Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Gmcrkt3q_PpBIO1BWbhTwSqB2-U.roa
File: Gmcrkt3q_PpBIO1BWbhTwSqB2-U.roa (raw, json)
Hash identifier: wIkryl71/bAvL1Uqgx0gqWY+S2taQjGTmQ7IaiSjafo=
Subject key identifier: 1A:67:2B:92:DD:EA:FC:FA:41:20:ED:41:59:B8:53:C1:2A:81:DB:E5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188524358F470062B37A82768D07F9A2175
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Gmcrkt3q_PpBIO1BWbhTwSqB2-U.roa
Signing time: Thu 25 May 2023 09:35:25 +0000
ROA not before: Thu 25 May 2023 09:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 194.242.14.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:43:58:f4:70:06:2b:37:a8:27:68:d0:7f:9a:21:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 25 09:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a672b92ddeafcfa4120ed4159b853c12a81dbe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:48:bd:dc:5a:46:fb:7b:df:ff:67:5d:e5:06:
c9:d8:3e:aa:71:4a:89:2f:c3:b4:a9:a3:e8:fd:a0:
bb:2d:f2:ef:9e:ac:c3:8f:fe:2a:7d:a9:70:78:60:
68:66:7c:3b:43:1a:bb:49:23:a9:a5:fa:80:5c:0e:
fb:4a:0d:aa:bf:01:8f:9d:59:42:5d:9b:00:d1:d4:
80:41:64:e0:ba:e9:c9:17:10:71:90:c8:7f:db:e6:
1d:36:02:93:9e:2a:a7:93:e7:bd:f3:d1:0c:2e:87:
a1:3a:3d:1d:89:fa:8c:10:70:9e:7a:c4:8b:3d:da:
cd:f3:39:cf:0a:56:7b:81:16:7f:99:f5:17:22:fe:
0d:fd:41:00:d0:b7:65:6d:3c:cf:62:a6:35:50:68:
27:6d:16:7e:65:1a:c7:49:a5:cf:50:26:bc:76:aa:
53:21:2a:6c:e0:ee:4e:3e:b0:f6:12:db:0e:ac:0c:
19:7e:80:df:41:3b:68:7e:d2:f5:ab:be:5a:a1:68:
9c:29:d1:b1:8e:58:94:8f:66:75:2e:26:b0:14:ba:
31:ab:bc:8f:39:62:be:9f:17:b3:cd:36:ce:ca:21:
ae:19:d4:4a:da:4b:2a:0c:b0:bb:d0:e6:1e:fa:96:
12:81:2f:e1:b8:01:b4:05:7f:b6:f2:e8:b2:f2:3a:
25:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:67:2B:92:DD:EA:FC:FA:41:20:ED:41:59:B8:53:C1:2A:81:DB:E5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Gmcrkt3q_PpBIO1BWbhTwSqB2-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.14.0/23
Signature Algorithm: sha256WithRSAEncryption
14:af:5d:b6:71:4e:63:e2:90:c0:48:7f:a3:41:71:72:44:c4:
cb:ec:a6:53:84:47:2f:7c:9b:d6:64:5c:63:f7:3b:7e:ed:47:
57:0b:d1:20:54:03:08:c4:09:81:f2:6a:d4:63:86:83:d1:e8:
0e:30:e4:73:97:b1:85:41:69:3a:a5:eb:26:a6:a0:16:a3:2c:
67:7b:9b:de:0a:4e:89:d5:69:f3:c8:4a:ff:d7:20:12:1f:ca:
73:f5:0c:9f:a5:44:e7:93:c7:ba:d0:ed:67:0f:82:0c:ed:47:
5e:4a:cb:1b:f2:13:18:c5:ab:46:a9:52:17:a2:eb:7e:97:b5:
8a:06:08:46:73:2e:2c:9c:c6:55:2f:18:78:41:ca:e4:6a:3d:
0e:2d:fc:24:7a:78:85:71:18:f6:a6:e0:7e:54:3f:10:d6:63:
a8:0c:63:fa:51:af:9f:9b:31:ac:7e:f9:f2:ab:be:f0:58:1b:
c0:f8:c8:7d:1a:c4:bf:dd:c3:d8:69:22:7a:4f:39:8b:92:bf:
fe:ed:d8:5b:49:d2:f1:cd:83:54:14:4a:58:5a:d1:aa:3e:18:
bf:c4:8b:ac:bb:ae:3d:96:9b:24:8d:be:f0:7f:12:38:4d:2b:
55:ff:81:0d:d4:2b:c2:81:55:2b:ec:84:17:3d:f9:5b:66:64:
2b:a7:37:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhSQ1j0cAYrN6gnaNB/miF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTI1MDkzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTY3MmI5MmRkZWFmY2ZhNDEyMGVkNDE1OWI4NTNjMTJhODFkYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlki93FpG+3vf/2dd5QbJ2D6qcUqJ
L8O0qaPo/aC7LfLvnqzDj/4qfalweGBoZnw7Qxq7SSOppfqAXA77Sg2qvwGPnVlC
XZsA0dSAQWTguunJFxBxkMh/2+YdNgKTniqnk+e989EMLoehOj0difqMEHCeesSL
PdrN8znPClZ7gRZ/mfUXIv4N/UEA0LdlbTzPYqY1UGgnbRZ+ZRrHSaXPUCa8dqpT
ISps4O5OPrD2EtsOrAwZfoDfQTtoftL1q75aoWicKdGxjliUj2Z1LiawFLoxq7yP
OWK+nxezzTbOyiGuGdRK2ksqDLC70OYe+pYSgS/huAG0BX+28uiy8jol7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpnK5Ld6vz6QSDtQVm4U8EqgdvlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvR21jcmt0M3FfUHBCSU8xQldiaFR3U3FCMi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvIOMA0G
CSqGSIb3DQEBCwUAA4IBAQAUr122cU5j4pDASH+jQXFyRMTL7KZThEcvfJvWZFxj
9zt+7UdXC9EgVAMIxAmB8mrUY4aD0egOMORzl7GFQWk6pesmpqAWoyxne5veCk6J
1WnzyEr/1yASH8pz9QyfpUTnk8e60O1nD4IM7UdeSssb8hMYxatGqVIXout+l7WK
BghGcy4snMZVLxh4Qcrkaj0OLfwkeniFcRj2puB+VD8Q1mOoDGP6Ua+fmzGsfvny
q77wWBvA+Mh9GsS/3cPYaSJ6TzmLkr/+7dhbSdLxzYNUFEpYWtGqPhi/xIusu649
lpskjb7wfxI4TStV/4EN1CvCgVUr7IQXPflbZmQrpzfO
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org