Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/_gbKHPxuzFbLzmsRVNkhtwVFqNI.roa
File: _gbKHPxuzFbLzmsRVNkhtwVFqNI.roa (raw, json)
Hash identifier: SCGcZ3zhE4RkJEGlL/SymKci/UuzBhGEDYAP4hwLyGw=
Subject key identifier: FE:06:CA:1C:FC:6E:CC:56:CB:CE:6B:11:54:D9:21:B7:05:45:A8:D2
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018925241AAAD43E6CEDB0403F66C8EF559A
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/_gbKHPxuzFbLzmsRVNkhtwVFqNI.roa
Signing time: Wed 05 Jul 2023 08:21:10 +0000
ROA not before: Wed 05 Jul 2023 08:21:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59538
IP address blocks: 185.0.34.0/24 maxlen: 24
2a0f:7800::/31 maxlen: 48
Validation: Failed, certificate revoked on Fri 04 Aug 2023 18:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:24:1a:aa:d4:3e:6c:ed:b0:40:3f:66:c8:ef:55:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jul 5 08:21:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe06ca1cfc6ecc56cbce6b1154d921b70545a8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2e:f1:2e:28:0a:c7:1d:6a:8d:fb:b0:4b:de:
a9:06:52:71:c8:e6:4f:48:0a:7c:90:52:18:78:5a:
67:2a:0f:98:46:46:da:18:bd:5f:78:ff:bc:c4:10:
8a:e2:5d:ba:09:54:8a:e4:74:c3:bb:8b:a3:18:a5:
7a:c8:d9:b2:6c:40:bb:e3:b9:96:c1:87:d8:99:ee:
1d:b6:bf:bf:a4:a3:07:09:74:c8:88:b1:e1:35:b2:
d5:7b:4c:7f:61:0f:68:f0:f5:5d:66:7e:0b:70:1c:
f3:32:83:3c:dd:c8:75:4b:03:ae:c8:61:51:82:f0:
27:3f:ef:55:2d:7d:8e:cd:f4:1a:5b:dc:22:d9:0f:
96:bd:8c:6e:d8:35:f5:14:5d:66:1c:3e:97:15:08:
ca:e7:b7:91:67:66:57:23:03:5e:36:a9:64:3f:ab:
b3:c0:49:a9:46:57:27:25:50:d2:9d:ac:0c:92:74:
2e:e3:c7:e8:2c:6f:19:ee:49:ce:66:70:a3:1a:0e:
82:66:78:48:84:9d:16:82:01:45:69:30:4b:a5:6a:
f0:0e:de:f0:ab:02:da:1c:b6:6f:78:68:17:a0:f3:
0d:a3:86:a3:6e:80:17:4a:a7:11:b3:62:03:f4:de:
60:b8:ff:18:9d:40:41:ed:e8:2a:97:20:6d:79:b4:
21:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:06:CA:1C:FC:6E:CC:56:CB:CE:6B:11:54:D9:21:B7:05:45:A8:D2
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/_gbKHPxuzFbLzmsRVNkhtwVFqNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.0.34.0/24
IPv6:
2a0f:7800::/31
Signature Algorithm: sha256WithRSAEncryption
43:93:5f:36:9c:5a:bf:a8:97:43:8c:1f:c6:48:12:0e:6d:66:
54:4a:ef:50:84:d4:b0:5f:57:56:54:b7:e3:7f:76:8b:8d:fc:
98:79:fd:af:64:ad:65:c7:e8:6c:8e:85:2d:96:b1:79:e3:f1:
b9:4d:68:35:7d:9f:5d:52:1a:c3:f8:1d:05:46:fc:2e:16:2b:
f5:2a:65:3a:1f:6e:18:af:b3:20:49:ae:8a:60:f6:62:27:f0:
c5:d9:4a:17:d5:6e:d6:7e:b0:7b:dd:e9:99:cd:00:f1:dd:72:
7a:16:1a:92:ae:b8:99:a8:2b:11:60:5b:26:61:b0:cb:b3:fe:
e7:f4:91:27:27:0f:57:50:98:b3:4e:50:38:e5:05:31:e8:4e:
9e:29:7f:be:4a:ad:d9:b9:ef:60:3d:d5:d2:9a:2d:46:78:e6:
e1:52:c5:3a:ef:3b:0f:10:9c:4b:0b:a3:6c:1d:bf:a1:0f:da:
c7:05:b7:14:d8:9a:5a:bb:eb:d6:6d:7a:c6:19:af:83:a8:2a:
1d:2b:32:cc:40:1d:dc:1f:3c:d1:c2:3e:17:95:08:0d:b3:72:
8c:6f:0f:e4:10:4f:61:ad:b7:07:05:f9:22:eb:64:a9:86:35:
0c:aa:6d:b7:a1:51:79:cf:12:23:fc:29:a7:10:ba:71:cf:c3:
2d:6a:d5:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYklJBqq1D5s7bBAP2bI71WaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMwNzA1MDgyMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA2Y2ExY2ZjNmVjYzU2Y2JjZTZiMTE1NGQ5MjFiNzA1NDVhOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii7xLigKxx1qjfuwS96pBlJxyOZP
SAp8kFIYeFpnKg+YRkbaGL1feP+8xBCK4l26CVSK5HTDu4ujGKV6yNmybEC747mW
wYfYme4dtr+/pKMHCXTIiLHhNbLVe0x/YQ9o8PVdZn4LcBzzMoM83ch1SwOuyGFR
gvAnP+9VLX2OzfQaW9wi2Q+WvYxu2DX1FF1mHD6XFQjK57eRZ2ZXIwNeNqlkP6uz
wEmpRlcnJVDSnawMknQu48foLG8Z7knOZnCjGg6CZnhIhJ0WggFFaTBLpWrwDt7w
qwLaHLZveGgXoPMNo4ajboAXSqcRs2ID9N5guP8YnUBB7egqlyBtebQhKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP4Gyhz8bsxWy85rEVTZIbcFRajSMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvX2diS0hQeHV6RmJMem1zUlZOa2h0d1ZGcU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQAiMA0E
AgACMAcDBQEqD3gAMA0GCSqGSIb3DQEBCwUAA4IBAQBDk182nFq/qJdDjB/GSBIO
bWZUSu9QhNSwX1dWVLfjf3aLjfyYef2vZK1lx+hsjoUtlrF54/G5TWg1fZ9dUhrD
+B0FRvwuFiv1KmU6H24Yr7MgSa6KYPZiJ/DF2UoX1W7WfrB73emZzQDx3XJ6FhqS
rriZqCsRYFsmYbDLs/7n9JEnJw9XUJizTlA45QUx6E6eKX++Sq3Zue9gPdXSmi1G
eObhUsU67zsPEJxLC6NsHb+hD9rHBbcU2Jpau+vWbXrGGa+DqCodKzLMQB3cHzzR
wj4XlQgNs3KMbw/kEE9hrbcHBfki62SphjUMqm23oVF5zxIj/CmnELpxz8MtatWw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:29 2024 by rpki-client on console-fra.rpki-client.org