Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/339d29-712a-4c86-9510-e4d6bcf336b7/1/gIppz0b2-fSbYO0CG8GQOOrCXY8.roa
File: gIppz0b2-fSbYO0CG8GQOOrCXY8.roa (raw, json)
Hash identifier: cvC0kS8KR40KrqpkuGz+Lcn8LZWEHcWyI8mEr2b1eiU=
Subject key identifier: 80:8A:69:CF:46:F6:F9:F4:9B:60:ED:02:1B:C1:90:38:EA:C2:5D:8F
Certificate issuer: /CN=9d81cb504326743b17d364a204875c39c6edbc09
Certificate serial: 01856F82528C359BADCE8B567B408B2708F7
Authority key identifier: 9D:81:CB:50:43:26:74:3B:17:D3:64:A2:04:87:5C:39:C6:ED:BC:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYHLUEMmdDsX02SiBIdcOcbtvAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/339d29-712a-4c86-9510-e4d6bcf336b7/1/gIppz0b2-fSbYO0CG8GQOOrCXY8.roa
Signing time: Sun 01 Jan 2023 22:44:49 +0000
ROA not before: Sun 01 Jan 2023 22:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199484
IP address blocks: 130.255.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:52:8c:35:9b:ad:ce:8b:56:7b:40:8b:27:08:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d81cb504326743b17d364a204875c39c6edbc09
Validity
Not Before: Jan 1 22:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=808a69cf46f6f9f49b60ed021bc19038eac25d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:84:11:58:53:f0:97:59:95:2f:64:c4:86:53:
4e:6e:ff:3d:84:ea:b9:af:11:20:24:2c:69:12:6c:
97:65:d9:60:73:64:9b:92:b0:b9:7a:8b:89:e4:90:
05:f3:f9:eb:66:89:a3:7a:e2:a5:30:90:6d:aa:c9:
9c:e0:e1:4f:78:74:c8:69:54:6d:92:86:eb:24:3d:
02:dd:36:82:93:2f:df:3f:e3:1e:4e:32:c6:a9:33:
28:85:6b:06:6d:f6:05:e3:a1:92:af:cb:d8:b7:7e:
dd:56:2e:e8:29:c5:56:9f:1e:18:16:32:b1:d4:6e:
92:e4:0a:fb:3e:a1:36:84:93:7f:f7:ed:03:b7:a8:
6c:78:28:38:93:2f:5b:82:22:7b:2a:9c:38:f2:2b:
89:a3:78:43:5e:9c:52:95:59:7d:55:b5:c7:c9:0c:
62:83:7a:fd:1b:ab:d4:f9:c5:10:62:fd:ae:b1:25:
7e:38:05:f2:9a:a3:0c:78:b1:d0:b0:46:47:ed:83:
1e:af:4a:18:d8:aa:9d:0b:37:fa:17:6f:d9:aa:d5:
6b:50:0a:74:97:b9:da:6e:4e:01:47:9c:23:5d:4e:
e9:60:97:1f:64:a6:8f:2b:d8:43:3e:46:9d:36:bf:
51:59:51:40:39:0e:18:fc:d0:b1:57:f8:b2:d2:29:
15:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8A:69:CF:46:F6:F9:F4:9B:60:ED:02:1B:C1:90:38:EA:C2:5D:8F
X509v3 Authority Key Identifier:
keyid:9D:81:CB:50:43:26:74:3B:17:D3:64:A2:04:87:5C:39:C6:ED:BC:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYHLUEMmdDsX02SiBIdcOcbtvAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/339d29-712a-4c86-9510-e4d6bcf336b7/1/gIppz0b2-fSbYO0CG8GQOOrCXY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/339d29-712a-4c86-9510-e4d6bcf336b7/1/nYHLUEMmdDsX02SiBIdcOcbtvAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.173.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:4c:41:f7:7a:1a:a4:92:74:04:aa:9b:b5:2e:07:b5:98:fc:
8f:97:f7:08:d3:97:7b:67:f5:2c:20:35:4a:ca:a8:67:1a:db:
c1:cc:da:d8:a0:77:98:5a:27:3b:89:a9:85:e5:f1:3d:09:71:
79:c1:11:42:b4:40:69:dd:19:5d:34:d2:f3:ec:85:e1:b2:d2:
3b:e7:81:8d:9f:e2:79:c9:f4:3f:5f:60:07:b8:86:d2:38:59:
50:62:f0:31:61:b4:0f:8f:83:a9:36:5f:fd:06:b3:e4:67:b2:
79:af:8b:24:9d:54:05:ef:ad:28:27:97:e8:a4:84:e3:6d:bf:
71:71:c9:ee:2a:bd:15:e2:b0:a8:b4:24:5e:f5:64:17:e0:43:
fe:cd:2a:cf:8b:5c:f1:7c:eb:7f:f7:d0:18:06:a1:f4:64:5c:
0e:b3:5a:3c:f1:02:84:34:0c:d1:90:d8:f3:b6:4f:6a:0b:00:
ab:7b:f2:38:64:17:83:e6:d9:8c:10:9d:50:04:f3:04:3e:44:
70:7e:8c:33:61:55:00:a2:58:61:9e:0c:c9:26:bf:f0:86:ec:
b0:9c:46:52:2f:4a:9a:f1:e0:de:01:0f:48:22:93:93:83:38:
fa:7d:b7:2d:c7:a4:c4:8e:cb:3f:15:76:c5:47:0c:5f:92:75:
97:94:25:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvglKMNZutzotWe0CLJwj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkODFjYjUwNDMyNjc0M2IxN2QzNjRhMjA0ODc1YzM5YzZl
ZGJjMDkwHhcNMjMwMTAxMjI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDhhNjljZjQ2ZjZmOWY0OWI2MGVkMDIxYmMxOTAzOGVhYzI1ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIQRWFPwl1mVL2TEhlNObv89hOq5
rxEgJCxpEmyXZdlgc2SbkrC5eouJ5JAF8/nrZomjeuKlMJBtqsmc4OFPeHTIaVRt
kobrJD0C3TaCky/fP+MeTjLGqTMohWsGbfYF46GSr8vYt37dVi7oKcVWnx4YFjKx
1G6S5Ar7PqE2hJN/9+0Dt6hseCg4ky9bgiJ7Kpw48iuJo3hDXpxSlVl9VbXHyQxi
g3r9G6vU+cUQYv2usSV+OAXymqMMeLHQsEZH7YMer0oY2KqdCzf6F2/ZqtVrUAp0
l7nabk4BR5wjXU7pYJcfZKaPK9hDPkadNr9RWVFAOQ4Y/NCxV/iy0ikV7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICKac9G9vn0m2DtAhvBkDjqwl2PMB8GA1UdIwQY
MBaAFJ2By1BDJnQ7F9NkogSHXDnG7bwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbllITFVFTW1kRHNYMDJTaUJJZGNPY2J0dkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMzlkMjktNzEyYS00Yzg2LTk1MTAt
ZTRkNmJjZjMzNmI3LzEvZ0lwcHowYjItZlNiWU8wQ0c4R1FPT3JDWFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zMzlkMjktNzEyYS00Yzg2LTk1MTAtZTRkNmJjZjMzNmI3
LzEvbllITFVFTW1kRHNYMDJTaUJJZGNPY2J0dkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgv+tMA0G
CSqGSIb3DQEBCwUAA4IBAQAuTEH3ehqkknQEqpu1Lge1mPyPl/cI05d7Z/UsIDVK
yqhnGtvBzNrYoHeYWic7iamF5fE9CXF5wRFCtEBp3RldNNLz7IXhstI754GNn+J5
yfQ/X2AHuIbSOFlQYvAxYbQPj4OpNl/9BrPkZ7J5r4sknVQF760oJ5fopITjbb9x
ccnuKr0V4rCotCRe9WQX4EP+zSrPi1zxfOt/99AYBqH0ZFwOs1o88QKENAzRkNjz
tk9qCwCre/I4ZBeD5tmMEJ1QBPMEPkRwfowzYVUAolhhngzJJr/whuywnEZSL0qa
8eDeAQ9IIpOTgzj6fbctx6TEjss/FXbFRwxfknWXlCWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:17 2024 by rpki-client on console-fra.rpki-client.org