Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GFDzhCp9DiyLaA4Sad-62jaQTP4.roa
File: GFDzhCp9DiyLaA4Sad-62jaQTP4.roa (raw, json)
Hash identifier: ttV2ZjBbOYnfro1NZXZGnc/cCXFRI/lufnaj30AshjU=
Subject key identifier: 18:50:F3:84:2A:7D:0E:2C:8B:68:0E:12:69:DF:BA:DA:36:90:4C:FE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019071D8E692226DAF9C9D565229657B15B5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GFDzhCp9DiyLaA4Sad-62jaQTP4.roa
Signing time: Tue 02 Jul 2024 05:09:18 +0000
ROA not before: Tue 02 Jul 2024 05:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 06:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:71:d8:e6:92:22:6d:af:9c:9d:56:52:29:65:7b:15:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 05:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1850f3842a7d0e2c8b680e1269dfbada36904cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:61:16:3f:f0:4e:ed:0e:02:63:be:f0:9c:0f:
e9:72:69:89:7b:44:08:c7:85:d8:da:20:39:f1:71:
12:b9:71:c6:32:19:19:e5:03:e3:f1:5c:20:e1:e9:
3e:a0:9c:77:6f:38:f6:19:dd:d9:ad:2d:7f:77:d9:
9a:35:d3:bc:f0:ae:ae:b5:7b:c1:7d:26:47:a4:e5:
c4:1e:cb:69:f3:7d:60:0d:b2:b1:21:2d:c8:73:4f:
c7:36:35:52:b7:fd:15:47:26:f9:63:df:d5:5c:d3:
8b:55:60:e6:78:bf:3d:fb:cb:1e:8a:88:8a:64:da:
d6:19:83:a3:bf:8c:4b:94:74:90:f2:2c:46:88:58:
7c:43:cf:00:7b:59:5d:3f:b6:0c:6d:b3:db:40:0f:
87:65:c4:0f:1b:82:91:8b:69:c3:1b:5c:1d:cf:e8:
69:00:d0:e8:69:a5:5b:86:2a:96:4c:b2:12:3c:d1:
da:9b:83:98:a7:a7:ea:a2:23:bc:37:91:88:bd:51:
0b:e2:96:5a:9a:6c:88:ca:d2:02:11:63:87:70:1a:
fa:d8:a8:21:4e:ee:27:2f:52:62:53:1a:8a:d6:df:
46:97:80:06:82:a3:5e:57:88:21:0c:11:af:d1:bd:
86:aa:82:fb:66:3b:b3:1e:25:42:91:20:1b:af:e4:
17:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:50:F3:84:2A:7D:0E:2C:8B:68:0E:12:69:DF:BA:DA:36:90:4C:FE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GFDzhCp9DiyLaA4Sad-62jaQTP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:26:f3:df:8f:f5:c0:93:d2:82:66:c6:e5:e4:dd:78:7f:80:
56:67:c7:5e:8a:21:5d:a5:14:90:05:74:c1:db:d3:69:9e:0b:
2a:b2:c1:bc:a7:90:87:d9:76:36:04:25:a3:97:66:bb:8f:ff:
90:69:e8:65:f0:06:89:82:88:75:22:f4:95:cf:01:1a:ae:2c:
6f:7a:0d:fd:39:87:ff:dc:62:ba:bc:ae:1f:76:94:89:11:d7:
66:00:42:df:d8:01:9e:d3:a7:8c:2c:04:c6:e6:cf:09:ca:29:
3c:3e:8b:e9:07:da:30:16:d9:c4:5c:35:fa:8b:ad:76:4f:52:
cb:d8:59:22:88:fc:5d:5b:e9:c5:1c:7e:76:ea:72:8a:d6:b1:
12:14:ed:1d:7c:65:c9:db:d0:be:58:aa:b1:ae:f6:5f:a9:ea:
32:d0:1a:6e:42:71:91:2c:80:53:1e:9b:d3:0c:6a:ce:ef:29:
fc:bf:1e:a1:5f:53:88:2e:97:34:c3:5b:bb:f6:26:4a:6b:f7:
fa:04:73:58:e5:3d:a3:e6:4e:f9:d6:ae:47:19:4f:14:b0:15:
24:71:c4:f3:0c:45:a0:33:db:6d:4d:f3:4c:d3:67:71:6b:70:
f7:d2:ba:f7:7d:be:f3:34:02:17:c5:05:98:9b:3b:67:fa:1f:
2f:d9:58:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBx2OaSIm2vnJ1WUillexW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMDUwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODUwZjM4NDJhN2QwZTJjOGI2ODBlMTI2OWRmYmFkYTM2OTA0Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2EWP/BO7Q4CY77wnA/pcmmJe0QI
x4XY2iA58XESuXHGMhkZ5QPj8Vwg4ek+oJx3bzj2Gd3ZrS1/d9maNdO88K6utXvB
fSZHpOXEHstp831gDbKxIS3Ic0/HNjVSt/0VRyb5Y9/VXNOLVWDmeL89+8seioiK
ZNrWGYOjv4xLlHSQ8ixGiFh8Q88Ae1ldP7YMbbPbQA+HZcQPG4KRi2nDG1wdz+hp
ANDoaaVbhiqWTLISPNHam4OYp6fqoiO8N5GIvVEL4pZammyIytICEWOHcBr62Kgh
Tu4nL1JiUxqK1t9Gl4AGgqNeV4ghDBGv0b2GqoL7ZjuzHiVCkSAbr+QXVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBhQ84QqfQ4si2gOEmnfuto2kEz+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvR0ZEemhDcDlEaXlMYUE0U2FkLTYyamFRVFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADAm89+P9cCT0oJmxuXk
3Xh/gFZnx16KIV2lFJAFdMHb02meCyqywbynkIfZdjYEJaOXZruP/5Bp6GXwBomC
iHUi9JXPARquLG96Df05h//cYrq8rh92lIkR12YAQt/YAZ7Tp4wsBMbmzwnKKTw+
i+kH2jAW2cRcNfqLrXZPUsvYWSKI/F1b6cUcfnbqcorWsRIU7R18Zcnb0L5YqrGu
9l+p6jLQGm5CcZEsgFMem9MMas7vKfy/HqFfU4gulzTDW7v2Jkpr9/oEc1jlPaPm
TvnWrkcZTxSwFSRxxPMMRaAz221N80zTZ3FrcPfSuvd9vvM0AhfFBZibO2f6Hy/Z
WJ8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:40 2025 by rpki-client