Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/GrcHQWbmgM8kz-1cC4H9uZNUNxQ.roa
File: GrcHQWbmgM8kz-1cC4H9uZNUNxQ.roa (raw, json)
Hash identifier: 7PD855EqW2vg/BU4vNDZZiSxSYE7+Ch4UAuHmoXljsQ=
Subject key identifier: 1A:B7:07:41:66:E6:80:CF:24:CF:ED:5C:0B:81:FD:B9:93:54:37:14
Certificate issuer: /CN=5ccf7b3fd87ce9bce99f900b64199d606bf16069
Certificate serial: 019422FB1FA4DAF36DEF717E43386A72BDA5
Authority key identifier: 5C:CF:7B:3F:D8:7C:E9:BC:E9:9F:90:0B:64:19:9D:60:6B:F1:60:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/GrcHQWbmgM8kz-1cC4H9uZNUNxQ.roa
Signing time: Wed 01 Jan 2025 17:47:50 +0000
ROA not before: Wed 01 Jan 2025 17:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1128
IP address blocks: 130.161.0.0/16 maxlen: 16
131.180.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:1f:a4:da:f3:6d:ef:71:7e:43:38:6a:72:bd:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccf7b3fd87ce9bce99f900b64199d606bf16069
Validity
Not Before: Jan 1 17:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ab7074166e680cf24cfed5c0b81fdb993543714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f2:ea:fe:88:e0:27:6e:f8:ed:ed:46:b3:b0:
e8:19:79:91:e8:d1:54:ce:1c:ef:b6:da:49:7e:5f:
94:de:89:00:06:6d:49:05:88:4a:2b:24:db:49:db:
9a:a9:d4:75:17:0b:c9:e4:26:3e:ba:d5:4e:eb:ee:
5d:4c:ff:2e:9b:60:c2:06:3f:93:1c:0b:08:ea:68:
7d:f0:4f:53:ba:43:22:42:e7:ef:73:2d:f3:d2:c7:
8f:e4:fc:08:6e:a2:d3:ba:a9:a1:6c:e8:df:e1:98:
1a:2c:93:63:a0:bf:bc:44:a2:11:1c:18:81:cf:44:
c6:65:7c:de:80:86:2a:90:8e:26:47:a4:ce:c5:4e:
19:56:a8:76:5a:7d:37:dd:ff:21:67:bd:8b:a0:f3:
e3:2b:e8:e7:00:7f:05:6e:80:23:ac:96:d5:2f:37:
b2:74:f1:91:ab:29:97:8a:34:97:77:bc:68:80:41:
ba:cb:b5:63:af:36:1f:48:08:8a:f6:5b:ad:b7:1d:
23:ec:e0:b3:3e:7e:89:d3:9f:1f:0e:22:4f:5b:d3:
bf:45:cc:55:e6:e8:7d:0e:5e:78:35:75:b8:c2:1e:
b1:e0:da:a2:3a:e4:8e:a3:ca:17:65:6c:34:19:45:
1b:28:77:35:d2:1a:6c:57:bd:5f:9e:2e:1d:7c:0c:
9e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B7:07:41:66:E6:80:CF:24:CF:ED:5C:0B:81:FD:B9:93:54:37:14
X509v3 Authority Key Identifier:
keyid:5C:CF:7B:3F:D8:7C:E9:BC:E9:9F:90:0B:64:19:9D:60:6B:F1:60:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM97P9h86bzpn5ALZBmdYGvxYGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/GrcHQWbmgM8kz-1cC4H9uZNUNxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54debb-d0b6-44d1-8e58-8cf9e6f8ab45/1/XM97P9h86bzpn5ALZBmdYGvxYGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.161.0.0/16
131.180.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:b6:91:fd:b8:68:33:ce:c0:db:e3:a0:d3:e1:1b:23:c0:9b:
c6:41:76:47:81:a3:0c:42:c2:48:3e:20:a4:10:86:d1:df:c7:
7b:fd:34:97:65:14:26:42:8c:1c:82:bc:d5:41:c6:d7:3e:80:
23:5f:08:d0:2e:aa:f1:f1:60:4a:3e:09:63:db:38:de:59:f7:
11:6b:ca:5b:0e:20:4a:31:5c:27:0b:5b:f6:2b:bd:7e:b7:41:
55:cc:a3:10:29:06:33:52:47:5f:74:ce:75:63:8c:e1:80:6d:
52:41:cc:14:89:0b:32:81:4b:9e:5b:b0:c4:8f:a6:86:08:be:
7a:52:d8:9c:c0:64:4c:ad:91:2e:d0:9c:35:0b:8d:7f:5c:c2:
e1:36:f7:5d:ee:ce:b4:7a:d8:f4:68:63:17:8b:6f:a8:e2:ed:
03:e0:4d:1e:8a:26:bd:37:78:81:e9:ca:36:b9:02:10:17:15:
eb:45:2a:08:72:9c:4b:75:2b:10:db:e5:23:6f:70:a0:cf:d8:
b2:37:93:a2:c2:ca:55:d7:82:54:f9:c2:5d:1f:54:61:e1:3c:
0a:03:79:ec:f1:33:66:b5:9d:a2:f3:fb:73:e9:fa:ae:2f:48:
20:1d:dd:fa:7f:74:f5:6f:1e:0c:29:b4:0d:5a:78:88:1a:6d:
05:b4:f0:ac
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQi+x+k2vNt73F+Qzhqcr2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2Y3YjNmZDg3Y2U5YmNlOTlmOTAwYjY0MTk5ZDYwNmJm
MTYwNjkwHhcNMjUwMTAxMTc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI3MDc0MTY2ZTY4MGNmMjRjZmVkNWMwYjgxZmRiOTkzNTQzNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPLq/ojgJ2747e1Gs7DoGXmR6NFU
zhzvttpJfl+U3okABm1JBYhKKyTbSduaqdR1FwvJ5CY+utVO6+5dTP8um2DCBj+T
HAsI6mh98E9TukMiQufvcy3z0seP5PwIbqLTuqmhbOjf4ZgaLJNjoL+8RKIRHBiB
z0TGZXzegIYqkI4mR6TOxU4ZVqh2Wn033f8hZ72LoPPjK+jnAH8FboAjrJbVLzey
dPGRqymXijSXd7xogEG6y7VjrzYfSAiK9luttx0j7OCzPn6J058fDiJPW9O/RcxV
5uh9Dl54NXW4wh6x4NqiOuSOo8oXZWw0GUUbKHc10hpsV71fni4dfAyeWwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFBq3B0Fm5oDPJM/tXAuB/bmTVDcUMB8GA1UdIwQY
MBaAFFzPez/YfOm86Z+QC2QZnWBr8WBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NGRlYmItZDBiNi00NGQxLThlNTgt
OGNmOWU2ZjhhYjQ1LzEvR3JjSFFXYm1nTThrei0xY0M0SDl1Wk5VTnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81NGRlYmItZDBiNi00NGQxLThlNTgtOGNmOWU2ZjhhYjQ1
LzEvWE05N1A5aDg2YnpwbjVBTFpCbWRZR3Z4WUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAgqEDAwCD
tDANBgkqhkiG9w0BAQsFAAOCAQEAVraR/bhoM87A2+Og0+EbI8CbxkF2R4GjDELC
SD4gpBCG0d/He/00l2UUJkKMHIK81UHG1z6AI18I0C6q8fFgSj4JY9s43ln3EWvK
Ww4gSjFcJwtb9iu9frdBVcyjECkGM1JHX3TOdWOM4YBtUkHMFIkLMoFLnluwxI+m
hgi+elLYnMBkTK2RLtCcNQuNf1zC4Tb3Xe7OtHrY9GhjF4tvqOLtA+BNHoomvTd4
genKNrkCEBcV60UqCHKcS3UrENvlI29woM/YsjeTosLKVdeCVPnCXR9UYeE8CgN5
7PEzZrWdovP7c+n6ri9IIB3d+n909W8eDCm0DVp4iBptBbTwrA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:04 2025 by rpki-client