Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/G0I9s_x-9goo0c1yLPfMCrG1ZlM.roa
File: G0I9s_x-9goo0c1yLPfMCrG1ZlM.roa (raw, json)
Hash identifier: Xijh7onx8gFhzWbWFH9e/DuoKB0H5TCKb6dIk6t5RXo=
Subject key identifier: 1B:42:3D:B3:FC:7E:F6:0A:28:D1:CD:72:2C:F7:CC:0A:B1:B5:66:53
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 01856E141FB4F5FAB6128299A1E738D70576
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/G0I9s_x-9goo0c1yLPfMCrG1ZlM.roa
Signing time: Sun 01 Jan 2023 16:04:50 +0000
ROA not before: Sun 01 Jan 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209485
IP address blocks: 2a00:8860:900::/40 maxlen: 64
2a00:8861:900::/40 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1f:b4:f5:fa:b6:12:82:99:a1:e7:38:d7:05:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b423db3fc7ef60a28d1cd722cf7cc0ab1b56653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:98:ef:69:07:1e:0d:5b:f6:1c:76:8f:09:e4:
8d:90:63:15:21:ae:72:aa:57:3d:2f:4e:a7:fb:5d:
a6:ce:30:2c:f7:1d:d2:1c:c7:9c:77:71:87:7f:92:
77:e3:51:a5:fd:64:b0:38:37:7f:f7:5f:be:01:17:
1c:df:ad:bb:60:27:71:34:82:67:63:7f:6f:74:e1:
fc:6d:ec:36:85:17:50:aa:b9:b4:f4:0c:d6:c9:12:
9f:11:c8:7b:58:56:30:7a:50:44:ae:1d:bc:6d:33:
1d:96:53:81:67:1d:62:7f:cb:16:46:0f:2e:f5:03:
ec:24:1a:fe:62:98:5d:e8:67:fc:89:63:58:56:ac:
c1:e9:ee:90:ca:73:ec:df:7d:85:e3:d9:b4:d7:f0:
f8:f3:b3:41:b8:f1:74:66:b1:5c:90:0c:ff:aa:5d:
98:f3:b3:7e:42:f9:ad:30:4a:64:7c:bc:db:76:97:
a1:a9:68:eb:a2:f8:a9:fd:f2:ef:33:75:4b:cf:ae:
bb:52:07:5c:09:2a:aa:1e:b3:8f:fd:94:33:a0:3b:
9b:f7:97:cf:0a:f6:ba:52:ca:b2:ee:19:5a:24:30:
14:22:2a:5f:0d:27:4f:27:ef:40:0b:c2:a7:6b:6f:
12:f9:5f:19:d5:78:77:ca:91:42:4c:0f:69:86:2b:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:42:3D:B3:FC:7E:F6:0A:28:D1:CD:72:2C:F7:CC:0A:B1:B5:66:53
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/G0I9s_x-9goo0c1yLPfMCrG1ZlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:900::/40
2a00:8861:900::/40
Signature Algorithm: sha256WithRSAEncryption
4a:a9:5f:9f:3b:26:44:b1:7a:ed:04:e3:83:19:41:de:87:e0:
c1:ba:0e:30:4e:e5:30:34:02:71:8b:39:90:52:bd:76:66:be:
5b:cc:e5:8a:0b:49:3b:46:2a:84:d6:34:8c:ae:9d:4e:26:dc:
a4:8c:90:87:27:73:46:0d:af:00:27:df:9d:1f:20:fe:3d:52:
1c:27:67:d4:83:a0:a7:23:4a:69:78:78:7f:ce:e9:86:bd:17:
80:2a:67:9a:57:08:94:82:ef:2c:c4:c7:56:86:c5:80:09:d1:
0e:73:dd:52:b9:72:06:1d:0c:ed:c7:6f:d1:19:63:35:ed:69:
03:57:01:76:32:63:e3:f6:a4:d9:59:a0:c0:02:8f:05:b0:6c:
cf:32:48:b3:67:b4:db:63:c7:29:df:f6:94:03:64:2d:a3:ef:
3d:a1:7d:da:60:6b:41:8f:60:e4:29:d1:63:e9:d9:74:8a:71:
54:62:4d:5c:7c:11:43:1a:b0:2f:3b:7a:91:94:8b:36:04:f9:
e6:1f:03:7a:9e:46:20:98:52:e4:6f:95:e5:e7:0c:b5:e3:9e:
c8:5e:ef:09:34:7b:12:20:14:eb:39:1b:1a:2c:9f:c0:69:d8:
82:47:82:a7:7e:39:78:35:ef:85:4d:5d:0a:8a:f5:ed:47:26:
ea:44:92:0a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVuFB+09fq2EoKZoec41wV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQyM2RiM2ZjN2VmNjBhMjhkMWNkNzIyY2Y3Y2MwYWIxYjU2NjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJjvaQceDVv2HHaPCeSNkGMVIa5y
qlc9L06n+12mzjAs9x3SHMecd3GHf5J341Gl/WSwODd/91++ARcc3627YCdxNIJn
Y39vdOH8bew2hRdQqrm09AzWyRKfEch7WFYwelBErh28bTMdllOBZx1if8sWRg8u
9QPsJBr+Yphd6Gf8iWNYVqzB6e6QynPs332F49m01/D487NBuPF0ZrFckAz/ql2Y
87N+QvmtMEpkfLzbdpehqWjrovip/fLvM3VLz667UgdcCSqqHrOP/ZQzoDub95fP
Cva6Usqy7hlaJDAUIipfDSdPJ+9AC8Kna28S+V8Z1Xh3ypFCTA9phivr2wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFBtCPbP8fvYKKNHNciz3zAqxtWZTMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvRzBJOXNfeC05Z29vMGMxeUxQZk1DckcxWmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAkD
BgAqAIhhCTANBgkqhkiG9w0BAQsFAAOCAQEASqlfnzsmRLF67QTjgxlB3ofgwboO
ME7lMDQCcYs5kFK9dma+W8zligtJO0YqhNY0jK6dTibcpIyQhydzRg2vACffnR8g
/j1SHCdn1IOgpyNKaXh4f87phr0XgCpnmlcIlILvLMTHVobFgAnRDnPdUrlyBh0M
7cdv0RljNe1pA1cBdjJj4/ak2VmgwAKPBbBszzJIs2e022PHKd/2lANkLaPvPaF9
2mBrQY9g5CnRY+nZdIpxVGJNXHwRQxqwLzt6kZSLNgT55h8Dep5GIJhS5G+V5ecM
teOeyF7vCTR7EiAU6zkbGiyfwGnYgkeCp345eDXvhU1dCor17Ucm6kSSCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:07 2024 by rpki-client on console-ams.rpki-client.org