Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/GwFaFHp-DXtZmPg15NK6GMINaiA.roa
File: GwFaFHp-DXtZmPg15NK6GMINaiA.roa (raw, json)
Hash identifier: TbAxFENPvWlB8Il8z8foC/nty/Oj9b0oQli1MAzGVSY=
Subject key identifier: 1B:01:5A:14:7A:7E:0D:7B:59:98:F8:35:E4:D2:BA:18:C2:0D:6A:20
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 018FA09703CAFE9FE6ABB04E7C2E29E74367
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/GwFaFHp-DXtZmPg15NK6GMINaiA.roa
Signing time: Wed 22 May 2024 13:56:42 +0000
ROA not before: Wed 22 May 2024 13:56:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c0::/32 maxlen: 32
2a13:82c1::/32 maxlen: 32
2a13:82c2::/32 maxlen: 32
2a13:82c3::/32 maxlen: 32
2a13:82c4:1::/48 maxlen: 48
2a13:82c4:2::/48 maxlen: 48
2a13:82c4:3::/48 maxlen: 48
2a13:82c4:fb00::/40 maxlen: 40
2a13:82c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 May 2024 06:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:97:03:ca:fe:9f:e6:ab:b0:4e:7c:2e:29:e7:43:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: May 22 13:56:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b015a147a7e0d7b5998f835e4d2ba18c20d6a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:98:0d:63:09:26:78:af:03:a7:6b:a1:aa:a1:
4e:31:81:e0:01:83:51:0c:80:d6:71:c2:62:10:6c:
1e:3c:ce:9d:bc:1f:b6:4f:8e:30:cb:9f:ad:61:ab:
26:7d:e4:a1:24:67:f0:c5:2a:14:f5:0e:f3:c1:cb:
b9:a9:08:a1:94:d4:29:f9:21:4c:1d:10:3f:7e:7d:
35:7b:9a:c9:dd:03:61:c3:c4:db:48:2c:04:1a:6f:
94:a9:29:5e:de:6f:b8:49:bf:a6:4e:4d:60:af:c7:
5f:d3:c1:b9:e9:aa:68:a0:3b:2b:91:e4:49:d0:53:
ac:6e:52:e4:1e:77:06:7c:d7:91:7e:af:57:15:f9:
85:5e:7c:a6:dc:97:25:6b:cb:eb:2d:40:3f:95:c4:
55:af:5a:92:24:2a:21:b5:1d:1f:82:51:f9:ae:16:
b4:75:39:a3:d1:a6:61:38:b9:02:d3:0b:39:42:ca:
a0:e6:ef:ca:da:97:f2:09:01:2e:b2:a9:8d:58:08:
4c:52:e9:3a:cf:94:f1:87:1e:09:b9:fb:f0:22:25:
a3:20:6f:56:07:da:50:fd:ef:ae:0b:17:c1:17:28:
9e:de:81:0c:6d:e5:e6:6f:5a:16:b4:f8:eb:e4:80:
cf:32:4f:7d:33:50:fd:64:76:90:f4:c0:72:5b:1f:
6e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:01:5A:14:7A:7E:0D:7B:59:98:F8:35:E4:D2:BA:18:C2:0D:6A:20
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/GwFaFHp-DXtZmPg15NK6GMINaiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::/30
2a13:82c4:1::-2a13:82c4:3:ffff:ffff:ffff:ffff:ffff
2a13:82c4:fb00::/40
2a13:82c7::/32
Signature Algorithm: sha256WithRSAEncryption
bc:fa:a2:b8:2b:f1:46:8b:b9:86:88:60:4d:c5:61:49:9d:a5:
fc:f1:6a:ed:c4:dc:12:0a:98:f4:25:95:25:79:80:df:17:c7:
f4:f3:c3:db:15:37:c6:94:fa:16:35:81:b8:c2:57:b8:63:fe:
dc:6e:cc:3a:09:75:33:7a:11:5d:3a:42:14:1d:71:b3:51:3d:
64:36:3d:8b:76:0d:cc:4a:43:c6:d7:ab:9a:2b:ab:6b:c3:da:
29:31:34:48:4c:f7:8b:a5:17:80:ea:d5:d4:55:36:37:1e:2e:
81:f9:0b:fc:3a:95:17:e5:5b:9e:f4:a0:03:c3:7f:64:fa:d4:
f9:b7:b5:60:86:50:86:ea:c9:5c:f5:86:50:f2:d5:b0:d7:ae:
b8:5a:ca:82:b5:89:a0:5e:dd:da:ea:10:29:46:ab:6c:ff:5d:
16:0b:88:2e:12:c5:01:45:3c:d7:18:72:d2:84:7f:da:1a:19:
fb:5d:3a:34:ae:3c:18:56:ff:3f:9c:5f:12:e0:c4:11:24:9e:
59:c7:71:c7:84:a3:a4:34:bb:ad:ed:67:67:36:22:5f:31:8c:
95:16:51:d2:66:03:b7:c1:b0:69:4b:7f:28:f4:ef:c5:79:2f:
c9:2c:14:b1:8b:bb:06:c5:e2:68:45:72:9b:39:56:15:0f:3a:
7c:cb:01:85
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+glwPK/p/mq7BOfC4p50NnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjQwNTIyMTM1NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjAxNWExNDdhN2UwZDdiNTk5OGY4MzVlNGQyYmExOGMyMGQ2YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppgNYwkmeK8Dp2uhqqFOMYHgAYNR
DIDWccJiEGwePM6dvB+2T44wy5+tYasmfeShJGfwxSoU9Q7zwcu5qQihlNQp+SFM
HRA/fn01e5rJ3QNhw8TbSCwEGm+UqSle3m+4Sb+mTk1gr8df08G56apooDsrkeRJ
0FOsblLkHncGfNeRfq9XFfmFXnym3Jcla8vrLUA/lcRVr1qSJCohtR0fglH5rha0
dTmj0aZhOLkC0ws5Qsqg5u/K2pfyCQEusqmNWAhMUuk6z5Txhx4JufvwIiWjIG9W
B9pQ/e+uCxfBFyie3oEMbeXmb1oWtPjr5IDPMk99M1D9ZHaQ9MByWx9uSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBsBWhR6fg17WZj4NeTSuhjCDWogMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvR3dGYUZIcC1EWHRabVBnMTVOSzZHTUlOYWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUCKhOCwDAS
AwcAKhOCxAABAwcCKhOCxAAAAwYAKhOCxPsDBQAqE4LHMA0GCSqGSIb3DQEBCwUA
A4IBAQC8+qK4K/FGi7mGiGBNxWFJnaX88WrtxNwSCpj0JZUleYDfF8f088PbFTfG
lPoWNYG4wle4Y/7cbsw6CXUzehFdOkIUHXGzUT1kNj2Ldg3MSkPG16uaK6trw9op
MTRITPeLpReA6tXUVTY3Hi6B+Qv8OpUX5Vue9KADw39k+tT5t7VghlCG6slc9YZQ
8tWw1664WsqCtYmgXt3a6hApRqts/10WC4guEsUBRTzXGHLShH/aGhn7XTo0rjwY
Vv8/nF8S4MQRJJ5Zx3HHhKOkNLut7WdnNiJfMYyVFlHSZgO3wbBpS38o9O/FeS/J
LBSxi7sGxeJoRXKbOVYVDzp8ywGF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org