Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/GwGyiWi1lJtGUOMwLS1LhYnGjds.roa
File: GwGyiWi1lJtGUOMwLS1LhYnGjds.roa (raw, json)
Hash identifier: PO1ZB8DGEc/8PvDomdUaHeQnJxhE2WK1GZQI2WZvJS8=
Subject key identifier: 1B:01:B2:89:68:B5:94:9B:46:50:E3:30:2D:2D:4B:85:89:C6:8D:DB
Certificate issuer: /CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Certificate serial: 018CC3B70D167FBA7F0A6EAB9326A8278B18
Authority key identifier: B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/GwGyiWi1lJtGUOMwLS1LhYnGjds.roa
Signing time: Mon 01 Jan 2024 06:30:02 +0000
ROA not before: Mon 01 Jan 2024 06:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 2a0c:93c0:8002::/48 maxlen: 48
2a0c:93c0:c002::/48 maxlen: 48
2a0c:93c0:8000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0d:16:7f:ba:7f:0a:6e:ab:93:26:a8:27:8b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b01b28968b5949b4650e3302d2d4b8589c68ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:47:f5:15:d8:9e:c7:29:a4:ba:c0:27:66:ee:
a2:6d:3c:56:1c:f0:6c:1a:89:be:da:19:72:74:0a:
33:3a:3e:00:c9:a8:39:1f:27:9c:20:10:5d:be:c7:
6d:e8:5d:5c:fa:b6:c0:c3:98:b3:0e:51:04:0f:15:
bb:e5:16:e6:81:7c:99:de:19:cc:a7:a7:b2:eb:8c:
9a:19:b4:60:ef:9e:c2:54:3e:61:1c:9c:b9:2d:ed:
ba:be:b6:8b:d4:41:67:b9:d7:c3:06:2d:b1:0b:e1:
10:8b:7e:ba:cf:1e:04:de:89:c1:2c:d6:fa:09:9f:
19:4f:29:49:58:d7:24:06:e4:80:52:35:13:bc:d6:
89:84:67:b8:62:f6:27:6c:fb:e0:30:55:5f:bc:7c:
bd:0a:0d:a5:e4:02:5c:59:d7:7b:35:48:7e:d0:4f:
2e:99:aa:dc:39:25:64:c0:e4:a6:ec:6c:5b:a7:df:
05:7d:63:94:3e:44:dc:7f:83:2f:2f:e5:70:00:64:
e8:1b:58:4c:d4:5a:6d:f9:60:ca:e1:0e:7f:e3:de:
69:35:4c:26:14:0e:dd:d7:07:71:b9:1c:c6:b6:12:
53:d5:ee:37:20:e2:56:5b:40:a1:b6:a1:b6:97:c1:
2a:a1:1e:49:2c:21:9c:c5:c1:5c:69:cc:95:12:4a:
84:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:01:B2:89:68:B5:94:9B:46:50:E3:30:2D:2D:4B:85:89:C6:8D:DB
X509v3 Authority Key Identifier:
keyid:B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/GwGyiWi1lJtGUOMwLS1LhYnGjds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:93c0:8000::/48
2a0c:93c0:8002::/48
2a0c:93c0:c002::/48
Signature Algorithm: sha256WithRSAEncryption
86:d0:a5:59:c3:32:53:4b:2f:c6:4b:be:5f:e7:6d:47:11:6a:
d5:8e:59:d7:0a:5c:72:a1:b4:23:c0:11:01:02:34:64:bb:10:
43:11:e5:5c:39:0f:02:88:16:06:6e:7a:c3:88:0a:1e:04:65:
1d:7d:06:c3:27:c4:cc:0e:69:fd:0b:56:78:de:0d:3a:d7:1a:
67:5b:50:ac:47:42:34:ed:cf:fe:4d:7d:90:ca:6a:77:07:58:
71:6b:7e:21:21:03:6f:9d:89:ce:45:df:da:b7:43:97:19:d0:
93:3f:d7:11:c3:a9:59:8a:d3:0d:80:c4:9c:ca:9f:2b:6a:22:
35:a5:ac:e5:f4:e2:64:56:d2:b4:9e:80:6d:9c:5f:33:87:c9:
7f:40:0e:6e:80:a8:19:1f:07:6f:88:52:b6:62:ea:8e:d1:a0:
7d:f7:0d:71:8b:8d:32:cd:ba:31:e9:dd:58:c8:bf:29:16:dd:
88:37:ae:d4:d5:56:c9:e8:de:34:8a:a9:c0:e0:94:c5:6d:7c:
03:19:d3:e9:30:cc:95:c0:c0:03:1c:2b:3d:b7:08:5f:22:02:
62:f6:c9:e5:36:f3:26:b2:3b:d1:8a:71:50:f6:00:38:3a:e2:
15:d9:c5:8d:96:41:ae:73:d1:cc:c6:14:9c:bb:96:0f:4e:30:
42:6c:ba:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtw0Wf7p/Cm6rkyaoJ4sYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODkyOTliYzQ5NTg0YTY0NTk0MGMxZGQ4N2RmMGFmYzhh
YWEwZmQwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjAxYjI4OTY4YjU5NDliNDY1MGUzMzAyZDJkNGI4NTg5YzY4ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUf1FdiexymkusAnZu6ibTxWHPBs
Gom+2hlydAozOj4Ayag5HyecIBBdvsdt6F1c+rbAw5izDlEEDxW75RbmgXyZ3hnM
p6ey64yaGbRg757CVD5hHJy5Le26vraL1EFnudfDBi2xC+EQi366zx4E3onBLNb6
CZ8ZTylJWNckBuSAUjUTvNaJhGe4YvYnbPvgMFVfvHy9Cg2l5AJcWdd7NUh+0E8u
marcOSVkwOSm7Gxbp98FfWOUPkTcf4MvL+VwAGToG1hM1Fpt+WDK4Q5/495pNUwm
FA7d1wdxuRzGthJT1e43IOJWW0ChtqG2l8EqoR5JLCGcxcFcacyVEkqENQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBsBsolotZSbRlDjMC0tS4WJxo3bMB8GA1UdIwQY
MBaAFLaJKZvElYSmRZQMHdh98K/IqqD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAt
YzBmM2JhZDk5YTQwLzEvR3dHeWlXaTFsSnRHVU9Nd0xTMUxoWW5HamRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAtYzBmM2JhZDk5YTQw
LzEvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyTwIAA
AwcAKgyTwIACAwcAKgyTwMACMA0GCSqGSIb3DQEBCwUAA4IBAQCG0KVZwzJTSy/G
S75f521HEWrVjlnXClxyobQjwBEBAjRkuxBDEeVcOQ8CiBYGbnrDiAoeBGUdfQbD
J8TMDmn9C1Z43g061xpnW1CsR0I07c/+TX2Qymp3B1hxa34hIQNvnYnORd/at0OX
GdCTP9cRw6lZitMNgMScyp8raiI1pazl9OJkVtK0noBtnF8zh8l/QA5ugKgZHwdv
iFK2YuqO0aB99w1xi40yzbox6d1YyL8pFt2IN67U1VbJ6N40iqnA4JTFbXwDGdPp
MMyVwMADHCs9twhfIgJi9snlNvMmsjvRinFQ9gA4OuIV2cWNlkGuc9HMxhScu5YP
TjBCbLol
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:18:26 2025 by rpki-client