Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/GXzY10M2lj5iFYGZPSPsIfupXy4.roa
File: GXzY10M2lj5iFYGZPSPsIfupXy4.roa (raw, json)
Hash identifier: 3A60i5WSFN0SrPIegzW5TRQ9DmGPWNv9zgUETJ+axiY=
Subject key identifier: 19:7C:D8:D7:43:36:96:3E:62:15:81:99:3D:23:EC:21:FB:A9:5F:2E
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018571C301DE16A38486348FC53F90C38193
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/GXzY10M2lj5iFYGZPSPsIfupXy4.roa
Signing time: Mon 02 Jan 2023 09:14:43 +0000
ROA not before: Mon 02 Jan 2023 09:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204963
IP address blocks: 5.255.89.0/24 maxlen: 24
2a00:1ca8:89::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:01:de:16:a3:84:86:34:8f:c5:3f:90:c3:81:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 2 09:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=197cd8d74336963e621581993d23ec21fba95f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d5:c6:e8:b7:9e:00:cf:fc:0c:06:f3:da:9d:
3a:00:1d:5c:f2:c2:a1:a7:4a:87:f5:92:88:ab:68:
38:14:f6:5e:41:d3:27:14:45:40:40:86:19:58:11:
b8:71:a0:8d:35:11:7d:d0:75:48:25:39:cc:c0:9f:
aa:89:92:f8:3d:2c:58:6a:b0:86:c2:25:70:60:f3:
35:fb:02:72:aa:35:08:d8:e8:34:a7:57:d3:33:0e:
8e:ff:2d:ef:85:f2:14:d8:57:c0:a4:bf:d4:fe:80:
ab:78:75:f5:e6:28:63:c6:f4:7f:14:d8:c3:a5:be:
ee:ae:b1:a6:03:1a:ca:4f:6a:91:a5:da:ea:ea:47:
8c:31:8e:85:fa:ed:2b:37:7a:4a:c7:27:43:6c:09:
f9:c5:45:a1:3d:29:ba:e3:1b:c5:0a:85:f6:03:94:
6b:99:3f:10:47:a7:b2:d9:09:84:ee:34:a1:f8:4b:
34:58:37:e6:b4:31:37:f3:52:42:7a:07:68:8f:99:
ee:06:ad:01:50:f7:82:6a:93:7a:74:61:4c:74:6f:
45:55:1c:f3:ec:eb:61:da:61:5c:e7:28:7d:3a:c1:
1e:21:fa:f8:ef:d1:45:64:30:cd:ab:46:86:67:2f:
e2:6e:7a:f0:9e:16:e6:d1:42:e4:bc:07:db:6d:10:
ba:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7C:D8:D7:43:36:96:3E:62:15:81:99:3D:23:EC:21:FB:A9:5F:2E
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/GXzY10M2lj5iFYGZPSPsIfupXy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.89.0/24
IPv6:
2a00:1ca8:89::/48
Signature Algorithm: sha256WithRSAEncryption
03:02:af:c5:75:d8:38:9c:07:7f:a3:d6:ff:c8:35:9d:66:38:
c6:85:68:c9:17:fb:13:10:20:48:cc:27:c9:72:32:3a:81:dd:
25:5a:fa:fb:49:ee:c2:cd:50:69:5c:51:ec:a5:09:12:5a:14:
7e:f2:7e:42:62:e8:94:97:b3:95:69:ee:5f:a8:f1:5d:50:03:
24:c5:ea:49:f5:ae:43:b4:a9:ec:fc:87:73:18:80:69:c4:ba:
18:1e:6f:97:46:58:30:d4:8b:ea:8e:c9:1b:f5:67:fb:69:fb:
fd:d4:2c:4c:4e:63:cd:cd:40:f4:e5:90:2a:9a:c8:c4:19:7b:
44:88:af:ca:00:41:77:b6:c3:87:66:77:89:93:4e:7f:a3:39:
f1:0a:0b:b0:5a:89:ea:c1:e2:73:d0:10:40:d7:d8:ae:00:94:
0a:6e:d8:cb:7f:49:96:21:db:80:87:ca:a7:61:e7:ef:d9:6e:
f6:23:a5:e6:60:d9:dc:90:d1:3c:da:65:45:43:61:e5:95:c9:
c8:d7:c7:fe:e2:1d:4e:7e:18:5f:9e:58:7e:2e:91:43:12:52:
4d:26:57:19:44:24:75:5f:e1:0a:9a:be:0e:79:50:73:f9:79:
71:e0:d9:85:05:57:2f:7b:db:44:0b:49:9d:d8:c6:7c:63:04:
e4:6c:e1:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxwwHeFqOEhjSPxT+Qw4GTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwMTAyMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdjZDhkNzQzMzY5NjNlNjIxNTgxOTkzZDIzZWMyMWZiYTk1ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtXG6LeeAM/8DAbz2p06AB1c8sKh
p0qH9ZKIq2g4FPZeQdMnFEVAQIYZWBG4caCNNRF90HVIJTnMwJ+qiZL4PSxYarCG
wiVwYPM1+wJyqjUI2Og0p1fTMw6O/y3vhfIU2FfApL/U/oCreHX15ihjxvR/FNjD
pb7urrGmAxrKT2qRpdrq6keMMY6F+u0rN3pKxydDbAn5xUWhPSm64xvFCoX2A5Rr
mT8QR6ey2QmE7jSh+Es0WDfmtDE381JCegdoj5nuBq0BUPeCapN6dGFMdG9FVRzz
7Oth2mFc5yh9OsEeIfr479FFZDDNq0aGZy/ibnrwnhbm0ULkvAfbbRC6hwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBl82NdDNpY+YhWBmT0j7CH7qV8uMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvR1h6WTEwTTJsajVpRllHWlBTUHNJZnVwWHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABf9ZMA8E
AgACMAkDBwAqAByoAIkwDQYJKoZIhvcNAQELBQADggEBAAMCr8V12DicB3+j1v/I
NZ1mOMaFaMkX+xMQIEjMJ8lyMjqB3SVa+vtJ7sLNUGlcUeylCRJaFH7yfkJi6JSX
s5Vp7l+o8V1QAyTF6kn1rkO0qez8h3MYgGnEuhgeb5dGWDDUi+qOyRv1Z/tp+/3U
LExOY83NQPTlkCqayMQZe0SIr8oAQXe2w4dmd4mTTn+jOfEKC7BaierB4nPQEEDX
2K4AlApu2Mt/SZYh24CHyqdh5+/ZbvYjpeZg2dyQ0TzaZUVDYeWVycjXx/7iHU5+
GF+eWH4ukUMSUk0mVxlEJHVf4Qqavg55UHP5eXHg2YUFVy9720QLSZ3YxnxjBORs
4dg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:48 2024 by rpki-client on console-fra.rpki-client.org