Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/GhM4a41oHLg8I-DAA6PoayLVcOg.roa
File: GhM4a41oHLg8I-DAA6PoayLVcOg.roa (raw, json)
Hash identifier: HmddoeoTZGJdZ/9la6PaS6dmCzSTFw8e3mhPewP0Bsc=
Subject key identifier: 1A:13:38:6B:8D:68:1C:B8:3C:23:E0:C0:03:A3:E8:6B:22:D5:70:E8
Certificate issuer: /CN=4ccc60495b2a34d89211cc1c79524eab61ba1656
Certificate serial: 01857015074D148DDFC84DD9DC1565EB4FC4
Authority key identifier: 4C:CC:60:49:5B:2A:34:D8:92:11:CC:1C:79:52:4E:AB:61:BA:16:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TMxgSVsqNNiSEcwceVJOq2G6FlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/GhM4a41oHLg8I-DAA6PoayLVcOg.roa
Signing time: Mon 02 Jan 2023 01:25:04 +0000
ROA not before: Mon 02 Jan 2023 01:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 2a04:16c0:200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:07:4d:14:8d:df:c8:4d:d9:dc:15:65:eb:4f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ccc60495b2a34d89211cc1c79524eab61ba1656
Validity
Not Before: Jan 2 01:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a13386b8d681cb83c23e0c003a3e86b22d570e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:18:9d:df:ed:03:7b:ce:ae:e3:c1:cb:47:53:
28:41:11:8c:b8:e2:13:2f:06:06:3c:88:ed:22:3c:
19:c1:66:4a:b3:4a:53:0c:05:ba:5d:ef:b5:ae:37:
ac:fd:0d:52:5b:0d:ac:14:41:4d:4d:c2:8a:01:2a:
27:7a:5b:54:b6:65:23:74:04:1c:05:0c:7e:78:aa:
09:dc:7b:82:af:fd:e3:84:bb:99:79:5f:8d:70:95:
34:96:8c:ee:96:40:19:76:70:7a:38:6b:3e:70:dd:
83:bc:46:65:99:9a:48:b7:7d:74:c0:8c:55:f2:81:
84:16:d6:60:34:22:5b:f3:10:4c:57:5d:32:eb:7f:
b3:a5:60:a5:8d:10:37:56:f1:46:3f:af:e5:84:e9:
2d:8e:bf:c5:1c:29:7c:09:2b:3b:5b:a2:97:9e:d2:
21:a9:0e:87:9f:ff:8d:ad:22:f9:6c:03:e1:12:06:
19:46:37:1b:b2:60:ff:76:0f:7e:18:7c:2f:63:64:
2b:57:02:fa:65:e4:68:9f:03:01:f2:74:80:fb:33:
e2:0b:b2:23:2e:2c:16:fe:21:40:14:a5:6c:3f:bc:
30:ad:3e:50:14:dc:04:a0:fb:50:5d:ed:a6:67:4c:
82:29:fa:39:6e:c1:95:12:cb:94:ce:d7:bd:b8:59:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:13:38:6B:8D:68:1C:B8:3C:23:E0:C0:03:A3:E8:6B:22:D5:70:E8
X509v3 Authority Key Identifier:
keyid:4C:CC:60:49:5B:2A:34:D8:92:11:CC:1C:79:52:4E:AB:61:BA:16:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TMxgSVsqNNiSEcwceVJOq2G6FlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/GhM4a41oHLg8I-DAA6PoayLVcOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/151c6c-617c-4643-9f6e-69809d8b9c20/1/TMxgSVsqNNiSEcwceVJOq2G6FlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:16c0:200::/48
Signature Algorithm: sha256WithRSAEncryption
b6:98:90:aa:33:2b:dc:7c:24:7e:b3:fa:fc:23:2f:5f:77:4a:
7a:59:1e:ea:88:d2:88:dc:21:2d:18:8b:ec:9c:1f:6d:f8:0d:
51:4a:b7:69:ac:7e:c7:35:d9:11:d1:cf:51:2b:11:7a:a5:2a:
40:59:20:2d:99:26:38:13:ce:a6:45:12:d8:b3:0f:dd:69:c5:
d5:9d:f3:34:3f:e5:10:83:9f:88:cf:95:c8:30:0c:d1:92:4b:
61:61:34:c4:f5:f8:2c:d1:10:30:9b:66:f5:92:2c:7d:20:0d:
0c:bf:9a:10:59:73:5f:66:a0:d6:94:39:38:a0:54:f3:3c:5c:
41:a0:f1:8b:00:ad:ea:0f:b5:ca:7a:bb:9c:97:18:ca:e0:ae:
d0:df:59:65:df:0c:0b:be:d2:49:0e:fe:bb:d7:37:b2:08:74:
69:5d:ec:b2:69:b4:89:e0:03:18:c7:ec:9e:1d:57:9e:f1:de:
94:db:91:71:8a:ac:bd:8a:8b:5f:ac:0e:ab:78:5a:6d:9d:eb:
92:e6:40:d6:0d:af:0e:63:9f:3b:48:5a:49:be:7a:7d:42:90:
fc:ab:26:81:7a:df:4c:5a:34:04:7f:bc:99:31:df:eb:ae:f5:
a0:c1:1b:e5:74:c4:2b:3f:d3:83:7e:ce:ca:0c:c8:36:3a:e6:
f4:ec:56:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwFQdNFI3fyE3Z3BVl60/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjY2M2MDQ5NWIyYTM0ZDg5MjExY2MxYzc5NTI0ZWFiNjFi
YTE2NTYwHhcNMjMwMTAyMDEyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTEzMzg2YjhkNjgxY2I4M2MyM2UwYzAwM2EzZTg2YjIyZDU3MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRid3+0De86u48HLR1MoQRGMuOIT
LwYGPIjtIjwZwWZKs0pTDAW6Xe+1rjes/Q1SWw2sFEFNTcKKASoneltUtmUjdAQc
BQx+eKoJ3HuCr/3jhLuZeV+NcJU0lozulkAZdnB6OGs+cN2DvEZlmZpIt310wIxV
8oGEFtZgNCJb8xBMV10y63+zpWCljRA3VvFGP6/lhOktjr/FHCl8CSs7W6KXntIh
qQ6Hn/+NrSL5bAPhEgYZRjcbsmD/dg9+GHwvY2QrVwL6ZeRonwMB8nSA+zPiC7Ij
LiwW/iFAFKVsP7wwrT5QFNwEoPtQXe2mZ0yCKfo5bsGVEsuUzte9uFnZFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBoTOGuNaBy4PCPgwAOj6Gsi1XDoMB8GA1UdIwQY
MBaAFEzMYElbKjTYkhHMHHlSTqthuhZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE14Z1NWc3FOTmlTRWN3Y2VWSk9xMkc2RmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNTFjNmMtNjE3Yy00NjQzLTlmNmUt
Njk4MDlkOGI5YzIwLzEvR2hNNGE0MW9ITGc4SS1EQUE2UG9heUxWY09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNTFjNmMtNjE3Yy00NjQzLTlmNmUtNjk4MDlkOGI5YzIw
LzEvVE14Z1NWc3FOTmlTRWN3Y2VWSk9xMkc2RmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgQWwAIA
MA0GCSqGSIb3DQEBCwUAA4IBAQC2mJCqMyvcfCR+s/r8Iy9fd0p6WR7qiNKI3CEt
GIvsnB9t+A1RSrdprH7HNdkR0c9RKxF6pSpAWSAtmSY4E86mRRLYsw/dacXVnfM0
P+UQg5+Iz5XIMAzRkkthYTTE9fgs0RAwm2b1kix9IA0Mv5oQWXNfZqDWlDk4oFTz
PFxBoPGLAK3qD7XKeruclxjK4K7Q31ll3wwLvtJJDv671zeyCHRpXeyyabSJ4AMY
x+yeHVee8d6U25Fxiqy9iotfrA6reFptneuS5kDWDa8OY587SFpJvnp9QpD8qyaB
et9MWjQEf7yZMd/rrvWgwRvldMQrP9ODfs7KDMg2Oub07FbQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:39 2024 by rpki-client on console-ams.rpki-client.org