Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/gAMR0Q92Uzgd06s8c5UaYrM_LYc.roa
File: gAMR0Q92Uzgd06s8c5UaYrM_LYc.roa (raw, json)
Hash identifier: 4jBtIxKuhMuI9t1BH+9+g13c7uFbBD5XHZI9wDOqtY4=
Subject key identifier: 80:03:11:D1:0F:76:53:38:1D:D3:AB:3C:73:95:1A:62:B3:3F:2D:87
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 018FDED00C22F5E3281AB21C64E0D1C8CC9D
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/gAMR0Q92Uzgd06s8c5UaYrM_LYc.roa
Signing time: Mon 03 Jun 2024 15:55:27 +0000
ROA not before: Mon 03 Jun 2024 15:55:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 202.49.176.0/24 maxlen: 24
202.181.148.0/24 maxlen: 24
203.31.40.0/24 maxlen: 24
2a13:d207::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Jun 2024 09:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:d0:0c:22:f5:e3:28:1a:b2:1c:64:e0:d1:c8:cc:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Jun 3 15:55:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=800311d10f7653381dd3ab3c73951a62b33f2d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c6:58:91:0a:b1:4d:67:68:15:f5:7d:42:4b:
f6:8b:11:4c:d9:39:c9:bc:85:e0:5c:45:39:cf:f9:
fa:22:75:7b:54:b2:95:e2:28:2a:35:16:37:a6:93:
4e:4d:1e:3f:a7:d4:f1:62:27:90:19:3d:89:71:14:
d0:c4:10:8e:67:a3:6f:5d:e3:c1:46:d5:ff:47:52:
1d:78:29:5c:d5:a1:08:1c:63:bc:b9:42:77:b2:87:
b0:bf:30:90:a5:61:ed:b3:35:0e:ce:1e:22:28:a0:
b2:b8:f3:e5:cc:43:4c:7e:b1:7d:09:ea:13:01:69:
0d:45:36:d5:a5:94:39:7c:12:0e:e5:6c:e0:aa:99:
71:92:fd:bc:55:3e:f3:31:27:90:4c:df:ad:09:8a:
15:dd:60:56:a3:28:52:e0:bd:13:c3:2a:05:5f:e2:
c7:57:f8:74:c1:97:49:88:fe:40:f4:48:57:9a:a9:
a7:9d:36:d4:c2:b5:44:d7:c3:5a:ec:fe:a2:67:05:
ed:fd:8c:94:81:f0:cf:26:72:5a:a5:4b:b7:d6:0b:
49:0d:41:ed:6a:84:77:03:36:cf:e0:45:f6:d8:66:
55:94:b5:f3:10:0a:1b:66:83:f2:e8:6a:5b:a9:a1:
cc:c9:9c:57:10:78:5e:6f:e0:9b:21:c2:43:53:b4:
9f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:03:11:D1:0F:76:53:38:1D:D3:AB:3C:73:95:1A:62:B3:3F:2D:87
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/gAMR0Q92Uzgd06s8c5UaYrM_LYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.49.176.0/24
202.181.148.0/24
203.31.40.0/24
IPv6:
2a13:d207::/32
Signature Algorithm: sha256WithRSAEncryption
0a:66:df:54:dc:d2:9b:2e:27:85:e9:e2:6e:ee:cd:8e:0e:91:
40:b2:df:84:8b:55:c0:9b:38:0c:3b:7d:6f:40:aa:3d:40:f3:
23:f0:56:42:78:a0:90:e4:4f:54:36:67:ad:84:0a:ec:8d:13:
1f:c0:df:6c:49:10:ca:9f:54:d9:1e:c9:9f:e4:1b:43:b2:3f:
73:96:aa:f4:5a:17:78:b8:66:ad:de:04:ec:af:84:cd:97:1c:
ac:18:d1:f3:b1:f1:26:ec:15:98:2d:69:53:e2:3e:50:8a:3d:
52:d1:45:af:8d:06:ce:bc:32:eb:f0:df:91:a4:e5:b2:0f:52:
35:30:a9:cc:f6:9d:20:8a:59:f1:eb:b5:ea:14:7f:7a:65:55:
13:7a:d2:9a:53:9d:8f:68:d8:39:37:37:55:53:c1:2f:ae:f1:
84:0f:00:6e:6c:07:bd:fd:f7:9e:17:3c:39:9f:ac:19:83:aa:
ce:1d:ed:77:7c:40:7d:88:fe:2a:26:91:15:8a:46:e9:89:46:
d8:6e:23:2b:c4:77:d9:5d:b2:13:1d:b7:62:a1:88:01:9e:70:
35:79:e9:a3:69:de:0c:5c:06:57:92:1d:91:ee:e9:8e:0e:d4:
d6:92:c9:69:ee:64:bc:7d:db:1a:76:5a:93:d7:33:0e:6c:62:
50:d2:03:88
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY/e0Awi9eMoGrIcZODRyMydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjQwNjAzMTU1NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAzMTFkMTBmNzY1MzM4MWRkM2FiM2M3Mzk1MWE2MmIzM2YyZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsZYkQqxTWdoFfV9Qkv2ixFM2TnJ
vIXgXEU5z/n6InV7VLKV4igqNRY3ppNOTR4/p9TxYieQGT2JcRTQxBCOZ6NvXePB
RtX/R1IdeClc1aEIHGO8uUJ3soewvzCQpWHtszUOzh4iKKCyuPPlzENMfrF9CeoT
AWkNRTbVpZQ5fBIO5Wzgqplxkv28VT7zMSeQTN+tCYoV3WBWoyhS4L0TwyoFX+LH
V/h0wZdJiP5A9EhXmqmnnTbUwrVE18Na7P6iZwXt/YyUgfDPJnJapUu31gtJDUHt
aoR3AzbP4EX22GZVlLXzEAobZoPy6GpbqaHMyZxXEHheb+CbIcJDU7SfnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIADEdEPdlM4HdOrPHOVGmKzPy2HMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvZ0FNUjBROTJVemdkMDZzOGM1VWFZck1fTFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAyjGwAwQA
yrWUAwQAyx8oMA0EAgACMAcDBQAqE9IHMA0GCSqGSIb3DQEBCwUAA4IBAQAKZt9U
3NKbLieF6eJu7s2ODpFAst+Ei1XAmzgMO31vQKo9QPMj8FZCeKCQ5E9UNmethArs
jRMfwN9sSRDKn1TZHsmf5BtDsj9zlqr0Whd4uGat3gTsr4TNlxysGNHzsfEm7BWY
LWlT4j5Qij1S0UWvjQbOvDLr8N+RpOWyD1I1MKnM9p0gilnx67XqFH96ZVUTetKa
U52PaNg5NzdVU8EvrvGEDwBubAe9/feeFzw5n6wZg6rOHe13fEB9iP4qJpEVikbp
iUbYbiMrxHfZXbITHbdioYgBnnA1eemjad4MXAZXkh2R7umODtTWkslp7mS8fdsa
dlqT1zMObGJQ0gOI
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:35:50 2024 by rpki-client on console-fra.rpki-client.org