Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sGD_2VCb9QXVA-vmMqVtowdYvoQ.roa
File: sGD_2VCb9QXVA-vmMqVtowdYvoQ.roa (raw, json)
Hash identifier: 8j86Wk6iIwZOrUgR4oi7z//KdnJZ73zkllXjGIDByzg=
Subject key identifier: B0:60:FF:D9:50:9B:F5:05:D5:03:EB:E6:32:A5:6D:A3:07:58:BE:84
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 01884D0B94F9F4DB45AB2CB7DA0CAF7B97E9
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sGD_2VCb9QXVA-vmMqVtowdYvoQ.roa
Signing time: Wed 24 May 2023 09:16:24 +0000
ROA not before: Wed 24 May 2023 09:16:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 2a07:3502:10e0::/48 maxlen: 48
2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1ac0::/48 maxlen: 48
2a07:3500:1c00::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:0b:94:f9:f4:db:45:ab:2c:b7:da:0c:af:7b:97:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 24 09:16:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b060ffd9509bf505d503ebe632a56da30758be84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:af:28:23:00:17:09:eb:36:8b:fb:11:d8:be:
63:ea:cc:fa:45:d6:7a:aa:ed:c5:a3:be:3b:c1:cd:
79:4e:03:47:81:55:4c:18:2b:2f:bb:6d:72:1d:9f:
64:1d:b6:f0:b7:56:e9:08:22:fd:e2:ee:16:2f:d0:
e6:c9:00:d7:1b:90:4d:03:48:a4:f0:50:e8:02:7b:
aa:92:99:78:53:67:9e:19:f8:d1:e2:94:0b:51:80:
79:7d:30:a4:1f:3d:a7:90:2d:53:76:2f:e3:8e:28:
ca:ff:cd:20:25:19:ff:dd:b8:9c:8d:22:d4:8b:a4:
fd:92:75:84:9a:56:f5:e8:d5:a6:d6:f7:82:a7:6b:
d6:a1:07:bc:78:1d:60:76:67:5f:20:cb:8b:7f:74:
25:63:09:34:c1:94:0b:78:05:05:e3:bd:69:e7:25:
0a:bf:77:9d:68:3d:5d:ec:a6:54:94:b7:0a:cd:e5:
ba:bf:87:1a:ff:cb:b9:d4:91:8a:df:75:2e:2d:60:
e0:0e:23:c7:bd:85:fc:7e:db:b6:e7:32:6b:8f:93:
53:55:bb:85:21:4c:82:39:d6:fe:b5:cf:bc:43:2a:
4a:9c:01:44:1b:c2:ce:9f:ac:3c:24:17:c6:90:9a:
6c:bd:68:6a:b5:98:a4:f9:46:2d:ff:51:d5:6e:b6:
cd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:60:FF:D9:50:9B:F5:05:D5:03:EB:E6:32:A5:6D:A3:07:58:BE:84
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sGD_2VCb9QXVA-vmMqVtowdYvoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1020::/48
2a07:3500:1ac0::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
2a07:3500:1c00::/48
2a07:3502:10e0::/48
Signature Algorithm: sha256WithRSAEncryption
44:73:a6:ed:c2:37:f0:88:9d:14:c8:a6:8c:69:e7:e9:fa:dc:
ea:c3:1e:e3:91:ff:0c:fc:85:00:95:ba:b5:c0:77:e8:72:a0:
53:64:bf:55:58:27:bf:98:c9:cb:e7:35:d6:68:5c:96:8b:80:
07:f8:80:62:3a:22:f9:67:17:c1:88:3d:b3:9f:e1:44:fb:c1:
12:15:23:8a:d0:fe:d2:cf:5b:88:e4:34:d7:71:ea:9d:26:de:
7a:ce:71:8f:ec:5d:b3:a9:8b:90:e0:44:ff:8a:06:bc:17:a4:
5b:09:cb:35:45:33:3d:b9:de:9b:e0:0d:48:2c:e2:c3:eb:b4:
c7:ae:53:4d:0f:37:40:40:00:a0:c3:9b:34:7f:9d:af:08:da:
09:1e:46:a1:e1:fd:14:96:b1:dd:68:72:65:ad:5c:44:75:0f:
06:b2:ce:6e:60:8d:87:49:64:a5:ed:f2:a5:2d:c4:88:b2:d2:
df:ee:06:51:a5:c9:8f:53:56:36:d0:f7:4b:a6:6c:6e:36:4f:
72:5d:b9:1c:90:02:fb:14:73:7d:a4:cd:00:78:89:9b:0c:53:
a1:3a:c7:13:31:cb:05:f2:22:fa:d0:bc:71:6b:64:22:04:81:
bb:94:12:99:52:dc:fd:89:d7:8d:f5:7a:43:10:d9:8a:b4:fd:
9d:01:f5:a3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYhNC5T59NtFqyy32gyve5fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwNTI0MDkxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYwZmZkOTUwOWJmNTA1ZDUwM2ViZTYzMmE1NmRhMzA3NThiZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh68oIwAXCes2i/sR2L5j6sz6RdZ6
qu3Fo747wc15TgNHgVVMGCsvu21yHZ9kHbbwt1bpCCL94u4WL9DmyQDXG5BNA0ik
8FDoAnuqkpl4U2eeGfjR4pQLUYB5fTCkHz2nkC1Tdi/jjijK/80gJRn/3bicjSLU
i6T9knWEmlb16NWm1veCp2vWoQe8eB1gdmdfIMuLf3QlYwk0wZQLeAUF471p5yUK
v3edaD1d7KZUlLcKzeW6v4ca/8u51JGK33UuLWDgDiPHvYX8ftu25zJrj5NTVbuF
IUyCOdb+tc+8QypKnAFEG8LOn6w8JBfGkJpsvWhqtZik+UYt/1HVbrbNDwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLBg/9lQm/UF1QPr5jKlbaMHWL6EMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvc0dEXzJWQ2I5UVhWQS12bU1xVnRvd2RZdm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgc1ABAg
AwcAKgc1ABrAAwcAKgc1ABswAwcAKgc1ABtIAwcAKgc1ABvAAwcAKgc1ABwAAwcA
Kgc1AhDgMA0GCSqGSIb3DQEBCwUAA4IBAQBEc6btwjfwiJ0UyKaMaefp+tzqwx7j
kf8M/IUAlbq1wHfocqBTZL9VWCe/mMnL5zXWaFyWi4AH+IBiOiL5ZxfBiD2zn+FE
+8ESFSOK0P7Sz1uI5DTXceqdJt56znGP7F2zqYuQ4ET/iga8F6RbCcs1RTM9ud6b
4A1ILOLD67THrlNNDzdAQACgw5s0f52vCNoJHkah4f0UlrHdaHJlrVxEdQ8Gss5u
YI2HSWSl7fKlLcSIstLf7gZRpcmPU1Y20PdLpmxuNk9yXbkckAL7FHN9pM0AeImb
DFOhOscTMcsF8iL60Lxxa2QiBIG7lBKZUtz9ideN9XpDENmKtP2dAfWj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org