Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/GIvVypxPYdq3jBOFUL8x2jwd-K0.roa
File: GIvVypxPYdq3jBOFUL8x2jwd-K0.roa (raw, json)
Hash identifier: Mlb9MGT4ztVF7nSA8azLB7VjZLV6+WGVuTxvvzOhJQQ=
Subject key identifier: 18:8B:D5:CA:9C:4F:61:DA:B7:8C:13:85:50:BF:31:DA:3C:1D:F8:AD
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8F1B91B4DF8A1A3169AEAD57838A7B0
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/GIvVypxPYdq3jBOFUL8x2jwd-K0.roa
Signing time: Thu 16 Nov 2023 16:23:21 +0000
ROA not before: Thu 16 Nov 2023 16:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21334
IP address blocks: 2a01:870::/32 maxlen: 32
2a01:8f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f1:b9:1b:4d:f8:a1:a3:16:9a:ea:d5:78:38:a7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=188bd5ca9c4f61dab78c138550bf31da3c1df8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:05:76:9a:1c:13:b2:e1:ab:63:9e:24:2d:57:
7e:69:3e:e6:53:2c:70:3b:8e:27:e3:de:7a:23:b8:
4b:68:08:db:23:11:3a:4b:ea:89:c2:83:1e:79:01:
19:96:99:45:e4:0a:30:6a:ea:7c:9c:cb:3d:ec:4b:
be:d6:60:9d:ab:db:32:dd:36:78:ec:08:4c:0c:8e:
b6:c9:5f:9e:f8:66:04:ce:e7:14:40:d9:1b:89:e0:
57:0a:89:26:23:e4:d1:6c:ac:8b:63:af:54:b7:9f:
93:5a:c5:3b:9e:95:2f:ef:e3:ed:52:da:29:51:43:
39:6f:66:f7:47:5d:f0:ff:26:fd:c6:0d:e5:4c:11:
18:c7:0a:86:c6:09:3a:0c:e8:93:ad:41:1c:2f:ad:
01:c6:13:fb:00:c0:e4:0b:f3:e7:44:88:76:62:be:
a8:ce:ad:45:07:df:74:0b:97:d6:c7:de:d2:75:5e:
22:f6:f2:bf:aa:5f:d6:5e:f7:88:eb:40:8b:9b:5e:
11:54:d4:b6:44:7a:51:a2:14:5a:73:d7:51:03:ba:
18:c2:82:4c:0e:a7:43:70:0f:1b:e3:90:07:3d:4f:
4e:97:8f:ac:27:1d:44:f5:d6:8b:69:57:be:5f:37:
55:99:9a:b3:72:d4:bd:91:a2:47:0f:ab:35:4b:29:
75:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8B:D5:CA:9C:4F:61:DA:B7:8C:13:85:50:BF:31:DA:3C:1D:F8:AD
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/GIvVypxPYdq3jBOFUL8x2jwd-K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:870::/32
2a01:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
48:ec:81:1a:f4:2c:92:ab:9e:87:4f:38:91:58:6b:eb:ba:37:
cd:4b:22:3f:9c:53:45:f7:d3:1f:21:1b:81:07:49:6d:33:f6:
dd:94:47:6f:3a:b7:53:77:45:c5:56:7a:88:a6:51:e9:ab:56:
7e:8f:f9:22:86:ce:24:a8:f9:70:df:e7:83:9e:a8:65:f6:f8:
b6:4e:77:ec:6d:70:46:9c:52:f5:fa:71:26:6a:c5:6a:3c:2a:
b2:22:d0:97:8c:74:08:f7:c2:0f:a9:1b:89:c3:84:76:76:67:
ba:02:ae:16:c9:53:88:97:b4:61:5c:09:bf:c9:3b:50:af:3c:
91:ec:38:1e:fc:38:ba:3a:09:1e:d2:f4:32:19:51:31:4c:ac:
0a:12:60:04:ad:70:42:70:0a:b7:ce:e7:20:e4:38:d2:e4:ea:
03:4b:e1:e5:f2:bc:f1:c2:09:59:a2:69:32:bd:86:fd:bc:61:
ff:6c:bc:03:87:b6:23:97:00:6f:6b:74:7a:fb:51:e6:6d:ec:
56:04:c1:32:fa:23:db:61:10:e2:e2:e2:98:53:97:af:6e:1d:
f6:91:a2:34:3f:a7:66:ef:70:ba:46:69:13:2a:4b:dd:ae:40:
d8:c7:87:b3:72:5e:0e:55:92:41:94:0c:41:fa:61:cc:46:cf:
2d:23:cc:d7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvY8bkbTfihoxaa6tV4OKewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODhiZDVjYTljNGY2MWRhYjc4YzEzODU1MGJmMzFkYTNjMWRmOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgV2mhwTsuGrY54kLVd+aT7mUyxw
O44n4956I7hLaAjbIxE6S+qJwoMeeQEZlplF5Aowaup8nMs97Eu+1mCdq9sy3TZ4
7AhMDI62yV+e+GYEzucUQNkbieBXCokmI+TRbKyLY69Ut5+TWsU7npUv7+PtUtop
UUM5b2b3R13w/yb9xg3lTBEYxwqGxgk6DOiTrUEcL60BxhP7AMDkC/PnRIh2Yr6o
zq1FB990C5fWx97SdV4i9vK/ql/WXveI60CLm14RVNS2RHpRohRac9dRA7oYwoJM
DqdDcA8b45AHPU9Ol4+sJx1E9daLaVe+XzdVmZqzctS9kaJHD6s1Syl1YwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBiL1cqcT2Hat4wThVC/Mdo8HfitMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvR0l2VnlweFBZZHEzakJPRlVMOHgyandkLUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgEIcAMF
ACoBCPgwDQYJKoZIhvcNAQELBQADggEBAEjsgRr0LJKrnodPOJFYa+u6N81LIj+c
U0X30x8hG4EHSW0z9t2UR286t1N3RcVWeoimUemrVn6P+SKGziSo+XDf54OeqGX2
+LZOd+xtcEacUvX6cSZqxWo8KrIi0JeMdAj3wg+pG4nDhHZ2Z7oCrhbJU4iXtGFc
Cb/JO1CvPJHsOB78OLo6CR7S9DIZUTFMrAoSYAStcEJwCrfO5yDkONLk6gNL4eXy
vPHCCVmiaTK9hv28Yf9svAOHtiOXAG9rdHr7UeZt7FYEwTL6I9thEOLi4phTl69u
HfaRojQ/p2bvcLpGaRMqS92uQNjHh7NyXg5VkkGUDEH6YcxGzy0jzNc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:25 2024 by rpki-client on console.sobornost.net