Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/tG8DaFGFclg3Qa6BHGNF5IJ1S24.roa
File: tG8DaFGFclg3Qa6BHGNF5IJ1S24.roa (raw, json)
Hash identifier: k1jXl6DQfOC7HyhPetmpl/WXEby/zoI2Gh29QjA331U=
Subject key identifier: B4:6F:03:68:51:85:72:58:37:41:AE:81:1C:63:45:E4:82:75:4B:6E
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 01857303988AF6DC346B6642A1C8A32A5C78
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/tG8DaFGFclg3Qa6BHGNF5IJ1S24.roa
Signing time: Mon 02 Jan 2023 15:04:53 +0000
ROA not before: Mon 02 Jan 2023 15:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31458
IP address blocks: 2a01:be60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:98:8a:f6:dc:34:6b:66:42:a1:c8:a3:2a:5c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 15:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b46f0368518572583741ae811c6345e482754b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3f:dd:52:1f:09:8c:8e:67:49:00:bf:18:98:
ff:12:4b:44:37:4c:12:f8:33:1c:d9:6b:32:37:3c:
81:ee:9e:31:49:cd:8c:94:7c:f7:da:99:cc:ea:16:
38:a0:bc:c8:e6:37:9f:3e:40:ae:28:d1:c1:c5:2e:
4d:43:c5:60:24:a0:b6:b5:27:9a:58:36:92:0a:e5:
a5:9f:7d:90:51:41:58:ae:ca:80:99:17:80:66:66:
f0:c4:17:b0:88:25:b8:74:69:cd:62:e1:f1:3d:8f:
67:7c:89:aa:7e:51:12:b7:67:e9:3c:9c:02:54:8f:
a9:75:d9:d3:ca:e2:df:04:87:b3:1c:12:22:a2:5e:
13:8b:1a:57:59:fb:3d:28:f6:ad:c2:bd:aa:b4:5e:
5a:ea:bf:5d:4a:93:07:b0:0d:40:b1:3a:c3:51:16:
6f:02:2b:e3:ee:90:a6:2a:cc:9d:86:dc:5c:ce:8c:
8c:c3:e0:b6:e2:3b:48:9b:32:44:04:11:68:a6:28:
cb:dd:22:94:a5:b8:95:7c:0c:25:eb:d7:c0:39:ed:
ca:22:05:65:52:f4:f9:6a:cf:16:da:a8:89:0a:ba:
d4:ed:1e:c4:35:16:21:3f:52:51:c7:35:15:6e:11:
9d:1c:b5:4b:cd:b0:b7:65:35:97:85:78:16:83:b6:
8a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6F:03:68:51:85:72:58:37:41:AE:81:1C:63:45:E4:82:75:4B:6E
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/tG8DaFGFclg3Qa6BHGNF5IJ1S24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:be60::/32
Signature Algorithm: sha256WithRSAEncryption
b5:85:99:50:7e:98:ee:cf:ef:16:4b:5d:b7:f2:7a:1c:dc:ab:
33:e8:ce:27:5e:9e:c9:ca:fe:52:b7:ad:9b:b1:c1:3f:b8:20:
f5:d4:fa:88:89:98:ee:ff:3a:be:77:55:93:c7:bb:04:d7:5e:
69:ef:6d:a4:e1:b1:b3:b9:90:9b:7c:f8:d4:b1:9d:39:f8:23:
c7:72:d0:7e:99:ac:27:ac:d3:80:4c:f3:b5:d4:10:a5:cc:ac:
ec:9c:91:a8:44:a7:80:99:d7:64:c8:98:f5:b4:95:df:ee:48:
a5:39:ca:78:a0:1e:c0:4e:54:4f:d3:80:70:a8:e9:5e:2b:f1:
6c:27:31:65:72:77:13:fe:52:6a:a3:0b:5d:ee:c6:03:f0:ee:
83:ea:96:d0:bd:ec:01:86:7c:25:7a:51:3e:83:6f:5f:3f:d2:
d9:41:d6:b7:42:e0:27:44:58:a5:97:03:c6:32:be:e8:2e:c5:
ef:d7:87:81:00:7b:83:82:05:26:2b:ba:a3:14:fc:15:54:6c:
d4:71:e0:04:5d:13:31:3d:d4:3c:44:76:a6:63:ac:f3:45:08:
26:b7:d0:46:de:b0:a2:7d:71:22:1b:c3:45:5c:81:41:2c:2d:
5b:4c:da:71:cc:a5:c2:fe:c8:ca:34:35:56:fe:09:2c:57:2d:
99:b2:1b:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVzA5iK9tw0a2ZCocijKlx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwMTAyMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZmMDM2ODUxODU3MjU4Mzc0MWFlODExYzYzNDVlNDgyNzU0YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T/dUh8JjI5nSQC/GJj/EktEN0wS
+DMc2WsyNzyB7p4xSc2MlHz32pnM6hY4oLzI5jefPkCuKNHBxS5NQ8VgJKC2tSea
WDaSCuWln32QUUFYrsqAmReAZmbwxBewiCW4dGnNYuHxPY9nfImqflESt2fpPJwC
VI+pddnTyuLfBIezHBIiol4TixpXWfs9KPatwr2qtF5a6r9dSpMHsA1AsTrDURZv
Aivj7pCmKsydhtxczoyMw+C24jtImzJEBBFopijL3SKUpbiVfAwl69fAOe3KIgVl
UvT5as8W2qiJCrrU7R7ENRYhP1JRxzUVbhGdHLVLzbC3ZTWXhXgWg7aKVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLRvA2hRhXJYN0GugRxjReSCdUtuMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvdEc4RGFGR0ZjbGczUWE2QkhHTkY1SUoxUzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgG+YDAN
BgkqhkiG9w0BAQsFAAOCAQEAtYWZUH6Y7s/vFktdt/J6HNyrM+jOJ16eycr+Uret
m7HBP7gg9dT6iImY7v86vndVk8e7BNdeae9tpOGxs7mQm3z41LGdOfgjx3LQfpms
J6zTgEzztdQQpcys7JyRqESngJnXZMiY9bSV3+5IpTnKeKAewE5UT9OAcKjpXivx
bCcxZXJ3E/5SaqMLXe7GA/Dug+qW0L3sAYZ8JXpRPoNvXz/S2UHWt0LgJ0RYpZcD
xjK+6C7F79eHgQB7g4IFJiu6oxT8FVRs1HHgBF0TMT3UPER2pmOs80UIJrfQRt6w
on1xIhvDRVyBQSwtW0zaccylwv7IyjQ1Vv4JLFctmbIblA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:35 2024 by rpki-client on console-fra.rpki-client.org