Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gasLT0x_l8riHKFFaPzcPbnTnQQ.roa
File: gasLT0x_l8riHKFFaPzcPbnTnQQ.roa (raw, json)
Hash identifier: YHX485APOsbk4S+xH+ijhQDtiWtdl4J85dIldb2pOwI=
Subject key identifier: 81:AB:0B:4F:4C:7F:97:CA:E2:1C:A1:45:68:FC:DC:3D:B9:D3:9D:04
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190648A39ED8941E7FA8BF3D64DD92AA553
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gasLT0x_l8riHKFFaPzcPbnTnQQ.roa
Signing time: Sat 29 Jun 2024 15:08:18 +0000
ROA not before: Sat 29 Jun 2024 15:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 29 Jun 2024 16:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:64:8a:39:ed:89:41:e7:fa:8b:f3:d6:4d:d9:2a:a5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 29 15:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ab0b4f4c7f97cae21ca14568fcdc3db9d39d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:20:c9:a3:e3:88:7d:07:11:d0:33:3f:88:
b9:f2:00:01:b8:c2:9f:9e:92:dd:38:df:5a:07:f1:
d0:d6:96:df:4f:b1:df:d6:f6:2a:4b:86:2c:e8:07:
eb:be:30:21:1b:b5:c7:e0:2e:25:fd:20:98:74:bf:
63:16:b5:35:ac:0c:90:ab:5c:dd:c5:cc:3e:1f:5a:
a2:2c:0b:9c:d8:6b:18:90:e0:79:89:56:73:cc:34:
dc:04:a2:21:20:cc:30:f4:8f:86:fc:f9:a7:68:3d:
e4:fa:fe:25:fd:f2:52:d6:32:f5:22:ed:a5:7b:97:
19:bf:af:d4:e8:63:6d:86:72:8c:12:74:b3:e9:92:
4a:f2:ae:4d:9d:3b:cd:44:f0:d4:62:a3:4d:10:69:
26:8c:59:8e:07:cd:38:8a:04:00:64:f9:df:67:3d:
97:7a:5c:77:ff:1b:03:66:11:67:7d:13:95:54:44:
99:5f:1a:d2:ab:7e:a6:44:c1:10:55:d1:31:50:50:
3f:5d:53:83:32:15:dc:c4:f9:83:e8:b7:f6:ab:91:
f9:25:51:3d:fa:66:4f:df:42:6b:3b:68:53:64:45:
67:dc:1e:fa:e8:d0:33:a4:f9:3c:a9:36:c8:1f:9d:
cf:8b:a3:21:40:e0:ca:9c:0c:da:40:8b:27:40:c2:
01:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AB:0B:4F:4C:7F:97:CA:E2:1C:A1:45:68:FC:DC:3D:B9:D3:9D:04
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gasLT0x_l8riHKFFaPzcPbnTnQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:03:99:2c:3e:d3:31:69:61:fe:34:3c:57:3e:40:90:d2:c7:
18:0f:a5:7c:83:d4:c8:69:d2:38:c6:72:2b:7e:43:22:0a:93:
45:95:8e:c9:c2:f8:f8:43:80:61:f9:11:f3:60:dc:f8:70:73:
b9:f8:95:ea:99:71:14:c8:29:69:87:7f:3f:11:b4:17:28:c9:
32:5e:6f:8c:b4:a4:33:be:4b:4b:1a:88:69:cb:53:03:8a:3f:
69:ca:57:51:24:d3:63:f5:7b:2d:a2:78:1c:76:f6:b8:55:87:
14:3f:e7:39:32:d7:a0:b5:fa:e7:dd:f4:55:96:d6:e1:1c:50:
ac:01:79:91:bb:2b:2e:82:53:2c:e2:b6:37:2c:80:6b:88:61:
47:09:25:68:7d:79:51:cf:db:16:0b:c6:75:70:6f:30:4a:24:
46:a8:39:0c:09:03:b0:68:6c:46:58:ef:95:89:ad:01:bc:0a:
bb:94:2e:e7:ab:a9:f9:d1:d4:0b:a8:c8:99:55:c9:f1:6c:d6:
b3:ea:72:4c:64:b4:4e:4f:8a:60:4a:55:93:64:7d:98:bd:69:
be:39:fe:f7:12:93:83:1c:99:93:d3:28:04:18:0f:98:a7:51:
8f:29:af:ad:57:44:47:84:3a:b0:07:a3:8f:6d:e4:a9:c8:f6:
df:65:22:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBkijntiUHn+ovz1k3ZKqVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI5MTUwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFiMGI0ZjRjN2Y5N2NhZTIxY2ExNDU2OGZjZGMzZGI5ZDM5ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzwgyaPjiH0HEdAzP4i58gABuMKf
npLdON9aB/HQ1pbfT7Hf1vYqS4Ys6AfrvjAhG7XH4C4l/SCYdL9jFrU1rAyQq1zd
xcw+H1qiLAuc2GsYkOB5iVZzzDTcBKIhIMww9I+G/PmnaD3k+v4l/fJS1jL1Iu2l
e5cZv6/U6GNthnKMEnSz6ZJK8q5NnTvNRPDUYqNNEGkmjFmOB804igQAZPnfZz2X
elx3/xsDZhFnfROVVESZXxrSq36mRMEQVdExUFA/XVODMhXcxPmD6Lf2q5H5JVE9
+mZP30JrO2hTZEVn3B766NAzpPk8qTbIH53Pi6MhQODKnAzaQIsnQMIBaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIGrC09Mf5fK4hyhRWj83D25050EMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ2FzTFQweF9sOHJpSEtGRmFQemNQYm5UblFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF8DmSw+0zFpYf40PFc+
QJDSxxgPpXyD1Mhp0jjGcit+QyIKk0WVjsnC+PhDgGH5EfNg3Phwc7n4leqZcRTI
KWmHfz8RtBcoyTJeb4y0pDO+S0saiGnLUwOKP2nKV1Ek02P1ey2ieBx29rhVhxQ/
5zky16C1+ufd9FWW1uEcUKwBeZG7Ky6CUyzitjcsgGuIYUcJJWh9eVHP2xYLxnVw
bzBKJEaoOQwJA7BobEZY75WJrQG8CruULuerqfnR1AuoyJlVyfFs1rPqckxktE5P
imBKVZNkfZi9ab45/vcSk4McmZPTKAQYD5inUY8pr61XREeEOrAHo49t5KnI9t9l
IqY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:58 2025 by rpki-client