Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/eFMRDiPEujyHkDNcPbNwiYp-gsg.roa
File: eFMRDiPEujyHkDNcPbNwiYp-gsg.roa (raw, json)
Hash identifier: 3X6wo8RZLaUt8sslCjgUzbjJ7boKzPgXA1hOg4irhZM=
Subject key identifier: 78:53:11:0E:23:C4:BA:3C:87:90:33:5C:3D:B3:70:89:8A:7E:82:C8
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018A1D0068FF235EEA559799E759C9A6F824
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/eFMRDiPEujyHkDNcPbNwiYp-gsg.roa
Signing time: Tue 22 Aug 2023 11:28:00 +0000
ROA not before: Tue 22 Aug 2023 11:28:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216426
IP address blocks: 2a0e:aa07:e100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:00:68:ff:23:5e:ea:55:97:99:e7:59:c9:a6:f8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Aug 22 11:28:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7853110e23c4ba3c8790335c3db370898a7e82c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8c:78:6a:b5:d0:ec:f5:31:da:8a:90:1d:de:
8b:2f:28:a7:7e:9d:a8:66:7e:6e:94:6a:34:c6:1f:
ed:3c:19:4f:f6:8d:54:2d:04:99:39:39:32:4a:84:
98:a6:e0:08:b6:51:cb:eb:24:00:3f:1e:a2:e7:63:
80:c1:49:14:e1:e5:df:3a:1c:b8:3c:a9:2b:94:a3:
f8:80:31:b1:81:ab:dd:90:c0:f7:2f:b9:40:0f:7b:
e0:c8:a4:5b:07:11:e6:a6:f4:cd:d3:2c:b3:16:6b:
13:31:be:3d:00:82:58:bf:12:41:17:87:f6:99:50:
3e:d1:81:1d:f5:ef:9a:10:bf:13:3a:52:ff:41:cf:
8c:da:95:19:74:40:a2:ca:8d:65:f9:aa:da:5a:d5:
b8:54:55:6b:51:26:2a:a7:f4:b8:3c:47:7c:1e:63:
45:5a:0c:65:f1:25:57:96:04:ca:c0:f0:d1:96:07:
44:1b:ee:d3:c3:c3:f4:5a:28:d7:65:18:0d:8f:0d:
10:09:d3:ea:98:c0:5b:85:4f:19:d3:e4:7d:de:6f:
17:43:8d:25:b3:b2:5b:9c:0a:3b:b0:e1:a6:67:a3:
62:c1:77:20:35:76:8d:2e:6a:9c:5a:3a:9c:a5:7e:
4a:de:f5:6b:fe:61:93:e9:fa:41:d8:56:5d:cf:14:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:53:11:0E:23:C4:BA:3C:87:90:33:5C:3D:B3:70:89:8A:7E:82:C8
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/eFMRDiPEujyHkDNcPbNwiYp-gsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e100::/44
Signature Algorithm: sha256WithRSAEncryption
b8:a9:8e:d9:a5:ea:bd:a8:08:ab:c5:37:47:09:f5:95:cc:34:
39:df:85:b4:e2:74:14:a1:db:96:b3:be:a5:f0:17:c0:ae:4b:
c9:43:43:7a:f8:31:b0:18:99:e3:40:16:56:38:92:a5:60:5a:
e6:8b:13:fc:8e:a4:88:c9:5d:c6:81:b1:c5:b2:d1:62:b3:68:
b1:08:60:f7:87:47:43:2a:d5:da:ec:af:d2:ec:ca:b7:52:29:
b3:fa:f2:65:6c:11:1b:ef:df:31:5d:d5:77:14:d5:91:71:00:
b6:8d:48:ae:0c:9d:85:ab:a2:85:b6:80:17:b7:23:07:5c:87:
e5:a4:03:3c:9a:a0:0a:89:d7:fc:f9:f4:1c:ce:b9:61:0b:52:
3a:41:e5:7e:85:1d:ab:30:d1:71:a1:2f:f3:6f:cc:0d:e6:e3:
0e:30:50:6a:d3:7f:7f:7b:d8:c8:6a:99:d0:77:dc:d3:9a:f6:
7a:44:41:e3:91:d7:e9:91:e7:cc:bb:54:5e:8c:36:66:59:aa:
23:8d:03:00:ca:30:6d:2b:13:b7:48:22:c1:62:c7:d6:2d:c0:
cb:c4:a2:28:cd:45:db:35:40:ed:ee:cb:f1:d3:6e:42:02:b9:
16:ff:e1:89:36:c4:bd:7d:49:a3:6d:2e:0a:b2:9f:6b:73:e6:
3f:0d:b6:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYodAGj/I17qVZeZ51nJpvgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwODIyMTEyODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODUzMTEwZTIzYzRiYTNjODc5MDMzNWMzZGIzNzA4OThhN2U4MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYx4arXQ7PUx2oqQHd6LLyinfp2o
Zn5ulGo0xh/tPBlP9o1ULQSZOTkySoSYpuAItlHL6yQAPx6i52OAwUkU4eXfOhy4
PKkrlKP4gDGxgavdkMD3L7lAD3vgyKRbBxHmpvTN0yyzFmsTMb49AIJYvxJBF4f2
mVA+0YEd9e+aEL8TOlL/Qc+M2pUZdECiyo1l+araWtW4VFVrUSYqp/S4PEd8HmNF
Wgxl8SVXlgTKwPDRlgdEG+7Tw8P0WijXZRgNjw0QCdPqmMBbhU8Z0+R93m8XQ40l
s7JbnAo7sOGmZ6NiwXcgNXaNLmqcWjqcpX5K3vVr/mGT6fpB2FZdzxSbGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHhTEQ4jxLo8h5AzXD2zcImKfoLIMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvZUZNUkRpUEV1anlIa0ROY1BiTndpWXAtZ3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+EA
MA0GCSqGSIb3DQEBCwUAA4IBAQC4qY7Zpeq9qAirxTdHCfWVzDQ534W04nQUoduW
s76l8BfArkvJQ0N6+DGwGJnjQBZWOJKlYFrmixP8jqSIyV3GgbHFstFis2ixCGD3
h0dDKtXa7K/S7Mq3Uimz+vJlbBEb798xXdV3FNWRcQC2jUiuDJ2Fq6KFtoAXtyMH
XIflpAM8mqAKidf8+fQczrlhC1I6QeV+hR2rMNFxoS/zb8wN5uMOMFBq039/e9jI
apnQd9zTmvZ6REHjkdfpkefMu1RejDZmWaojjQMAyjBtKxO3SCLBYsfWLcDLxKIo
zUXbNUDt7svx025CArkW/+GJNsS9fUmjbS4Ksp9rc+Y/DbZP
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:03 2024 by rpki-client on console-ams.rpki-client.org