Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/aeae3f-af4d-4eee-b284-a5f6c0aa11de/1/grHHNcCEeciVm2pD6Ym_khiVbgI.roa
File: grHHNcCEeciVm2pD6Ym_khiVbgI.roa (raw, json)
Hash identifier: m8rUG1aZx2iibWDY7JbCi65kctX9B84uuyENgWe5iwA=
Subject key identifier: 82:B1:C7:35:C0:84:79:C8:95:9B:6A:43:E9:89:BF:92:18:95:6E:02
Certificate issuer: /CN=486510a3116972fced95e8a8bdafd6e455ded0ba
Certificate serial: 0185720C5DFB398B9C6334327FE94D40A822
Authority key identifier: 48:65:10:A3:11:69:72:FC:ED:95:E8:A8:BD:AF:D6:E4:55:DE:D0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGUQoxFpcvztleiova_W5FXe0Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/aeae3f-af4d-4eee-b284-a5f6c0aa11de/1/grHHNcCEeciVm2pD6Ym_khiVbgI.roa
Signing time: Mon 02 Jan 2023 10:34:51 +0000
ROA not before: Mon 02 Jan 2023 10:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47846
IP address blocks: 64.190.62.0/23 maxlen: 32
91.195.240.0/23 maxlen: 32
2001:67c:64c::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5d:fb:39:8b:9c:63:34:32:7f:e9:4d:40:a8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=486510a3116972fced95e8a8bdafd6e455ded0ba
Validity
Not Before: Jan 2 10:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82b1c735c08479c8959b6a43e989bf9218956e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:f0:2a:a2:9c:83:f9:78:06:47:22:08:58:
8f:be:69:b2:01:b0:0f:b3:cc:9e:25:7e:a5:97:1f:
69:90:62:4c:25:26:eb:2d:f8:82:ff:4b:91:c9:d3:
b5:e6:58:f5:fb:5a:3b:fa:66:79:b9:2d:1a:2e:cd:
7d:94:15:49:60:f9:a4:29:16:48:a7:90:e0:b2:e8:
b4:08:c8:a6:40:54:0a:38:db:53:15:fb:81:d0:10:
22:ec:dc:fa:61:f2:2f:9f:b1:01:26:d2:b7:6a:8b:
15:5f:c5:bd:b2:c3:fd:e6:a9:46:28:d4:8c:6f:a8:
4e:71:ec:50:47:46:95:75:c5:90:76:27:12:d4:23:
57:d8:40:2a:c6:02:2f:8c:7f:64:3a:58:34:ee:c0:
56:6a:49:66:92:68:87:28:db:42:09:11:06:88:f3:
e0:c9:43:71:71:8d:7f:17:e4:52:2f:90:e4:38:7c:
99:49:71:9d:84:e6:aa:12:ea:7a:84:2b:e5:22:06:
01:f4:72:95:35:c6:65:ca:fc:2c:c1:29:4e:1e:e4:
2f:c6:48:a2:57:ad:76:6d:e9:f6:4a:a0:0b:0e:fd:
3d:ff:26:72:99:e0:17:e7:e1:1c:fb:12:ef:2e:98:
e5:44:12:42:58:4a:b1:12:72:e5:a8:0b:a2:67:1c:
4d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B1:C7:35:C0:84:79:C8:95:9B:6A:43:E9:89:BF:92:18:95:6E:02
X509v3 Authority Key Identifier:
keyid:48:65:10:A3:11:69:72:FC:ED:95:E8:A8:BD:AF:D6:E4:55:DE:D0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGUQoxFpcvztleiova_W5FXe0Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/aeae3f-af4d-4eee-b284-a5f6c0aa11de/1/grHHNcCEeciVm2pD6Ym_khiVbgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/aeae3f-af4d-4eee-b284-a5f6c0aa11de/1/SGUQoxFpcvztleiova_W5FXe0Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.62.0/23
91.195.240.0/23
IPv6:
2001:67c:64c::/48
Signature Algorithm: sha256WithRSAEncryption
86:7b:77:e8:e0:b9:ff:49:2b:db:dd:9f:96:46:ff:36:58:87:
95:6e:b3:ad:62:7d:12:cd:a3:f1:b7:bd:08:00:4d:8c:dd:ec:
23:d4:92:8b:3f:0e:40:4b:75:22:e8:a1:e7:fb:c3:e1:42:d2:
f3:47:2a:b0:5d:2f:c3:4d:4e:c8:34:ee:ef:d1:28:8d:e4:4f:
37:d4:0c:34:d2:79:33:e4:82:78:85:9e:09:77:62:6b:9d:bc:
e8:e0:c2:57:23:a9:48:eb:ec:3d:6b:93:95:6c:46:24:6d:8d:
77:99:21:21:d3:29:c3:11:84:41:3f:c6:5b:1f:0d:51:b8:1f:
ef:d7:39:78:28:da:74:a7:a6:58:a6:ca:65:95:02:cc:41:8b:
dc:db:f4:ec:28:99:60:d7:a0:b4:f1:29:46:44:89:95:5c:79:
9e:04:7f:e3:a0:6f:c6:7c:83:1e:c4:71:85:d9:30:f5:e3:2b:
88:83:1c:82:4c:c4:c5:b5:43:fc:6b:5c:f4:f9:cd:47:5a:a8:
ab:00:1f:db:1b:3b:01:d6:e6:3f:56:fa:05:09:79:84:1a:dc:
c7:24:bb:75:f6:ca:e8:0a:71:05:51:74:65:d3:52:6d:2a:49:
62:96:6b:45:5a:f7:a7:bf:8e:b8:79:0c:81:72:5b:dc:af:e4:
d2:4f:6d:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyDF37OYucYzQyf+lNQKgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjUxMGEzMTE2OTcyZmNlZDk1ZThhOGJkYWZkNmU0NTVk
ZWQwYmEwHhcNMjMwMTAyMTAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmIxYzczNWMwODQ3OWM4OTU5YjZhNDNlOTg5YmY5MjE4OTU2ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCPwKqKcg/l4BkciCFiPvmmyAbAP
s8yeJX6llx9pkGJMJSbrLfiC/0uRydO15lj1+1o7+mZ5uS0aLs19lBVJYPmkKRZI
p5Dgsui0CMimQFQKONtTFfuB0BAi7Nz6YfIvn7EBJtK3aosVX8W9ssP95qlGKNSM
b6hOcexQR0aVdcWQdicS1CNX2EAqxgIvjH9kOlg07sBWaklmkmiHKNtCCREGiPPg
yUNxcY1/F+RSL5DkOHyZSXGdhOaqEup6hCvlIgYB9HKVNcZlyvwswSlOHuQvxkii
V612ben2SqALDv09/yZymeAX5+Ec+xLvLpjlRBJCWEqxEnLlqAuiZxxNAwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIKxxzXAhHnIlZtqQ+mJv5IYlW4CMB8GA1UdIwQY
MBaAFEhlEKMRaXL87ZXoqL2v1uRV3tC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0dVUW94RnBjdnp0bGVpb3ZhX1c1RlhlMExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9hZWFlM2YtYWY0ZC00ZWVlLWIyODQt
YTVmNmMwYWExMWRlLzEvZ3JISE5jQ0VlY2lWbTJwRDZZbV9raGlWYmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9hZWFlM2YtYWY0ZC00ZWVlLWIyODQtYTVmNmMwYWExMWRl
LzEvU0dVUW94RnBjdnp0bGVpb3ZhX1c1RlhlMExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBQL4+AwQB
W8PwMA8EAgACMAkDBwAgAQZ8BkwwDQYJKoZIhvcNAQELBQADggEBAIZ7d+jguf9J
K9vdn5ZG/zZYh5Vus61ifRLNo/G3vQgATYzd7CPUkos/DkBLdSLooef7w+FC0vNH
KrBdL8NNTsg07u/RKI3kTzfUDDTSeTPkgniFngl3YmudvOjgwlcjqUjr7D1rk5Vs
RiRtjXeZISHTKcMRhEE/xlsfDVG4H+/XOXgo2nSnplimymWVAsxBi9zb9OwomWDX
oLTxKUZEiZVceZ4Ef+Ogb8Z8gx7EcYXZMPXjK4iDHIJMxMW1Q/xrXPT5zUdaqKsA
H9sbOwHW5j9W+gUJeYQa3Mcku3X2yugKcQVRdGXTUm0qSWKWa0Va96e/jrh5DIFy
W9yv5NJPbWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:12 2024 by rpki-client on console-ams.rpki-client.org