Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/GXjQkikSdj2bPTNBTdUnLekN9nE.roa
File: GXjQkikSdj2bPTNBTdUnLekN9nE.roa (raw, json)
Hash identifier: OEULIRAnzcJIcUH7+Ha+j2tTqlQWEZha9Mcepks5LRE=
Subject key identifier: 19:78:D0:92:29:12:76:3D:9B:3D:33:41:4D:D5:27:2D:E9:0D:F6:71
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 018577DEB4A9E5EB2E93E0A2EBE1CA99977F
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/GXjQkikSdj2bPTNBTdUnLekN9nE.roa
Signing time: Tue 03 Jan 2023 13:42:41 +0000
ROA not before: Tue 03 Jan 2023 13:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 212.4.240.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:de:b4:a9:e5:eb:2e:93:e0:a2:eb:e1:ca:99:97:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Jan 3 13:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1978d0922912763d9b3d33414dd5272de90df671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9a:3d:79:fc:6d:36:2f:ef:b9:70:38:1f:e7:
6c:88:02:c0:37:45:56:3a:77:fb:42:ca:e1:b0:72:
6c:60:d8:ed:9c:18:a8:31:74:5f:0d:5a:0e:39:20:
f5:44:6a:4e:a4:7a:a5:bf:0d:e1:db:5e:54:a6:b1:
04:72:6d:a8:13:aa:9c:6d:11:96:14:24:3b:1b:72:
cc:6a:e2:23:bd:3d:6b:79:14:14:5e:20:8a:d8:3f:
a7:4f:e3:54:43:16:2c:69:f8:72:7c:28:e5:03:8e:
da:f5:62:fc:63:a1:bd:c8:78:97:6b:26:77:f5:d7:
d1:22:eb:cd:df:b1:b7:17:06:76:32:b4:5e:55:8d:
ea:8e:72:bf:1b:0b:a2:23:86:7f:74:30:43:ac:52:
15:45:31:39:9a:b6:24:21:32:f3:9b:bb:24:e9:b5:
a6:01:69:b2:5a:17:98:d8:33:4b:26:37:39:02:5b:
7e:c8:9f:29:68:41:13:cc:75:4c:38:cf:b2:69:ec:
96:81:c2:35:52:55:ff:8a:0d:50:8c:ab:63:73:42:
7e:a6:f2:1a:f9:9d:20:2c:b0:89:0b:e0:6d:46:63:
ac:0f:8b:ea:10:a9:ee:91:58:9f:15:3d:41:85:7a:
9b:0d:53:c6:07:6c:bf:58:61:f2:03:1a:cc:c4:e5:
ef:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:78:D0:92:29:12:76:3D:9B:3D:33:41:4D:D5:27:2D:E9:0D:F6:71
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/GXjQkikSdj2bPTNBTdUnLekN9nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.4.240.0/22
Signature Algorithm: sha256WithRSAEncryption
16:99:38:3e:04:78:d5:ec:8a:b0:a6:15:ff:44:5a:3d:c3:37:
93:44:d5:e4:65:70:3d:4e:32:e3:e0:fe:e5:0a:a4:a3:5a:7c:
a5:03:40:d3:2a:cc:53:a8:6e:78:b3:29:4b:e6:13:77:83:d7:
39:db:e2:c6:db:b9:e2:e5:8a:8e:7f:a0:5a:c9:92:5e:5a:06:
52:be:e8:91:dc:de:a3:42:df:54:f7:60:2b:cd:1a:0d:9b:71:
10:11:fa:76:ac:18:a6:a8:3f:2e:fd:be:d2:65:51:ff:e7:bd:
be:84:34:81:d4:2e:58:4f:27:31:3a:51:95:e9:e9:4f:84:28:
c8:39:89:ce:eb:63:cf:76:a6:a4:1e:02:14:1f:31:ce:c6:8a:
e3:05:ff:37:2b:9b:be:a5:d1:c8:81:0e:55:c0:3b:ad:9e:6c:
19:bf:8f:74:13:08:c9:14:38:2b:0e:8b:e4:4b:bd:f9:85:c1:
e6:3a:a0:9a:37:4e:5b:5c:f7:ba:47:f8:85:1c:08:91:49:50:
43:2b:be:0d:05:80:12:6e:fa:ad:81:da:2d:f4:e5:38:d0:f6:
1d:76:42:17:40:29:b4:fa:26:e2:48:24:03:93:02:2d:00:31:
2a:78:08:7c:8e:c9:97:15:59:ff:72:2e:74:b8:55:31:0c:cf:
7c:17:9e:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV33rSp5esuk+Ci6+HKmZd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjMwMTAzMTM0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTc4ZDA5MjI5MTI3NjNkOWIzZDMzNDE0ZGQ1MjcyZGU5MGRmNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJo9efxtNi/vuXA4H+dsiALAN0VW
Onf7QsrhsHJsYNjtnBioMXRfDVoOOSD1RGpOpHqlvw3h215UprEEcm2oE6qcbRGW
FCQ7G3LMauIjvT1reRQUXiCK2D+nT+NUQxYsafhyfCjlA47a9WL8Y6G9yHiXayZ3
9dfRIuvN37G3FwZ2MrReVY3qjnK/GwuiI4Z/dDBDrFIVRTE5mrYkITLzm7sk6bWm
AWmyWheY2DNLJjc5Alt+yJ8paEETzHVMOM+yaeyWgcI1UlX/ig1QjKtjc0J+pvIa
+Z0gLLCJC+BtRmOsD4vqEKnukVifFT1BhXqbDVPGB2y/WGHyAxrMxOXvOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBl40JIpEnY9mz0zQU3VJy3pDfZxMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvR1hqUWtpa1NkajJiUFROQlRkVW5MZWtOOW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ATwMA0G
CSqGSIb3DQEBCwUAA4IBAQAWmTg+BHjV7IqwphX/RFo9wzeTRNXkZXA9TjLj4P7l
CqSjWnylA0DTKsxTqG54sylL5hN3g9c52+LG27ni5YqOf6BayZJeWgZSvuiR3N6j
Qt9U92ArzRoNm3EQEfp2rBimqD8u/b7SZVH/572+hDSB1C5YTycxOlGV6elPhCjI
OYnO62PPdqakHgIUHzHOxorjBf83K5u+pdHIgQ5VwDutnmwZv490EwjJFDgrDovk
S735hcHmOqCaN05bXPe6R/iFHAiRSVBDK74NBYASbvqtgdot9OU40PYddkIXQCm0
+ibiSCQDkwItADEqeAh8jsmXFVn/ci50uFUxDM98F56C
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:34 2024 by rpki-client on console-fra.rpki-client.org