Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GrCub5MwJjxAcdB732g47z5gvcw.roa
File: GrCub5MwJjxAcdB732g47z5gvcw.roa (raw, json)
Hash identifier: 43pWUxH6EY8BE8XkI3r2qh84yGBkN8b0erf/PNQt4A8=
Subject key identifier: 1A:B0:AE:6F:93:30:26:3C:40:71:D0:7B:DF:68:38:EF:3E:60:BD:CC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48ADBBAB6259DA383060EAC82D0B600
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GrCub5MwJjxAcdB732g47z5gvcw.roa
Signing time: Tue 24 Jan 2023 16:09:43 +0000
ROA not before: Tue 24 Jan 2023 16:09:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207466
IP address blocks: 2a0e:b107:f60::/48 maxlen: 48
2a0e:b107:f68::/48 maxlen: 48
2a0e:b107:f60::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Feb 2023 18:36:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:db:ba:b6:25:9d:a3:83:06:0e:ac:82:d0:b6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ab0ae6f9330263c4071d07bdf6838ef3e60bdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bc:a0:60:b3:1c:a4:6c:76:ac:40:41:0f:f6:
f7:f2:66:b8:c8:0d:35:e8:e3:e7:3a:67:88:cc:f5:
21:8b:0b:97:47:c4:69:39:47:11:80:a9:53:77:2e:
e0:b0:51:16:a6:2e:84:d2:82:a7:47:2d:c0:70:cb:
bb:db:43:cc:b7:47:c9:50:8a:90:c1:77:8e:32:a7:
72:2b:b9:46:ff:0e:de:73:0d:24:6e:e5:d9:e0:43:
e4:a8:90:ec:a1:47:d8:84:a5:9a:cf:d4:34:0d:28:
22:3f:11:08:bc:c8:1a:cf:c0:66:6d:71:c6:e6:6c:
16:43:5d:05:13:f2:e8:03:e3:cb:9c:0f:4b:35:70:
5f:f6:f6:81:77:df:f3:c1:ce:e8:57:97:6a:a1:4f:
72:6b:3e:0e:20:91:3f:1c:45:f9:23:34:36:c2:c8:
dc:e9:0f:12:65:3c:17:82:12:cc:91:f7:1e:e3:08:
1b:6e:fc:44:7d:25:42:47:b7:2e:f3:98:da:89:1b:
6c:5d:a4:6e:93:60:a8:23:3a:52:1e:1a:11:be:74:
cf:74:1e:a2:a9:24:58:99:12:b8:f4:14:51:51:b0:
60:ac:b0:7f:cf:5c:47:73:aa:f6:0d:11:cc:2c:af:
13:54:50:06:17:ae:2c:a4:e3:b2:1a:d2:bd:49:ea:
51:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B0:AE:6F:93:30:26:3C:40:71:D0:7B:DF:68:38:EF:3E:60:BD:CC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GrCub5MwJjxAcdB732g47z5gvcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f60::/44
Signature Algorithm: sha256WithRSAEncryption
3b:28:a6:2f:fa:d3:01:93:3b:71:60:e4:4f:c0:56:80:d5:1b:
e6:76:c3:58:0b:f4:e0:45:c9:ee:6f:2d:bb:fd:48:74:41:97:
17:bd:24:1c:22:a7:7b:e2:2a:b7:be:d7:a7:27:87:69:eb:88:
c1:0b:b5:5b:c9:cd:d0:53:de:76:31:69:ee:71:f8:9f:7c:5e:
7a:7b:21:21:cd:d1:78:d8:c5:ff:ec:e8:38:a2:f9:5d:6d:dd:
e6:dc:94:7f:32:ec:4a:9f:d7:4f:2d:d8:6f:ca:5c:b0:58:a2:
e8:1a:17:57:56:b8:86:f2:e4:8f:e9:ed:5b:54:08:8b:69:15:
27:4b:20:ae:2c:5b:b5:16:6f:bd:5d:32:2b:a4:eb:8f:22:85:
7f:fa:ed:87:bd:0c:1c:b0:36:24:7e:cd:20:d0:1b:95:11:15:
79:92:3c:83:89:b6:2d:5e:6c:9d:d6:fc:b9:4f:ca:4b:18:d2:
d9:ae:fe:cc:79:7a:a8:14:26:c7:fc:10:7d:79:99:ae:7b:83:
71:45:b4:6f:2e:6c:4f:dd:82:59:ff:64:1c:6a:f1:52:c2:d6:
d2:dc:72:a4:1f:8c:17:86:85:eb:62:2d:ec:2e:cc:5d:1e:9b:
71:49:34:23:75:17:fd:7b:ac:72:db:46:f4:27:dd:6b:a5:0c:
58:0f:29:80
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkitu6tiWdo4MGDqyC0LYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWIwYWU2ZjkzMzAyNjNjNDA3MWQwN2JkZjY4MzhlZjNlNjBiZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbygYLMcpGx2rEBBD/b38ma4yA01
6OPnOmeIzPUhiwuXR8RpOUcRgKlTdy7gsFEWpi6E0oKnRy3AcMu720PMt0fJUIqQ
wXeOMqdyK7lG/w7ecw0kbuXZ4EPkqJDsoUfYhKWaz9Q0DSgiPxEIvMgaz8BmbXHG
5mwWQ10FE/LoA+PLnA9LNXBf9vaBd9/zwc7oV5dqoU9yaz4OIJE/HEX5IzQ2wsjc
6Q8SZTwXghLMkfce4wgbbvxEfSVCR7cu85jaiRtsXaRuk2CoIzpSHhoRvnTPdB6i
qSRYmRK49BRRUbBgrLB/z1xHc6r2DRHMLK8TVFAGF64spOOyGtK9SepRmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBqwrm+TMCY8QHHQe99oOO8+YL3MMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR3JDdWI1TXdKanhBY2RCNzMyZzQ3ejVndmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw9g
MA0GCSqGSIb3DQEBCwUAA4IBAQA7KKYv+tMBkztxYORPwFaA1RvmdsNYC/TgRcnu
by27/Uh0QZcXvSQcIqd74iq3vtenJ4dp64jBC7Vbyc3QU952MWnucfiffF56eyEh
zdF42MX/7Og4ovldbd3m3JR/MuxKn9dPLdhvylywWKLoGhdXVriG8uSP6e1bVAiL
aRUnSyCuLFu1Fm+9XTIrpOuPIoV/+u2HvQwcsDYkfs0g0BuVERV5kjyDibYtXmyd
1vy5T8pLGNLZrv7MeXqoFCbH/BB9eZmue4NxRbRvLmxP3YJZ/2QcavFSwtbS3HKk
H4wXhoXrYi3sLsxdHptxSTQjdRf9e6xy20b0J91rpQxYDymA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:58 2024 by rpki-client on console-ams.rpki-client.org