Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GLY4b2uUe90UK8syrIaLPXzay7k.roa
File: GLY4b2uUe90UK8syrIaLPXzay7k.roa (raw, json)
Hash identifier: QMtZlTro05fn9drjtwnm83WpBn3jvxJUCWHE0SG/NNs=
Subject key identifier: 18:B6:38:6F:6B:94:7B:DD:14:2B:CB:32:AC:86:8B:3D:7C:DA:CB:B9
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018E73C500AED68B2A25639EDE2E91E72E88
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GLY4b2uUe90UK8syrIaLPXzay7k.roa
Signing time: Mon 25 Mar 2024 04:01:14 +0000
ROA not before: Mon 25 Mar 2024 04:01:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 2a0e:b900::/29 maxlen: 29
2a10:4900::/29 maxlen: 29
2a10:4900::/32 maxlen: 32
2a10:4901::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Mar 2024 04:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:73:c5:00:ae:d6:8b:2a:25:63:9e:de:2e:91:e7:2e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 25 04:01:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18b6386f6b947bdd142bcb32ac868b3d7cdacbb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:81:d0:22:79:7d:18:21:3a:39:ad:23:81:3f:
26:42:82:e1:dd:db:39:77:71:aa:06:4c:0d:75:12:
6b:3d:b0:ed:9d:c1:1c:fc:fa:e9:84:6a:89:b2:13:
b5:e7:de:6c:1f:f5:27:f7:e1:3a:d6:2e:01:8c:36:
2c:0f:7b:56:51:60:17:a8:7e:06:15:cd:be:4e:46:
82:b2:55:f2:63:b3:21:0d:80:ef:70:28:a7:27:9f:
a2:60:20:64:a7:05:ff:a9:11:0b:f2:d7:d1:30:fe:
67:e0:f2:71:67:27:0d:02:5a:8c:14:51:3b:65:a6:
33:39:c5:ca:7f:5e:ab:89:bd:3f:9e:5f:26:1a:23:
39:7b:a4:a3:c5:f4:3a:44:fb:d7:a7:85:b7:8a:50:
80:51:6c:bb:f4:dd:34:35:4d:75:05:a5:10:11:8f:
67:7d:12:57:db:11:4b:dc:c4:35:da:f1:d2:8f:52:
d1:3d:65:d6:85:48:48:7d:d5:18:d0:2e:3f:c7:a0:
36:bf:ea:d7:35:50:13:74:c0:42:bf:2f:e1:99:7d:
8e:d8:4f:5b:82:05:36:c3:66:52:68:c7:3e:b0:9e:
54:9c:90:43:05:24:dd:29:4a:8f:b2:88:da:08:08:
ee:13:c5:74:bc:5b:d5:d5:e6:44:b3:4d:09:d3:52:
c7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B6:38:6F:6B:94:7B:DD:14:2B:CB:32:AC:86:8B:3D:7C:DA:CB:B9
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GLY4b2uUe90UK8syrIaLPXzay7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b900::/29
2a10:4900::/29
Signature Algorithm: sha256WithRSAEncryption
b9:55:c9:14:25:2b:12:91:42:72:ba:d9:a7:f9:65:42:da:56:
fd:70:a6:9a:bf:c6:f6:73:a6:42:25:3f:7f:96:81:4b:5d:9b:
d3:94:b6:65:e1:12:98:4b:30:9f:f5:9a:ad:a4:ed:25:3a:45:
21:4c:97:27:e4:7c:8d:ab:a5:23:3f:f5:73:08:d2:0a:7a:6e:
7e:6f:44:90:32:66:35:dd:4d:9f:5d:c1:3d:70:f7:1b:d9:4e:
7d:bd:f2:8f:3d:ff:9e:71:cf:ee:c6:d9:43:13:aa:0c:f3:cc:
a2:5f:89:6e:d0:08:1b:c6:76:54:23:4d:f5:11:46:51:9f:18:
e0:af:df:de:d8:34:40:0e:72:a1:41:36:3f:2c:81:ae:8c:43:
89:d4:6f:55:63:77:85:b5:7e:29:85:ab:ac:74:b3:4c:88:e1:
f6:f9:d1:68:d1:46:d2:7b:ed:af:ed:4f:08:e1:35:71:f5:1f:
1c:7b:c2:7d:b3:9a:51:29:3a:53:2e:04:ec:fc:80:3a:e3:2b:
39:bc:29:da:37:34:36:cc:ee:2d:15:ba:2c:61:68:1e:cd:d6:
96:7a:db:eb:cc:03:c3:08:36:b4:4a:8f:f8:87:2e:5d:83:90:
da:9d:55:c6:4d:d6:7d:90:b9:cd:81:38:b5:c4:9a:e3:af:7b:
00:e2:c7:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5zxQCu1osqJWOe3i6R5y6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzI1MDQwMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGI2Mzg2ZjZiOTQ3YmRkMTQyYmNiMzJhYzg2OGIzZDdjZGFjYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIHQInl9GCE6Oa0jgT8mQoLh3ds5
d3GqBkwNdRJrPbDtncEc/PrphGqJshO1595sH/Un9+E61i4BjDYsD3tWUWAXqH4G
Fc2+TkaCslXyY7MhDYDvcCinJ5+iYCBkpwX/qREL8tfRMP5n4PJxZycNAlqMFFE7
ZaYzOcXKf16rib0/nl8mGiM5e6SjxfQ6RPvXp4W3ilCAUWy79N00NU11BaUQEY9n
fRJX2xFL3MQ12vHSj1LRPWXWhUhIfdUY0C4/x6A2v+rXNVATdMBCvy/hmX2O2E9b
ggU2w2ZSaMc+sJ5UnJBDBSTdKUqPsojaCAjuE8V0vFvV1eZEs00J01LH4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBi2OG9rlHvdFCvLMqyGiz182su5MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvR0xZNGIydVVlOTBVSzhzeXJJYUxQWHpheTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg65AAMF
AyoQSQAwDQYJKoZIhvcNAQELBQADggEBALlVyRQlKxKRQnK62af5ZULaVv1wppq/
xvZzpkIlP3+WgUtdm9OUtmXhEphLMJ/1mq2k7SU6RSFMlyfkfI2rpSM/9XMI0gp6
bn5vRJAyZjXdTZ9dwT1w9xvZTn298o89/55xz+7G2UMTqgzzzKJfiW7QCBvGdlQj
TfURRlGfGOCv397YNEAOcqFBNj8sga6MQ4nUb1Vjd4W1fimFq6x0s0yI4fb50WjR
RtJ77a/tTwjhNXH1Hxx7wn2zmlEpOlMuBOz8gDrjKzm8Kdo3NDbM7i0VuixhaB7N
1pZ62+vMA8MINrRKj/iHLl2DkNqdVcZN1n2Quc2BOLXEmuOvewDix84=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:41 2025 by rpki-client