Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/GrTMGq_ohti32rdy2TirGr7YS0s.roa
File: GrTMGq_ohti32rdy2TirGr7YS0s.roa (raw, json)
Hash identifier: hMwxNt+JDeWePklnhoVwrA5q6sqPM+GXGKdhzvkjvgI=
Subject key identifier: 1A:B4:CC:1A:AF:E8:86:D8:B7:DA:B7:72:D9:38:AB:1A:BE:D8:4B:4B
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 01856C0A685CDE949D97E1ABDA7A96A26082
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/GrTMGq_ohti32rdy2TirGr7YS0s.roa
Signing time: Sun 01 Jan 2023 06:34:59 +0000
ROA not before: Sun 01 Jan 2023 06:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47444
IP address blocks: 86.117.140.0/23 maxlen: 23
160.62.12.0/24 maxlen: 24
160.62.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:68:5c:de:94:9d:97:e1:ab:da:7a:96:a2:60:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 1 06:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ab4cc1aafe886d8b7dab772d938ab1abed84b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:95:92:56:35:a8:de:15:ff:fa:25:e4:8b:
16:37:21:d2:d9:dc:ac:92:d1:c1:a6:3b:f0:7e:89:
ef:63:a6:3a:46:81:24:fa:53:c2:05:6e:57:81:54:
29:cd:59:73:fa:2c:91:2c:17:b1:30:96:4e:1d:44:
90:64:20:2c:34:62:fc:9e:ae:bb:10:d4:eb:b1:06:
b2:7e:49:47:0e:cd:3b:a1:3f:50:d5:16:d1:91:78:
62:c2:82:e5:a8:c3:27:23:17:d7:14:f5:7a:d3:bf:
b4:ee:32:85:45:9f:f8:b3:ca:f6:3f:51:d3:89:d1:
b1:23:a1:0b:52:d4:d8:6e:5e:99:45:59:e5:f9:94:
c8:54:63:3b:b4:40:83:fc:58:58:31:53:54:19:4b:
84:4c:2c:5e:16:4a:39:0f:49:41:23:ea:00:08:08:
71:f7:c3:2d:08:de:8a:7e:33:b0:57:dd:e4:b5:44:
b0:9f:92:44:dc:66:33:1f:00:c9:3b:be:7d:65:93:
dc:c8:94:5e:7c:30:39:e9:b5:f0:9b:10:b6:84:97:
07:b6:d5:2d:4e:d5:cb:6a:61:ed:2a:33:75:d7:a2:
43:a4:b7:80:cf:0b:30:00:9a:d0:f4:f0:24:16:63:
17:90:4e:be:36:93:d2:ba:e4:a9:68:34:32:94:6c:
e3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B4:CC:1A:AF:E8:86:D8:B7:DA:B7:72:D9:38:AB:1A:BE:D8:4B:4B
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/GrTMGq_ohti32rdy2TirGr7YS0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.117.140.0/23
160.62.12.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:00:56:74:6a:af:87:21:a9:24:37:e1:f2:33:6a:57:83:75:
1a:55:d3:7c:03:51:56:5d:4f:ae:5d:38:2f:69:f0:21:91:fa:
3b:7d:61:be:b3:22:42:9c:1e:1c:74:00:a6:7d:69:b9:1f:9f:
f8:b9:f3:7c:11:c6:a0:98:f8:ef:e7:9e:f6:de:dc:fd:32:83:
ea:14:03:55:fb:c5:22:35:bb:08:72:3e:2e:89:7c:3a:4d:87:
8e:ea:ff:e8:7a:2a:a9:8f:9e:a0:d9:98:3a:64:7c:7f:5d:05:
52:3f:b3:f8:96:63:9f:2c:7e:cf:62:33:d3:73:23:2b:a9:c3:
af:af:87:a3:1f:ed:67:2b:95:59:e6:dc:dc:1b:1f:fb:c3:70:
d7:59:97:35:fc:2c:d3:a6:08:cc:e3:bb:2b:91:1b:a7:31:6d:
ba:81:61:66:fa:57:de:69:19:27:3f:50:91:eb:44:b6:ae:8c:
ea:e5:b3:99:ea:cf:28:10:cb:35:d3:47:af:44:2f:99:e6:a2:
3b:86:09:77:fa:66:96:c8:9d:b3:88:67:17:cf:3f:72:38:69:
12:66:1a:35:23:3b:84:6f:7f:82:fb:61:42:c4:af:1b:d2:48:
19:28:4b:f5:20:74:db:8e:a4:95:8d:6c:65:4b:f6:6b:99:d9:
ea:3a:5c:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCmhc3pSdl+Gr2nqWomCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwMTAxMDYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI0Y2MxYWFmZTg4NmQ4YjdkYWI3NzJkOTM4YWIxYWJlZDg0YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8CVklY1qN4V//ol5IsWNyHS2dys
ktHBpjvwfonvY6Y6RoEk+lPCBW5XgVQpzVlz+iyRLBexMJZOHUSQZCAsNGL8nq67
ENTrsQayfklHDs07oT9Q1RbRkXhiwoLlqMMnIxfXFPV607+07jKFRZ/4s8r2P1HT
idGxI6ELUtTYbl6ZRVnl+ZTIVGM7tECD/FhYMVNUGUuETCxeFko5D0lBI+oACAhx
98MtCN6KfjOwV93ktUSwn5JE3GYzHwDJO759ZZPcyJRefDA56bXwmxC2hJcHttUt
TtXLamHtKjN116JDpLeAzwswAJrQ9PAkFmMXkE6+NpPSuuSpaDQylGzjjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBq0zBqv6IbYt9q3ctk4qxq+2EtLMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvR3JUTUdxX29odGkzMnJkeTJUaXJHcjdZUzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVnWMAwQB
oD4MMA0GCSqGSIb3DQEBCwUAA4IBAQCoAFZ0aq+HIakkN+HyM2pXg3UaVdN8A1FW
XU+uXTgvafAhkfo7fWG+syJCnB4cdACmfWm5H5/4ufN8EcagmPjv55723tz9MoPq
FANV+8UiNbsIcj4uiXw6TYeO6v/oeiqpj56g2Zg6ZHx/XQVSP7P4lmOfLH7PYjPT
cyMrqcOvr4ejH+1nK5VZ5tzcGx/7w3DXWZc1/CzTpgjM47srkRunMW26gWFm+lfe
aRknP1CR60S2rozq5bOZ6s8oEMs100evRC+Z5qI7hgl3+maWyJ2ziGcXzz9yOGkS
Zho1IzuEb3+C+2FCxK8b0kgZKEv1IHTbjqSVjWxlS/ZrmdnqOlww
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org