqY9pDLnrzkpW
dfq8qPHnXcmWl3+QlqKJJCi+kb8DL2047pMaVhC9+aH4
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:06 2024 by rpki-client on console-ams.rpki-client.org