Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gWmG8lz8AlV6slusGOELycb_VNU.roa
File: gWmG8lz8AlV6slusGOELycb_VNU.roa (raw, json)
Hash identifier: 82VMLnA9F7ruHNjoW/n8T9L18PGCzdJVuI6ERBcZ6Z8=
Subject key identifier: 81:69:86:F2:5C:FC:02:55:7A:B2:5B:AC:18:E1:0B:C9:C6:FF:54:D5
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018D3FD07B65EC6B3FB188C2C21C9728BBD5
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gWmG8lz8AlV6slusGOELycb_VNU.roa
Signing time: Thu 25 Jan 2024 08:50:44 +0000
ROA not before: Thu 25 Jan 2024 08:50:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3500:1240::/46 maxlen: 46
2a07:3500:12d0::/48 maxlen: 48
2a07:3500:12f8::/48 maxlen: 48
2a07:3500:15a0::/48 maxlen: 48
2a07:3500:15c0::/48 maxlen: 48
2a07:3500:1b90::/48 maxlen: 48
2a07:3501:1340::/48 maxlen: 48
2a07:3502:1060::/48 maxlen: 48
2a07:3502:10a1::/48 maxlen: 48
2a07:3502:10c0::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
Validation: Failed, certificate revoked on Mon 05 Feb 2024 06:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:d0:7b:65:ec:6b:3f:b1:88:c2:c2:1c:97:28:bb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 25 08:50:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=816986f25cfc02557ab25bac18e10bc9c6ff54d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:33:2f:bd:2c:0e:94:ad:f9:d7:43:49:a1:
a7:78:a2:36:22:ba:1e:80:d6:13:b7:d6:69:4b:04:
00:13:34:f3:b0:f0:d3:6b:c5:d5:c2:fa:e7:35:66:
0d:cb:fb:99:44:68:7a:1e:9a:1d:e1:76:14:da:c7:
0b:68:88:fd:ec:46:de:6a:d9:58:c6:39:6d:19:f6:
e0:c5:31:37:91:10:87:a1:0e:06:cc:05:7e:a0:a0:
1d:40:18:99:0b:36:2f:07:f5:01:ca:5e:b4:98:be:
ba:1c:a6:80:7c:bf:62:27:9f:39:35:ab:7b:3c:38:
02:5c:05:fc:73:e5:d1:5e:2d:0c:92:d2:e8:a9:23:
a0:66:6b:14:14:78:3c:e4:4d:2d:a9:47:d5:99:40:
15:d3:e0:4c:bd:b3:4c:39:e1:eb:25:30:f5:bb:7e:
d4:3d:4c:f6:9e:89:c0:94:31:da:e1:22:cf:a8:ee:
92:b4:5a:a8:f5:40:2c:39:ac:b0:49:a7:bf:3c:35:
ae:7f:e8:3c:93:2d:16:12:e0:30:6d:df:c4:73:44:
35:bb:b8:94:57:a1:ba:c6:37:e6:40:f0:df:a0:20:
27:4e:23:e1:6a:eb:2a:cb:c4:54:71:0e:fd:ae:89:
ee:bf:df:2c:aa:7a:3a:5e:bb:d4:e7:a4:07:19:9d:
00:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:69:86:F2:5C:FC:02:55:7A:B2:5B:AC:18:E1:0B:C9:C6:FF:54:D5
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gWmG8lz8AlV6slusGOELycb_VNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1240::/46
2a07:3500:12d0::/48
2a07:3500:12f8::/48
2a07:3500:15a0::/48
2a07:3500:15c0::/48
2a07:3500:1b90::/48
2a07:3501:1340::/48
2a07:3502:1060::/48
2a07:3502:10a1::/48
2a07:3502:10c0::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
93:6e:c2:3b:8a:16:c7:33:cf:f2:10:cc:a9:5e:3b:55:07:04:
d6:c1:bd:da:93:03:18:cd:2d:83:7a:ba:5c:7e:8b:9b:78:f4:
f2:e7:5e:a1:a3:fc:02:42:a0:0b:05:8a:87:8f:4b:b8:ec:65:
1f:34:57:73:a6:20:77:38:c7:b1:58:f3:c1:ab:d1:6f:58:82:
54:c1:2d:ad:58:cf:ac:92:b9:b9:83:1b:28:c7:f2:f5:3d:1a:
ba:99:49:a3:b4:38:5d:26:5a:e1:1f:43:ad:3e:d1:c3:8a:8d:
a1:6d:ac:8c:ad:d3:bc:5d:8d:40:c9:f8:97:df:15:38:80:c4:
84:04:e8:fb:da:22:6d:a2:97:55:e1:07:ee:ba:0f:b3:1e:a4:
7c:dc:83:c5:3f:0c:e4:43:09:a8:69:2c:6e:a6:1e:22:c8:93:
76:ea:6c:d8:77:6f:43:f3:ce:cc:15:ba:12:dd:dc:da:72:92:
f0:81:c9:f0:4c:1a:9b:24:c9:d9:49:f3:83:12:c5:68:4e:63:
fa:6e:26:d9:61:f3:18:5b:da:c9:6b:eb:af:a6:51:ff:91:0d:
18:d9:cf:a5:97:78:06:55:2f:e5:98:6b:2f:06:8f:1a:57:13:
db:f6:a2:67:6a:34:48:6f:da:94:97:15:b7:59:8d:9b:dd:ad:
2b:82:83:6b
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY0/0Htl7Gs/sYjCwhyXKLvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTI1MDg1MDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY5ODZmMjVjZmMwMjU1N2FiMjViYWMxOGUxMGJjOWM2ZmY1NGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraUzL70sDpSt+ddDSaGneKI2Iroe
gNYTt9ZpSwQAEzTzsPDTa8XVwvrnNWYNy/uZRGh6Hpod4XYU2scLaIj97EbeatlY
xjltGfbgxTE3kRCHoQ4GzAV+oKAdQBiZCzYvB/UByl60mL66HKaAfL9iJ585Nat7
PDgCXAX8c+XRXi0MktLoqSOgZmsUFHg85E0tqUfVmUAV0+BMvbNMOeHrJTD1u37U
PUz2nonAlDHa4SLPqO6StFqo9UAsOaywSae/PDWuf+g8ky0WEuAwbd/Ec0Q1u7iU
V6G6xjfmQPDfoCAnTiPhausqy8RUcQ79ronuv98sqno6XrvU56QHGZ0AfwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFIFphvJc/AJVerJbrBjhC8nG/1TVMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZ1dtRzhsejhBbFY2c2x1c0dPRUx5Y2JfVk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBpBAIAAjBjAwcCKgc1ABJA
AwcAKgc1ABLQAwcAKgc1ABL4AwcAKgc1ABWgAwcAKgc1ABXAAwcAKgc1ABuQAwcA
Kgc1ARNAAwcAKgc1AhBgAwcAKgc1AhChAwcAKgc1AhDAAwcCKgc1AhGgMA0GCSqG
SIb3DQEBCwUAA4IBAQCTbsI7ihbHM8/yEMypXjtVBwTWwb3akwMYzS2Derpcfoub
ePTy516ho/wCQqALBYqHj0u47GUfNFdzpiB3OMexWPPBq9FvWIJUwS2tWM+skrm5
gxsox/L1PRq6mUmjtDhdJlrhH0OtPtHDio2hbayMrdO8XY1AyfiX3xU4gMSEBOj7
2iJtopdV4Qfuug+zHqR83IPFPwzkQwmoaSxuph4iyJN26mzYd29D887MFboS3dza
cpLwgcnwTBqbJMnZSfODEsVoTmP6bibZYfMYW9rJa+uvplH/kQ0Y2c+ll3gGVS/l
mGsvBo8aVxPb9qJnajRIb9qUlxW3WY2b3a0rgoNr
-----END CERTIFICATE-----
Generated at Mon Feb 5 08:56:37 2024 by rpki-client on console-ams.rpki-client.org