Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/gu67PzAJpjtW2nYGjtlMOWC4eCQ.roa
File: gu67PzAJpjtW2nYGjtlMOWC4eCQ.roa (raw, json)
Hash identifier: 07ndVNK0ZGQ1m3AFMETjGDoGi5VAIXkI7Oed3caE2Yg=
Subject key identifier: 82:EE:BB:3F:30:09:A6:3B:56:DA:76:06:8E:D9:4C:39:60:B8:78:24
Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial: 01856F5DF266B490E0D9AD54B77CFC5FD00D
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/gu67PzAJpjtW2nYGjtlMOWC4eCQ.roa
Signing time: Sun 01 Jan 2023 22:05:05 +0000
ROA not before: Sun 01 Jan 2023 22:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207158
IP address blocks: 2a0b:1c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f2:66:b4:90:e0:d9:ad:54:b7:7c:fc:5f:d0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Validity
Not Before: Jan 1 22:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82eebb3f3009a63b56da76068ed94c3960b87824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a0:ed:ce:ed:71:65:58:07:4d:fe:67:7f:ee:
d4:70:ef:d1:7a:69:95:35:60:c2:62:84:c9:4d:53:
03:74:27:eb:b9:fa:b9:7b:bf:40:29:90:52:17:26:
f3:ce:47:84:e5:f8:2a:3c:de:68:7c:d4:7f:45:19:
cd:d0:67:af:7e:c8:b3:3d:fc:15:79:7d:7a:16:74:
f7:c4:b7:b4:80:59:aa:6f:e4:fa:aa:18:7b:1f:13:
7c:c6:ca:3b:77:50:19:1f:f8:41:94:a8:ef:8d:0f:
31:37:6f:c7:4c:62:dc:16:37:0f:fa:7a:9f:91:2b:
3c:f8:a9:e1:ff:68:79:4f:98:94:17:76:99:75:22:
35:c6:c0:a9:62:61:9e:e3:d2:73:9d:77:d3:4c:1c:
77:5b:9a:f5:99:4f:88:40:09:6f:27:4b:ff:db:a4:
1a:36:f9:2b:2d:91:a8:92:d3:83:4c:28:b8:02:d5:
c8:16:64:50:6f:1b:d6:3f:2c:3a:5d:a2:e3:4a:a7:
d3:62:1c:bb:20:be:a5:2b:40:f7:44:bf:ff:19:c0:
e2:cf:20:68:fb:a6:a3:d9:b7:87:e6:e7:9d:15:6f:
58:6c:cd:b3:b1:ac:5d:3a:de:70:14:5e:4f:19:82:
11:35:48:e8:e4:7e:e1:42:78:83:a5:5c:be:0b:8d:
d1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:EE:BB:3F:30:09:A6:3B:56:DA:76:06:8E:D9:4C:39:60:B8:78:24
X509v3 Authority Key Identifier:
keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/gu67PzAJpjtW2nYGjtlMOWC4eCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
bc:7f:94:4a:f6:63:b6:47:ea:3a:c6:73:08:c3:e0:3e:c2:d3:
84:ae:0e:af:5e:a5:39:b3:6f:dc:22:ac:dc:5d:a2:64:f9:69:
2b:95:e9:c9:cc:68:7b:a0:d1:c0:ee:e4:1e:05:40:22:1f:26:
c6:cb:0c:e8:c1:17:cd:e0:49:24:5e:5c:e5:a1:04:32:87:e2:
4c:eb:c6:31:b5:59:8d:59:56:ba:44:7a:2e:d9:70:3a:f7:a7:
73:4f:b4:f9:0f:9c:66:4c:5f:89:86:6e:a2:31:31:7c:e0:26:
46:65:7b:02:7d:47:48:2c:46:7f:94:df:68:27:3e:ab:07:c5:
45:78:e2:14:5f:5a:da:e1:96:ca:4c:c0:bd:ce:54:31:63:ce:
7c:2d:f6:76:0f:15:48:ef:62:17:1c:4b:3f:2e:ea:1b:fd:d8:
8f:8a:f5:5e:d4:18:25:06:0d:43:65:a4:b7:c6:ee:d8:af:46:
ec:63:39:98:58:eb:3f:ae:8a:c3:cb:fc:15:9b:06:c9:fa:4a:
0b:32:f9:4e:d2:d6:73:f8:d0:00:c8:00:d2:82:ea:5b:c3:0b:
cd:48:08:b7:27:06:c8:96:d3:91:e5:26:a6:32:bb:3b:46:99:
23:b1:aa:67:fd:8b:0b:50:31:0b:1a:60:83:31:6a:07:f5:ef:
8b:87:05:47
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvXfJmtJDg2a1Ut3z8X9ANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGVjNGE0NmE2ZTZlNGY5YTkyZDBiYTJlMGIzYWI1NjU4
YmUxYmQwHhcNMjMwMTAxMjIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmVlYmIzZjMwMDlhNjNiNTZkYTc2MDY4ZWQ5NGMzOTYwYjg3ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Dtzu1xZVgHTf5nf+7UcO/RemmV
NWDCYoTJTVMDdCfrufq5e79AKZBSFybzzkeE5fgqPN5ofNR/RRnN0GevfsizPfwV
eX16FnT3xLe0gFmqb+T6qhh7HxN8xso7d1AZH/hBlKjvjQ8xN2/HTGLcFjcP+nqf
kSs8+Knh/2h5T5iUF3aZdSI1xsCpYmGe49JznXfTTBx3W5r1mU+IQAlvJ0v/26Qa
NvkrLZGoktODTCi4AtXIFmRQbxvWPyw6XaLjSqfTYhy7IL6lK0D3RL//GcDizyBo
+6aj2beH5uedFW9YbM2zsaxdOt5wFF5PGYIRNUjo5H7hQniDpVy+C43RWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFILuuz8wCaY7Vtp2Bo7ZTDlguHgkMB8GA1UdIwQY
MBaAFP/exKRqbm5PmpLQui4LOrVli+G9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEt
N2U4YzZkNGQ5YmVmLzEvZ3U2N1B6QUpwanRXMm5ZR2p0bE1PV0M0ZUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEtN2U4YzZkNGQ5YmVm
LzEvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgscADAN
BgkqhkiG9w0BAQsFAAOCAQEAvH+USvZjtkfqOsZzCMPgPsLThK4Or16lObNv3CKs
3F2iZPlpK5Xpycxoe6DRwO7kHgVAIh8mxssM6MEXzeBJJF5c5aEEMofiTOvGMbVZ
jVlWukR6LtlwOvenc0+0+Q+cZkxfiYZuojExfOAmRmV7An1HSCxGf5TfaCc+qwfF
RXjiFF9a2uGWykzAvc5UMWPOfC32dg8VSO9iFxxLPy7qG/3Yj4r1XtQYJQYNQ2Wk
t8bu2K9G7GM5mFjrP66Kw8v8FZsGyfpKCzL5TtLWc/jQAMgA0oLqW8MLzUgItycG
yJbTkeUmpjK7O0aZI7GqZ/2LC1AxCxpggzFqB/Xvi4cFRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:52 2024 by rpki-client on console-ams.rpki-client.org