Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/GonyT8DkhA9YDcBHWsLKxq69kWE.roa
File: GonyT8DkhA9YDcBHWsLKxq69kWE.roa (raw, json)
Hash identifier: Pjd/M8QJg8yxdmVJdS9lySlvNHstzLNmJtgkR1ISEdM=
Subject key identifier: 1A:89:F2:4F:C0:E4:84:0F:58:0D:C0:47:5A:C2:CA:C6:AE:BD:91:61
Certificate issuer: /CN=e81393bdff601462a55591d26acb3d8c923ff26d
Certificate serial: 018BD986083E1A602FFB3AFEF0B9DA2F2D26
Authority key identifier: E8:13:93:BD:FF:60:14:62:A5:55:91:D2:6A:CB:3D:8C:92:3F:F2:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6BOTvf9gFGKlVZHSass9jJI_8m0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/GonyT8DkhA9YDcBHWsLKxq69kWE.roa
Signing time: Thu 16 Nov 2023 19:05:21 +0000
ROA not before: Thu 16 Nov 2023 19:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213373
IP address blocks: 149.3.170.0/24 maxlen: 24
2.56.10.0/24 maxlen: 24
2a10:5fc0::/32 maxlen: 32
2a10:5fc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d9:86:08:3e:1a:60:2f:fb:3a:fe:f0:b9:da:2f:2d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e81393bdff601462a55591d26acb3d8c923ff26d
Validity
Not Before: Nov 16 19:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a89f24fc0e4840f580dc0475ac2cac6aebd9161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:32:e9:94:17:ac:40:9e:22:e2:f0:e1:a7:2d:
3c:a4:a9:9e:e3:fa:ed:e9:b4:5c:6d:81:37:21:b7:
43:35:5d:ba:91:f4:df:11:7e:76:65:4f:48:e3:87:
33:d9:44:77:f7:9f:2a:68:4b:ef:07:77:54:6d:ed:
cf:9f:41:f2:b0:72:ca:2c:78:e2:5d:cb:91:ac:f6:
92:69:bd:9d:c6:d0:14:6e:db:c3:93:7e:9a:39:49:
9e:e7:a4:65:eb:eb:71:77:60:ba:4b:41:ea:ec:aa:
f4:fc:17:aa:29:3c:d8:57:27:02:0f:55:56:c7:11:
05:5f:9e:8e:64:20:4e:4d:1d:3b:0c:fd:5d:c7:97:
9e:bb:0d:2c:66:e5:78:0c:7e:d2:fe:be:1c:5d:a7:
fd:82:9e:f5:b4:e3:3f:9f:f8:74:32:ee:10:81:63:
af:66:00:c5:f2:0b:03:6b:f6:e0:6f:7f:54:f4:7c:
b7:5a:da:6c:38:5a:e0:72:11:53:47:bf:c5:f7:20:
8c:ad:ad:cd:16:e8:4a:6e:8d:ea:f5:1e:9f:ec:1c:
a3:11:6d:6b:9e:ee:dd:b6:9e:54:7d:9b:10:0d:e4:
68:26:74:62:3c:65:b1:99:2b:47:d3:ce:48:2d:da:
d0:00:41:6a:51:3f:05:f3:0d:3d:f0:85:81:0c:26:
39:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:89:F2:4F:C0:E4:84:0F:58:0D:C0:47:5A:C2:CA:C6:AE:BD:91:61
X509v3 Authority Key Identifier:
keyid:E8:13:93:BD:FF:60:14:62:A5:55:91:D2:6A:CB:3D:8C:92:3F:F2:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BOTvf9gFGKlVZHSass9jJI_8m0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/GonyT8DkhA9YDcBHWsLKxq69kWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/6BOTvf9gFGKlVZHSass9jJI_8m0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.10.0/24
149.3.170.0/24
IPv6:
2a10:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:c8:f7:d6:3d:81:e5:f8:d9:59:0b:b2:d6:24:65:e3:3c:6c:
15:d2:dc:d6:ca:35:a2:da:9f:ef:f1:8f:0e:96:de:2b:4e:d5:
a0:68:4b:0b:61:28:ba:4c:ce:40:97:d4:8a:96:f7:9a:b5:32:
35:6a:6b:e4:3d:0a:e6:5c:26:54:34:ba:ce:2e:40:ee:ea:61:
55:e2:1b:c6:29:2d:b7:5b:30:4e:31:b0:05:28:c0:68:8e:ff:
89:ba:5f:c5:6c:e6:22:f5:8f:55:a9:66:9e:8a:4c:3b:5c:a6:
5c:11:c3:92:25:02:91:58:20:db:58:67:f0:98:80:37:ba:1a:
8d:e5:7f:ab:75:ed:fb:ff:13:98:ef:68:c0:a4:e8:2f:d0:f5:
4d:d9:5d:15:b1:eb:01:9b:a1:6a:c4:42:28:17:79:99:42:37:
bc:d3:f2:e2:5b:24:ac:10:90:a8:ec:c8:96:e4:40:42:89:f3:
4a:97:fd:0e:a8:4d:79:a7:26:d2:30:9e:90:b2:a3:13:4c:77:
bb:f2:24:22:54:24:b3:c7:10:22:5c:4d:c6:4d:4c:e4:02:8e:
b2:d3:10:84:d1:ad:ff:d5:6a:40:6c:d4:a5:df:46:37:e7:0d:
7e:5b:f4:68:48:3a:13:01:63:73:80:fe:a6:e2:48:99:72:c8:
6f:4c:59:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYvZhgg+GmAv+zr+8LnaLy0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTM5M2JkZmY2MDE0NjJhNTU1OTFkMjZhY2IzZDhjOTIz
ZmYyNmQwHhcNMjMxMTE2MTkwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg5ZjI0ZmMwZTQ4NDBmNTgwZGMwNDc1YWMyY2FjNmFlYmQ5MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzLplBesQJ4i4vDhpy08pKme4/rt
6bRcbYE3IbdDNV26kfTfEX52ZU9I44cz2UR3958qaEvvB3dUbe3Pn0HysHLKLHji
XcuRrPaSab2dxtAUbtvDk36aOUme56Rl6+txd2C6S0Hq7Kr0/BeqKTzYVycCD1VW
xxEFX56OZCBOTR07DP1dx5eeuw0sZuV4DH7S/r4cXaf9gp71tOM/n/h0Mu4QgWOv
ZgDF8gsDa/bgb39U9Hy3WtpsOFrgchFTR7/F9yCMra3NFuhKbo3q9R6f7ByjEW1r
nu7dtp5UfZsQDeRoJnRiPGWxmStH085ILdrQAEFqUT8F8w098IWBDCY5LwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBqJ8k/A5IQPWA3AR1rCysauvZFhMB8GA1UdIwQY
MBaAFOgTk73/YBRipVWR0mrLPYySP/JtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJPVHZmOWdGR0tsVlpIU2FzczlqSklfOG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iZDAzODQtODA1ZC00OGExLWJmMDkt
M2MxNDYyMWVjZmM1LzEvR29ueVQ4RGtoQTlZRGNCSFdzTEt4cTY5a1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iZDAzODQtODA1ZC00OGExLWJmMDktM2MxNDYyMWVjZmM1
LzEvNkJPVHZmOWdGR0tsVlpIU2FzczlqSklfOG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAAjgKAwQA
lQOqMA0EAgACMAcDBQMqEF/AMA0GCSqGSIb3DQEBCwUAA4IBAQB6yPfWPYHl+NlZ
C7LWJGXjPGwV0tzWyjWi2p/v8Y8Olt4rTtWgaEsLYSi6TM5Al9SKlveatTI1amvk
PQrmXCZUNLrOLkDu6mFV4hvGKS23WzBOMbAFKMBojv+Jul/FbOYi9Y9VqWaeikw7
XKZcEcOSJQKRWCDbWGfwmIA3uhqN5X+rde37/xOY72jApOgv0PVN2V0VsesBm6Fq
xEIoF3mZQje80/LiWySsEJCo7MiW5EBCifNKl/0OqE15pybSMJ6QsqMTTHe78iQi
VCSzxxAiXE3GTUzkAo6y0xCE0a3/1WpAbNSl30Y35w1+W/RoSDoTAWNzgP6m4kiZ
cshvTFki
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:46 2024 by rpki-client on console-fra.rpki-client.org