Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gJfiLK_JtF7dCh4dVFeRe11Q7wI.roa
File: gJfiLK_JtF7dCh4dVFeRe11Q7wI.roa (raw, json)
Hash identifier: mCv8QpT5/sYCCXX0TG28ty2LhMHvFrI4iu38KifZVdI=
Subject key identifier: 80:97:E2:2C:AF:C9:B4:5E:DD:0A:1E:1D:54:57:91:7B:5D:50:EF:02
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018E14A4B1DFBFCC032B42918ECC53CC1900
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gJfiLK_JtF7dCh4dVFeRe11Q7wI.roa
Signing time: Wed 06 Mar 2024 16:42:01 +0000
ROA not before: Wed 06 Mar 2024 16:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 212.60.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 05 Jul 2024 07:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:a4:b1:df:bf:cc:03:2b:42:91:8e:cc:53:cc:19:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Mar 6 16:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8097e22cafc9b45edd0a1e1d5457917b5d50ef02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:12:37:6c:ba:c9:41:ba:d8:fd:83:8f:60:28:
ce:5f:d4:ce:27:58:f4:25:20:05:a1:dc:7b:08:8c:
9e:76:ae:f4:dc:ef:39:b2:61:9c:e9:22:9c:ad:bf:
46:78:a5:24:a1:09:b8:bd:30:45:59:c1:a3:ac:ec:
72:91:f9:2f:f2:7b:38:49:6c:95:18:c4:ba:17:a0:
63:a2:1c:43:dd:03:40:12:3a:fc:b8:03:ac:8e:7c:
38:87:6c:eb:e8:ab:0b:e6:fb:cc:3c:30:ee:52:3d:
14:20:c6:57:e9:d8:16:81:3a:51:c0:ad:dd:f2:2e:
19:b2:ba:54:a7:ba:ed:8b:0a:dd:6a:4e:9f:2a:d7:
88:81:7a:a1:2d:a3:f6:a3:89:9f:0b:11:e1:7e:8b:
6a:b7:12:e6:20:eb:fe:35:2c:99:8a:e4:ce:98:62:
1f:45:71:e7:6c:39:9e:8f:94:74:76:89:00:1f:dd:
89:09:9c:51:c6:4a:55:ad:46:85:8e:6c:3e:bc:09:
82:62:09:d6:7f:4e:cd:57:ab:a0:27:a9:61:cf:96:
f2:8a:e0:e0:c9:fc:3e:04:28:8e:a7:45:42:a4:c9:
20:0e:e2:8b:99:e9:d3:d7:af:99:1a:32:be:8a:0d:
bd:aa:d6:7d:d8:57:7a:10:17:bc:bf:e9:93:3b:3d:
52:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:97:E2:2C:AF:C9:B4:5E:DD:0A:1E:1D:54:57:91:7B:5D:50:EF:02
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gJfiLK_JtF7dCh4dVFeRe11Q7wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:97:e0:73:7d:69:59:1b:2f:60:e8:0a:c9:ec:a5:06:69:21:
d5:d3:34:20:c6:dc:1f:a0:7e:16:10:8c:be:cf:39:9f:79:6e:
82:63:c3:82:09:95:3b:90:6f:47:6f:21:60:8b:2e:f1:d8:5e:
fb:17:d1:df:e1:87:42:8e:9c:1e:62:3e:b4:35:2a:3f:95:a0:
92:7d:28:0a:24:73:8c:42:4e:3c:5b:c7:3c:dd:f2:f1:16:14:
5a:17:d4:41:26:16:56:bd:c2:61:c2:a9:5b:ef:d4:18:29:33:
9f:a5:0c:b7:80:33:58:e2:70:25:ec:91:4c:b7:4e:65:4a:15:
04:ae:7c:24:74:20:45:41:59:09:02:86:c0:ac:77:17:db:a4:
b7:f6:99:f6:69:a3:09:cf:b5:b3:0a:b0:64:c8:91:12:00:a5:
4c:c6:f7:d0:13:28:55:09:67:03:79:3f:d5:ae:a1:71:7a:12:
98:ad:5a:ba:22:5b:a6:dd:05:0a:d0:06:99:1a:3e:f7:fc:94:
59:47:67:e2:54:84:b8:4e:66:9a:dc:0f:47:48:40:05:c8:e8:
dc:af:da:db:f1:ef:c9:c2:0e:eb:12:ef:de:93:6c:2e:48:ad:
7c:35:7b:21:7b:54:94:27:62:d5:08:c4:9b:69:09:01:c8:1b:
6f:f1:dc:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4UpLHfv8wDK0KRjsxTzBkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMzA2MTY0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk3ZTIyY2FmYzliNDVlZGQwYTFlMWQ1NDU3OTE3YjVkNTBlZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRI3bLrJQbrY/YOPYCjOX9TOJ1j0
JSAFodx7CIyedq703O85smGc6SKcrb9GeKUkoQm4vTBFWcGjrOxykfkv8ns4SWyV
GMS6F6BjohxD3QNAEjr8uAOsjnw4h2zr6KsL5vvMPDDuUj0UIMZX6dgWgTpRwK3d
8i4ZsrpUp7rtiwrdak6fKteIgXqhLaP2o4mfCxHhfotqtxLmIOv+NSyZiuTOmGIf
RXHnbDmej5R0dokAH92JCZxRxkpVrUaFjmw+vAmCYgnWf07NV6ugJ6lhz5byiuDg
yfw+BCiOp0VCpMkgDuKLmenT16+ZGjK+ig29qtZ92Fd6EBe8v+mTOz1SbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICX4iyvybRe3QoeHVRXkXtdUO8CMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvZ0pmaUxLX0p0RjdkQ2g0ZFZGZVJlMTFRN3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1DwAMA0G
CSqGSIb3DQEBCwUAA4IBAQB6l+BzfWlZGy9g6ArJ7KUGaSHV0zQgxtwfoH4WEIy+
zzmfeW6CY8OCCZU7kG9HbyFgiy7x2F77F9Hf4YdCjpweYj60NSo/laCSfSgKJHOM
Qk48W8c83fLxFhRaF9RBJhZWvcJhwqlb79QYKTOfpQy3gDNY4nAl7JFMt05lShUE
rnwkdCBFQVkJAobArHcX26S39pn2aaMJz7WzCrBkyJESAKVMxvfQEyhVCWcDeT/V
rqFxehKYrVq6Ilum3QUK0AaZGj73/JRZR2fiVIS4Tmaa3A9HSEAFyOjcr9rb8e/J
wg7rEu/ek2wuSK18NXshe1SUJ2LVCMSbaQkByBtv8dxt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:02 2025 by rpki-client