Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GpBZH9n2R35qf6EkEQkNco7l0l4.roa
File: GpBZH9n2R35qf6EkEQkNco7l0l4.roa (raw, json)
Hash identifier: M/wYKAMNl1iZVGzLdR4qoQKoYJqG2c6H/aOBVAyfa/Q=
Subject key identifier: 1A:90:59:1F:D9:F6:47:7E:6A:7F:A1:24:11:09:0D:72:8E:E5:D2:5E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53FFC05DC58BD6B08416E34D7C9C60
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GpBZH9n2R35qf6EkEQkNco7l0l4.roa
Signing time: Sun 01 Jan 2023 07:55:22 +0000
ROA not before: Sun 01 Jan 2023 07:55:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60068
IP address blocks: 45.138.211.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ff:c0:5d:c5:8b:d6:b0:84:16:e3:4d:7c:9c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a90591fd9f6477e6a7fa12411090d728ee5d25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:54:a5:b3:bd:d2:ae:11:e1:d0:05:af:db:67:
5d:de:22:31:a6:7d:e6:4b:61:ac:8d:14:9b:b0:2f:
e4:00:af:20:b2:54:56:94:e7:aa:87:d3:6c:26:26:
f4:c4:6c:0f:1d:6d:10:02:1c:13:5c:15:81:18:16:
1b:8c:fc:ca:18:75:66:8d:a0:1b:ed:71:ff:f4:79:
d4:da:cc:c3:7f:20:39:85:7c:55:2e:32:ea:cd:7d:
39:04:c7:c0:f7:83:ea:23:8b:0f:77:b9:96:b2:7c:
c8:fb:58:fd:fc:ff:8d:fa:aa:d7:ac:d6:f1:a4:55:
9c:56:bb:4c:9e:97:0a:97:d4:d3:c5:c5:05:fd:c4:
f7:17:46:90:1f:e7:fe:d4:f2:d3:bc:f9:3f:06:21:
d2:4d:a4:95:90:99:79:b9:92:71:c4:54:72:d9:57:
61:6d:56:91:e7:e8:69:96:85:eb:cc:ae:54:db:ff:
9d:06:df:ea:07:96:df:18:97:be:39:21:87:d6:27:
c7:62:3c:39:e1:03:0c:49:af:12:0d:2b:65:fc:68:
1e:9d:cc:0d:b9:49:5c:b0:6f:f1:4d:57:a6:5f:e4:
64:14:0c:95:40:82:1a:60:96:1c:ce:22:d0:79:6d:
04:09:d4:28:86:88:69:94:e4:a2:af:7b:ef:61:b2:
ca:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:90:59:1F:D9:F6:47:7E:6A:7F:A1:24:11:09:0D:72:8E:E5:D2:5E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GpBZH9n2R35qf6EkEQkNco7l0l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.211.0/24
Signature Algorithm: sha256WithRSAEncryption
00:20:72:b5:dc:6c:54:1c:7c:13:f3:cc:83:b7:c3:98:05:88:
66:4f:8f:99:69:20:c1:0f:73:fb:87:e7:3d:c6:1e:25:dd:07:
a8:b6:7e:67:3c:ea:ba:96:99:69:89:9f:98:18:27:27:4c:58:
de:c0:e5:f3:42:c0:bc:87:23:94:81:08:cc:91:f9:0e:29:cd:
0d:8e:93:f1:6c:73:9e:12:5e:ef:40:82:da:19:c2:18:31:e2:
25:e4:d0:38:fc:c5:de:ac:e7:9c:18:b8:2c:9b:14:aa:b1:0c:
36:f7:92:f3:14:5a:6a:6a:c0:c9:77:8e:e2:fd:3a:a8:fe:94:
28:ea:f4:51:85:99:15:d8:d9:de:08:be:96:c7:ef:aa:5e:67:
d8:8d:b9:52:ea:ed:ce:a8:06:d6:9b:05:88:cf:36:a9:16:a2:
98:21:8f:cd:72:9d:21:aa:28:f4:f8:f3:60:04:75:d6:74:38:
1f:93:aa:73:ef:e4:a8:62:30:45:5d:5c:8c:8d:9a:f4:e9:c9:
8e:e4:7d:d4:b9:59:28:a7:51:fc:eb:af:f4:1f:76:39:30:d7:
63:77:26:1e:fc:8e:87:4f:07:db:a0:82:f4:e1:38:c3:08:c5:
4f:22:d7:29:55:4c:b5:d7:41:74:bf:20:b8:22:4b:ef:5c:25:
b1:09:aa:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU//AXcWL1rCEFuNNfJxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkwNTkxZmQ5ZjY0NzdlNmE3ZmExMjQxMTA5MGQ3MjhlZTVkMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1Sls73SrhHh0AWv22dd3iIxpn3m
S2GsjRSbsC/kAK8gslRWlOeqh9NsJib0xGwPHW0QAhwTXBWBGBYbjPzKGHVmjaAb
7XH/9HnU2szDfyA5hXxVLjLqzX05BMfA94PqI4sPd7mWsnzI+1j9/P+N+qrXrNbx
pFWcVrtMnpcKl9TTxcUF/cT3F0aQH+f+1PLTvPk/BiHSTaSVkJl5uZJxxFRy2Vdh
bVaR5+hploXrzK5U2/+dBt/qB5bfGJe+OSGH1ifHYjw54QMMSa8SDStl/GgencwN
uUlcsG/xTVemX+RkFAyVQIIaYJYcziLQeW0ECdQohohplOSir3vvYbLKxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqQWR/Z9kd+an+hJBEJDXKO5dJeMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvR3BCWkg5bjJSMzVxZjZFa0VRa05jbzdsMGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYrTMA0G
CSqGSIb3DQEBCwUAA4IBAQAAIHK13GxUHHwT88yDt8OYBYhmT4+ZaSDBD3P7h+c9
xh4l3Qeotn5nPOq6lplpiZ+YGCcnTFjewOXzQsC8hyOUgQjMkfkOKc0NjpPxbHOe
El7vQILaGcIYMeIl5NA4/MXerOecGLgsmxSqsQw295LzFFpqasDJd47i/Tqo/pQo
6vRRhZkV2NneCL6Wx++qXmfYjblS6u3OqAbWmwWIzzapFqKYIY/Ncp0hqij0+PNg
BHXWdDgfk6pz7+SoYjBFXVyMjZr06cmO5H3UuVkop1H866/0H3Y5MNdjdyYe/I6H
TwfboIL04TjDCMVPItcpVUy110F0vyC4IkvvXCWxCarI
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org