Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/gnvWkxxKouA1oEQVjDRniaeTgog.roa
File: gnvWkxxKouA1oEQVjDRniaeTgog.roa (raw, json)
Hash identifier: lrzB8cTk56VSQHgIS3JbdQlfe98riIMcWdpb6YE48Ww=
Subject key identifier: 82:7B:D6:93:1C:4A:A2:E0:35:A0:44:15:8C:34:67:89:A7:93:82:88
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 018CC49380AAAAEA41209F6A6C6557C7537E
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/gnvWkxxKouA1oEQVjDRniaeTgog.roa
Signing time: Mon 01 Jan 2024 10:30:50 +0000
ROA not before: Mon 01 Jan 2024 10:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12817
IP address blocks: 2001:1578:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:80:aa:aa:ea:41:20:9f:6a:6c:65:57:c7:53:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 10:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=827bd6931c4aa2e035a044158c346789a7938288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:91:a0:28:48:d5:ff:c9:4a:38:3e:94:7a:
82:3a:28:3f:1e:be:c6:81:57:9f:ca:95:95:a1:5c:
8f:8b:3a:7d:9d:4a:d7:70:58:99:e8:62:43:e8:66:
54:4c:70:55:14:0e:21:c0:0b:8e:4f:d3:63:07:95:
72:b5:c5:32:b8:bc:22:d4:62:11:7b:6d:7a:b1:d6:
87:87:87:2f:ca:74:3d:78:c9:f9:fd:e1:10:d1:89:
29:66:fd:74:1b:df:4f:16:92:18:2d:a2:c4:c5:5b:
1b:29:66:e6:03:9d:53:b2:38:48:2d:1d:42:6e:33:
0f:d8:1a:74:62:8b:8d:6e:a0:f7:17:47:7c:dd:49:
0d:3e:a7:02:c1:0a:88:7e:41:77:3a:09:29:04:84:
8f:80:04:eb:ad:13:5a:05:ef:f0:3e:00:69:45:23:
f5:8f:65:2a:6d:80:4c:66:44:ff:99:90:2e:ab:c5:
95:f6:b5:fb:3b:ce:f3:68:d9:da:c5:5c:fd:20:ec:
24:12:7c:28:4f:31:38:fd:9d:66:09:ef:25:ca:12:
36:c0:d2:fc:31:df:3e:23:61:62:57:15:86:c2:84:
fb:3d:fe:cc:93:53:2e:92:f2:0d:78:0c:8b:32:0b:
af:7e:09:0a:2f:5b:b1:90:f7:bb:47:73:b6:72:b9:
a7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7B:D6:93:1C:4A:A2:E0:35:A0:44:15:8C:34:67:89:A7:93:82:88
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/gnvWkxxKouA1oEQVjDRniaeTgog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1578:200::/40
Signature Algorithm: sha256WithRSAEncryption
75:ec:94:e1:6e:9b:9c:52:88:90:a8:80:23:c6:37:87:be:be:
fb:7e:06:68:57:d0:eb:0e:d6:34:32:af:5f:f3:27:a2:c1:7d:
9e:d0:64:2b:6c:93:22:5e:09:e9:79:1a:eb:fd:ab:64:b9:db:
77:6d:36:e5:a0:fc:b8:9f:df:49:87:39:9e:a0:b3:b9:74:62:
89:54:bf:dc:97:97:a4:63:8e:84:ac:5d:52:5f:27:18:d6:2a:
9c:a2:ed:15:e9:8c:df:1b:7f:97:4a:53:af:66:67:22:2e:4d:
cb:45:df:8a:d6:65:b9:43:5c:af:b9:98:af:ab:27:8d:fc:ab:
94:cd:1c:9e:b0:7d:e0:0b:a6:a8:d1:bd:d8:66:0b:b7:a9:80:
17:0b:2f:79:bd:01:2c:d2:d9:97:6c:79:0e:4a:69:49:ed:2e:
f2:23:a3:37:22:91:22:2c:5b:79:36:a7:76:75:37:76:13:9c:
3d:cb:45:c0:4d:af:16:a7:a3:ac:71:90:9f:4e:fe:2d:85:90:
f2:fe:e1:90:26:3b:f4:3b:e6:9b:9d:f7:90:e8:b1:94:6b:86:
cb:a0:6c:11:55:27:c0:71:f0:e0:7e:c1:65:92:5d:3b:43:1b:
f5:23:46:7c:2f:71:bb:af:97:af:4f:ed:77:a3:1f:f4:49:b6:
50:ba:d2:19
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEk4CqqupBIJ9qbGVXx1N+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDM1MWIyNzRmYzIzYTQyNzI4MzAzNjM4YTBkNjJiNjA2
NDAxYjQwHhcNMjQwMTAxMTAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjdiZDY5MzFjNGFhMmUwMzVhMDQ0MTU4YzM0Njc4OWE3OTM4Mjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAqRoChI1f/JSjg+lHqCOig/Hr7G
gVefypWVoVyPizp9nUrXcFiZ6GJD6GZUTHBVFA4hwAuOT9NjB5VytcUyuLwi1GIR
e216sdaHh4cvynQ9eMn5/eEQ0YkpZv10G99PFpIYLaLExVsbKWbmA51TsjhILR1C
bjMP2Bp0YouNbqD3F0d83UkNPqcCwQqIfkF3OgkpBISPgATrrRNaBe/wPgBpRSP1
j2UqbYBMZkT/mZAuq8WV9rX7O87zaNnaxVz9IOwkEnwoTzE4/Z1mCe8lyhI2wNL8
Md8+I2FiVxWGwoT7Pf7Mk1MukvINeAyLMguvfgkKL1uxkPe7R3O2crmnzQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIJ71pMcSqLgNaBEFYw0Z4mnk4KIMB8GA1UdIwQY
MBaAFLvTUbJ0/COkJygwNjig1itgZAG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYt
NDZiMzAyOGEwM2IwLzEvZ252V2t4eEtvdUExb0VRVmpEUm5pYWVUZ29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYtNDZiMzAyOGEwM2Iw
LzEvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAIAEVeAIw
DQYJKoZIhvcNAQELBQADggEBAHXslOFum5xSiJCogCPGN4e+vvt+BmhX0OsO1jQy
r1/zJ6LBfZ7QZCtskyJeCel5Guv9q2S523dtNuWg/Lif30mHOZ6gs7l0YolUv9yX
l6RjjoSsXVJfJxjWKpyi7RXpjN8bf5dKU69mZyIuTctF34rWZblDXK+5mK+rJ438
q5TNHJ6wfeALpqjRvdhmC7epgBcLL3m9ASzS2ZdseQ5KaUntLvIjozcikSIsW3k2
p3Z1N3YTnD3LRcBNrxano6xxkJ9O/i2FkPL+4ZAmO/Q75pud95DosZRrhsugbBFV
J8Bx8OB+wWWSXTtDG/UjRnwvcbuvl69P7XejH/RJtlC60hk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:23 2025 by rpki-client