Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/G8GQQxMx5wrbfk-j4APydahLYQI.roa
File: G8GQQxMx5wrbfk-j4APydahLYQI.roa (raw, json)
Hash identifier: tXeYwa7xJdYFxUGTP0yoOV573ma1Drow2R54b1cGAS0=
Subject key identifier: 1B:C1:90:43:13:31:E7:0A:DB:7E:4F:A3:E0:03:F2:75:A8:4B:61:02
Certificate issuer: /CN=906d4fbf6ddc6f5cb745a68cc6818a942eaee20e
Certificate serial: 0187C738BCA26DDE9ED1E7FF3989676C91C7
Authority key identifier: 90:6D:4F:BF:6D:DC:6F:5C:B7:45:A6:8C:C6:81:8A:94:2E:AE:E2:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kG1Pv23cb1y3RaaMxoGKlC6u4g4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/G8GQQxMx5wrbfk-j4APydahLYQI.roa
Signing time: Fri 28 Apr 2023 09:36:36 +0000
ROA not before: Fri 28 Apr 2023 09:36:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29491
IP address blocks: 2a09:66c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:38:bc:a2:6d:de:9e:d1:e7:ff:39:89:67:6c:91:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906d4fbf6ddc6f5cb745a68cc6818a942eaee20e
Validity
Not Before: Apr 28 09:36:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc190431331e70adb7e4fa3e003f275a84b6102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:af:71:23:9f:d7:e3:c3:d5:34:a8:51:8a:9c:
c4:7c:38:5e:8a:6e:ff:41:51:31:d8:9d:75:f2:6c:
f5:f9:e3:a5:1f:7e:5e:93:ed:50:ad:f6:46:86:f2:
3f:24:42:3b:29:ba:d1:49:b7:b4:21:f6:99:01:18:
95:62:9f:40:a2:f8:dd:5e:2f:b9:1a:33:c1:92:dc:
e5:55:c0:8b:ad:98:31:c9:f5:6e:39:5d:a9:73:a1:
73:fb:81:6f:e2:0b:fc:64:78:6d:30:75:64:3e:e5:
07:4e:23:a2:61:19:fd:5e:3f:4a:98:c2:23:38:79:
25:7e:4f:4f:05:c6:20:42:7e:d9:19:63:4f:1f:0c:
a2:89:06:9f:6c:7c:12:dc:b2:a2:27:cd:4e:af:57:
08:f9:e5:a7:bd:06:a7:db:c5:37:07:51:fd:7a:74:
20:ee:73:bb:86:cb:b5:e5:88:78:d8:4f:ce:b4:fc:
42:8e:de:2e:b2:d2:25:00:28:0a:3e:fb:0a:a1:8d:
58:0d:23:69:bd:09:83:03:20:c4:92:c1:65:62:e7:
85:81:c4:dd:57:83:99:fc:73:21:d8:f9:88:96:89:
fa:9d:d2:95:67:57:d2:c2:1c:15:5b:6d:0e:5a:1d:
fa:26:64:78:81:d8:1f:fe:f7:c2:65:4c:a4:a7:ef:
75:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C1:90:43:13:31:E7:0A:DB:7E:4F:A3:E0:03:F2:75:A8:4B:61:02
X509v3 Authority Key Identifier:
keyid:90:6D:4F:BF:6D:DC:6F:5C:B7:45:A6:8C:C6:81:8A:94:2E:AE:E2:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kG1Pv23cb1y3RaaMxoGKlC6u4g4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/G8GQQxMx5wrbfk-j4APydahLYQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/30c84e-e0b0-491c-971b-f1d4629ccd77/1/kG1Pv23cb1y3RaaMxoGKlC6u4g4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:66c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:2e:5a:3a:32:20:76:4b:00:b5:dd:59:02:9b:95:70:ef:80:
b1:39:cb:27:5c:9d:6f:ea:fb:94:93:13:55:7c:5f:61:dc:51:
86:1e:47:b3:8e:66:b6:11:dd:11:f6:0b:4b:3a:52:b9:43:7e:
d5:65:a8:4e:fc:9e:9d:28:88:5e:82:ce:df:2d:60:a8:ee:0f:
55:cc:8e:50:d4:14:1a:53:69:c2:ba:c3:1e:03:2e:53:a0:0c:
9c:a4:53:05:95:3f:c4:5a:c4:69:45:8a:42:7c:34:de:88:bf:
74:e6:b3:1d:f0:6a:6e:66:0a:f9:00:1d:c8:d6:69:40:13:c0:
4c:c0:32:5f:6b:67:55:74:28:9e:66:9b:d7:2c:1c:13:6e:d9:
01:7c:78:fd:08:2a:11:c2:bb:33:77:50:58:6c:a8:e7:dc:f8:
c5:6b:cf:64:90:d0:76:4b:1c:00:ce:db:5f:62:03:72:8c:29:
e6:f9:4f:7c:b8:a6:84:31:20:81:fd:3a:51:55:7f:a2:d3:4d:
8f:e7:8b:63:63:e1:8f:42:95:e7:91:c2:66:1e:e9:48:18:e7:
69:3d:17:96:78:82:1b:4f:67:b0:9d:59:f8:5c:05:c9:8e:09:
84:7a:07:e8:78:ab:f5:b6:bb:09:4a:de:b9:7b:22:c7:79:ed:
5b:7f:34:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYfHOLyibd6e0ef/OYlnbJHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNmQ0ZmJmNmRkYzZmNWNiNzQ1YTY4Y2M2ODE4YTk0MmVh
ZWUyMGUwHhcNMjMwNDI4MDkzNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmMxOTA0MzEzMzFlNzBhZGI3ZTRmYTNlMDAzZjI3NWE4NGI2MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA469xI5/X48PVNKhRipzEfDheim7/
QVEx2J118mz1+eOlH35ek+1QrfZGhvI/JEI7KbrRSbe0IfaZARiVYp9AovjdXi+5
GjPBktzlVcCLrZgxyfVuOV2pc6Fz+4Fv4gv8ZHhtMHVkPuUHTiOiYRn9Xj9KmMIj
OHklfk9PBcYgQn7ZGWNPHwyiiQafbHwS3LKiJ81Or1cI+eWnvQan28U3B1H9enQg
7nO7hsu15Yh42E/OtPxCjt4ustIlACgKPvsKoY1YDSNpvQmDAyDEksFlYueFgcTd
V4OZ/HMh2PmIlon6ndKVZ1fSwhwVW20OWh36JmR4gdgf/vfCZUykp+91PQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBvBkEMTMecK235Po+AD8nWoS2ECMB8GA1UdIwQY
MBaAFJBtT79t3G9ct0WmjMaBipQuruIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0cxUHYyM2NiMXkzUmFhTXhvR0tsQzZ1NGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zMGM4NGUtZTBiMC00OTFjLTk3MWIt
ZjFkNDYyOWNjZDc3LzEvRzhHUVF4TXg1d3JiZmstajRBUHlkYWhMWVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zMGM4NGUtZTBiMC00OTFjLTk3MWItZjFkNDYyOWNjZDc3
LzEva0cxUHYyM2NiMXkzUmFhTXhvR0tsQzZ1NGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKglmwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmS5aOjIgdksAtd1ZApuVcO+AsTnLJ1ydb+r7lJMT
VXxfYdxRhh5Hs45mthHdEfYLSzpSuUN+1WWoTvyenSiIXoLO3y1gqO4PVcyOUNQU
GlNpwrrDHgMuU6AMnKRTBZU/xFrEaUWKQnw03oi/dOazHfBqbmYK+QAdyNZpQBPA
TMAyX2tnVXQonmab1ywcE27ZAXx4/QgqEcK7M3dQWGyo59z4xWvPZJDQdkscAM7b
X2IDcowp5vlPfLimhDEggf06UVV/otNNj+eLY2Phj0KV55HCZh7pSBjnaT0XlniC
G09nsJ1Z+FwFyY4JhHoH6Hir9ba7CUreuXsix3ntW380Cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:51 2024 by rpki-client on console-fra.rpki-client.org