Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/gRQkEHUn9BtNIuvGP51ukz-qPxU.roa
File: gRQkEHUn9BtNIuvGP51ukz-qPxU.roa (raw, json)
Hash identifier: 7KfR7xc3Ek+qUirReXey151zyXBuJ2dXOt2mN34DCDg=
Subject key identifier: 81:14:24:10:75:27:F4:1B:4D:22:EB:C6:3F:9D:6E:93:3F:AA:3F:15
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 01856C0A67FCFE2FD1F475DCFF14DBB0919E
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/gRQkEHUn9BtNIuvGP51ukz-qPxU.roa
Signing time: Sun 01 Jan 2023 06:34:59 +0000
ROA not before: Sun 01 Jan 2023 06:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26478
IP address blocks: 160.62.140.0/23 maxlen: 23
86.117.47.0/24 maxlen: 24
160.62.15.0/24 maxlen: 24
160.62.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 18:44:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:67:fc:fe:2f:d1:f4:75:dc:ff:14:db:b0:91:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 1 06:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=811424107527f41b4d22ebc63f9d6e933faa3f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:13:db:f6:ea:5c:48:ee:88:f8:3d:38:88:17:
1c:88:93:38:fa:4e:11:7a:2f:20:58:02:e7:ad:45:
64:a6:a3:6c:4d:46:7c:8e:8f:20:a8:85:8e:a9:a1:
7e:54:44:17:60:80:3d:29:84:1c:d0:ab:c9:a8:c4:
03:6d:48:9c:7d:c3:52:73:67:1d:0e:48:b9:61:e2:
5e:30:d9:c0:c6:89:30:a1:22:60:a6:b1:ff:f6:17:
5b:22:a2:70:30:ce:85:e7:f8:5b:aa:72:44:c1:d8:
46:4c:a1:32:e6:c0:63:42:ff:13:bd:df:e1:90:c3:
ed:f5:79:44:3e:a4:d8:51:76:7c:48:b2:f3:8d:ff:
20:65:b4:c0:ab:d4:99:0c:79:28:7a:22:24:6d:11:
a2:3d:1c:80:6e:b8:65:27:57:12:cf:99:32:a8:b0:
f4:d5:8d:b5:01:2e:27:09:52:68:a9:d1:26:72:e9:
10:ec:dc:24:b2:2d:b8:29:ab:f8:3f:b5:96:25:41:
36:19:da:6e:56:78:c5:ac:0a:84:7e:ef:99:d4:3e:
7a:fb:06:f0:53:25:45:ca:3a:28:49:a2:f7:f5:b6:
f9:35:78:d6:c3:5b:7d:6f:03:79:e0:5b:84:c3:58:
d2:fa:3f:e8:d7:27:13:d2:2c:0d:4a:6c:36:8c:7a:
2d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:14:24:10:75:27:F4:1B:4D:22:EB:C6:3F:9D:6E:93:3F:AA:3F:15
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/gRQkEHUn9BtNIuvGP51ukz-qPxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.117.47.0/24
160.62.14.0/23
160.62.140.0/23
Signature Algorithm: sha256WithRSAEncryption
41:3f:45:d9:7f:d8:9e:77:91:26:8f:dc:38:ca:b3:2a:c2:3d:
85:ba:64:34:d2:69:7a:c6:5b:99:46:28:5f:97:59:14:81:c9:
71:c2:7c:8e:e1:cb:de:6f:09:78:86:d1:90:ed:e9:d7:d8:7c:
7f:6a:0d:99:f1:8c:7b:e8:ed:05:aa:c7:1b:3a:97:46:c9:bf:
7b:f4:65:94:86:0d:a7:69:0f:d1:ab:c2:7a:c2:0a:fb:28:84:
dd:c3:6a:2e:69:0f:31:48:4a:49:2c:a4:60:ad:4d:6c:bf:58:
6b:3b:b2:d1:b6:bb:f4:23:b9:9a:ea:2e:10:5b:c4:e9:df:db:
88:63:64:98:00:b2:0c:aa:0c:7d:35:e8:d0:29:a0:70:cd:e6:
38:7e:e7:bf:4d:37:8c:77:81:a6:53:30:63:8e:b4:68:39:42:
9b:3d:d0:1a:6b:3a:c9:a4:ed:40:3a:36:20:9d:13:99:2a:ad:
c7:9e:b9:67:7a:a7:e1:c3:64:9f:cb:ef:02:a7:e2:24:41:f0:
1b:6e:a6:8f:9e:0f:96:5f:ed:c5:81:af:2b:26:08:b3:fb:b4:
12:be:ea:9f:b5:af:1e:80:31:f4:0d:ea:d9:ff:4c:ee:62:13:
a9:0b:e8:32:fb:d6:c2:86:8d:9d:3e:72:ff:80:4e:88:52:57:
cd:9b:11:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsCmf8/i/R9HXc/xTbsJGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwMTAxMDYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTE0MjQxMDc1MjdmNDFiNGQyMmViYzYzZjlkNmU5MzNmYWEzZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBPb9upcSO6I+D04iBcciJM4+k4R
ei8gWALnrUVkpqNsTUZ8jo8gqIWOqaF+VEQXYIA9KYQc0KvJqMQDbUicfcNSc2cd
Dki5YeJeMNnAxokwoSJgprH/9hdbIqJwMM6F5/hbqnJEwdhGTKEy5sBjQv8Tvd/h
kMPt9XlEPqTYUXZ8SLLzjf8gZbTAq9SZDHkoeiIkbRGiPRyAbrhlJ1cSz5kyqLD0
1Y21AS4nCVJoqdEmcukQ7Nwksi24Kav4P7WWJUE2GdpuVnjFrAqEfu+Z1D56+wbw
UyVFyjooSaL39bb5NXjWw1t9bwN54FuEw1jS+j/o1ycT0iwNSmw2jHotwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIEUJBB1J/QbTSLrxj+dbpM/qj8VMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvZ1JRa0VIVW45QnROSXV2R1A1MXVrei1xUHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVnUvAwQB
oD4OAwQBoD6MMA0GCSqGSIb3DQEBCwUAA4IBAQBBP0XZf9ied5Emj9w4yrMqwj2F
umQ00ml6xluZRihfl1kUgclxwnyO4cvebwl4htGQ7enX2Hx/ag2Z8Yx76O0Fqscb
OpdGyb979GWUhg2naQ/Rq8J6wgr7KITdw2ouaQ8xSEpJLKRgrU1sv1hrO7LRtrv0
I7ma6i4QW8Tp39uIY2SYALIMqgx9NejQKaBwzeY4fue/TTeMd4GmUzBjjrRoOUKb
PdAaazrJpO1AOjYgnROZKq3Hnrlneqfhw2Sfy+8Cp+IkQfAbbqaPng+WX+3Fga8r
Jgiz+7QSvuqfta8egDH0DerZ/0zuYhOpC+gy+9bCho2dPnL/gE6IUlfNmxEA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org