Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/GNFH72kLRnzJX3mTuO-v1wnUwYs.roa
File: GNFH72kLRnzJX3mTuO-v1wnUwYs.roa (raw, json)
Hash identifier: 5bw6+T+q4u/fsQSizUJRYVnkjcl8gotimDhwYwf/JqY=
Subject key identifier: 18:D1:47:EF:69:0B:46:7C:C9:5F:79:93:B8:EF:AF:D7:09:D4:C1:8B
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018D7D3227F94571DEC523F79D26BE2B405E
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/GNFH72kLRnzJX3mTuO-v1wnUwYs.roa
Signing time: Tue 06 Feb 2024 06:54:15 +0000
ROA not before: Tue 06 Feb 2024 06:54:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34108
IP address blocks: 2a07:3500:1100::/48 maxlen: 48
2a07:3500:1460::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:32:27:f9:45:71:de:c5:23:f7:9d:26:be:2b:40:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 6 06:54:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d147ef690b467cc95f7993b8efafd709d4c18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7e:f7:22:fb:31:7b:2e:11:51:e0:23:c8:db:
0f:ba:a5:73:d0:16:e6:59:f8:11:a5:54:49:a0:d5:
23:3c:df:f6:8a:83:5d:9e:84:e5:04:67:79:54:88:
fe:1a:7e:0e:12:0f:44:8a:54:e7:de:01:15:ff:8c:
c1:be:28:b5:d4:7e:8f:a6:b2:22:cc:c9:ec:4e:35:
db:1f:9d:42:b4:bb:6c:1f:45:01:38:35:fb:9b:2c:
8e:3e:e4:2b:57:f0:b7:64:f8:3c:06:b5:a4:14:f1:
e0:45:0d:58:ce:8a:ae:3d:f1:67:83:dd:03:df:85:
5f:b1:9c:3e:b5:ae:9d:f3:1c:3b:86:5e:c2:b0:ba:
fb:45:02:aa:85:51:8e:6a:be:d5:f3:07:e3:0e:af:
44:16:52:06:05:ac:2a:c7:1c:77:1b:f9:6d:6e:3c:
dd:1a:fd:b6:6c:d4:5f:56:e8:3f:84:d1:f4:0f:2a:
12:25:25:aa:fd:e4:76:69:af:96:d1:96:89:12:e1:
11:60:09:27:59:1c:ce:96:f6:ea:04:48:2e:56:47:
56:b9:82:59:11:68:d8:41:29:bc:1e:a9:83:40:38:
8c:2c:45:d2:21:ca:4b:7b:40:11:e5:3b:ba:91:e6:
7a:cb:55:e5:5a:7b:75:eb:2a:75:3e:93:01:28:92:
0d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D1:47:EF:69:0B:46:7C:C9:5F:79:93:B8:EF:AF:D7:09:D4:C1:8B
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/GNFH72kLRnzJX3mTuO-v1wnUwYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1100::/48
2a07:3500:1460::/48
Signature Algorithm: sha256WithRSAEncryption
02:dd:1a:dc:85:74:5b:19:68:5d:f5:f2:0a:6e:06:ba:38:ac:
28:2e:0d:ee:56:51:ab:65:37:33:62:b8:df:1b:7a:05:a5:c6:
bc:ba:8b:54:c4:c3:ff:cd:2c:64:c4:bd:c3:b9:3d:c9:46:8c:
e3:10:29:6d:81:7b:b6:d8:4d:a8:ff:eb:3b:94:9a:52:38:bf:
1a:38:c7:83:aa:1b:cb:16:7a:4f:10:eb:6d:a1:17:1b:c8:47:
ce:fe:bd:7b:b9:fc:ec:10:15:e4:0f:c0:1b:21:17:22:cf:03:
5d:64:64:8b:8d:c8:94:07:a7:0b:f5:2c:99:b0:a8:e2:5e:8d:
44:19:d1:09:8a:6f:68:fd:c4:d8:6c:6d:da:8d:7f:9a:df:4c:
da:34:44:bb:2e:07:5a:23:69:65:b4:0a:2b:ac:83:22:b5:4d:
0d:be:66:41:1c:43:a4:cb:b6:b3:a3:5c:c8:8a:01:67:8c:13:
a4:43:69:64:a7:36:99:98:f1:e5:3e:b8:b6:1d:2e:51:3a:2b:
8d:3a:36:fc:f8:4a:e0:c0:27:ea:2e:71:f6:db:ec:d5:90:57:
cf:1a:d5:2b:75:07:1a:c7:08:0b:01:c5:18:b5:5e:d6:82:75:
13:b9:44:7b:ca:bd:43:c4:4f:85:f7:84:06:0f:d5:f4:9d:ce:
6b:22:36:7d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY19Mif5RXHexSP3nSa+K0BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMjA2MDY1NDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQxNDdlZjY5MGI0NjdjYzk1Zjc5OTNiOGVmYWZkNzA5ZDRjMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX73Ivsxey4RUeAjyNsPuqVz0Bbm
WfgRpVRJoNUjPN/2ioNdnoTlBGd5VIj+Gn4OEg9EilTn3gEV/4zBvii11H6PprIi
zMnsTjXbH51CtLtsH0UBODX7myyOPuQrV/C3ZPg8BrWkFPHgRQ1YzoquPfFng90D
34VfsZw+ta6d8xw7hl7CsLr7RQKqhVGOar7V8wfjDq9EFlIGBawqxxx3G/ltbjzd
Gv22bNRfVug/hNH0DyoSJSWq/eR2aa+W0ZaJEuERYAknWRzOlvbqBEguVkdWuYJZ
EWjYQSm8HqmDQDiMLEXSIcpLe0AR5Tu6keZ6y1XlWnt16yp1PpMBKJINkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBjRR+9pC0Z8yV95k7jvr9cJ1MGLMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvR05GSDcya0xSbnpKWDNtVHVPLXYxd25Vd1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgc1ABEA
AwcAKgc1ABRgMA0GCSqGSIb3DQEBCwUAA4IBAQAC3RrchXRbGWhd9fIKbga6OKwo
Lg3uVlGrZTczYrjfG3oFpca8uotUxMP/zSxkxL3DuT3JRozjECltgXu22E2o/+s7
lJpSOL8aOMeDqhvLFnpPEOttoRcbyEfO/r17ufzsEBXkD8AbIRcizwNdZGSLjciU
B6cL9SyZsKjiXo1EGdEJim9o/cTYbG3ajX+a30zaNES7LgdaI2lltAorrIMitU0N
vmZBHEOky7azo1zIigFnjBOkQ2lkpzaZmPHlPri2HS5ROiuNOjb8+ErgwCfqLnH2
2+zVkFfPGtUrdQcaxwgLAcUYtV7WgnUTuUR7yr1DxE+F94QGD9X0nc5rIjZ9
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:54:44 2025 by rpki-client