Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/grpQT_-cKgV7-Pe4T4yra7_G8K0.roa
File: grpQT_-cKgV7-Pe4T4yra7_G8K0.roa (raw, json)
Hash identifier: Dq5lrkIDuJE2TrjMZqoU+lf6LvKquyK9Rg7c/OtUC0c=
Subject key identifier: 82:BA:50:4F:FF:9C:2A:05:7B:F8:F7:B8:4F:8C:AB:6B:BF:C6:F0:AD
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 01856C65CCE2DEF9F0251552928FD2A320F4
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/grpQT_-cKgV7-Pe4T4yra7_G8K0.roa
Signing time: Sun 01 Jan 2023 08:14:48 +0000
ROA not before: Sun 01 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28785
IP address blocks: 46.20.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cc:e2:de:f9:f0:25:15:52:92:8f:d2:a3:20:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82ba504fff9c2a057bf8f7b84f8cab6bbfc6f0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b4:68:cd:dc:7e:92:7f:ba:c4:dd:a4:19:19:
ec:20:0b:b5:2f:f6:ca:a2:f0:c3:28:55:ba:37:3a:
96:76:fe:65:90:c7:8e:5b:43:f1:53:f8:39:24:43:
80:91:0b:c1:80:70:a6:fc:a5:9f:ef:02:79:78:3e:
8c:63:17:70:53:c3:98:80:a7:a1:4c:88:8a:80:f9:
94:0c:4d:fa:1f:46:70:ad:6e:a5:34:5e:b1:ab:f4:
23:e3:20:6f:87:89:36:3b:aa:89:90:7a:b4:72:6b:
8c:50:72:f9:dd:d0:92:a2:20:86:ae:da:b8:55:4c:
d3:a4:03:41:d7:7f:e2:63:94:9e:fe:56:f0:69:1a:
d9:58:7c:15:8c:f1:72:17:c8:73:a5:ba:65:7d:48:
7c:b5:1d:3a:8e:16:38:91:fb:c1:15:91:91:7c:c2:
68:6e:ea:b9:56:00:b3:bf:e1:c4:a7:61:cf:3d:e3:
15:cf:d2:8d:65:bc:20:95:ef:ec:fb:14:c7:00:62:
a2:e3:40:eb:f0:69:53:c5:eb:63:09:71:84:84:fc:
9e:e1:16:92:cd:10:0b:04:dc:ec:a1:50:4f:00:27:
87:db:51:81:2a:6e:66:84:1d:a8:00:c1:d5:e7:4d:
79:80:81:e8:6d:79:11:4a:89:38:2b:15:38:fc:99:
d4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BA:50:4F:FF:9C:2A:05:7B:F8:F7:B8:4F:8C:AB:6B:BF:C6:F0:AD
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/grpQT_-cKgV7-Pe4T4yra7_G8K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:cd:fd:f9:f2:64:0f:39:ea:a7:cd:34:1e:a9:5f:c3:02:a3:
08:84:cc:ea:e1:63:c7:e3:b8:77:55:d7:66:f2:85:06:24:0a:
38:ac:a9:20:42:bd:28:64:ff:19:88:75:72:d6:f0:0d:89:df:
ca:63:4f:7c:85:96:87:6f:7e:44:90:e6:47:0e:e2:f4:aa:d6:
75:e4:d5:99:79:80:46:b2:d2:d5:b0:1d:06:b3:6e:30:dc:cb:
e4:90:f3:bf:b3:e3:dc:60:b3:28:14:3c:5d:e0:2f:6f:e0:73:
32:ad:dc:c2:fd:05:23:c6:3c:08:cf:20:19:83:71:57:d3:74:
5d:0b:bc:26:6b:88:aa:ae:b0:4b:98:d2:bb:b4:d9:52:16:18:
30:aa:4d:ca:e1:ec:5b:fb:bb:86:c8:47:fd:d1:ee:10:50:d3:
ba:4e:af:64:73:06:a3:2e:5d:1c:45:1f:1b:2c:72:ce:2e:96:
1e:eb:dc:68:fb:32:39:db:6f:bc:b8:94:2e:d9:14:7c:3d:73:
a4:a4:b5:b4:7c:7f:54:c7:87:a7:bf:a6:c4:14:94:92:a2:fb:
8c:40:52:4b:07:e3:d4:8f:ee:95:71:4b:36:b9:ad:b6:03:50:
74:96:06:ab:04:04:e0:b1:89:4c:7f:fc:ec:78:be:59:21:f4:
7e:3e:2a:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZczi3vnwJRVSko/SoyD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwMTAxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmJhNTA0ZmZmOWMyYTA1N2JmOGY3Yjg0ZjhjYWI2YmJmYzZmMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7Rozdx+kn+6xN2kGRnsIAu1L/bK
ovDDKFW6NzqWdv5lkMeOW0PxU/g5JEOAkQvBgHCm/KWf7wJ5eD6MYxdwU8OYgKeh
TIiKgPmUDE36H0ZwrW6lNF6xq/Qj4yBvh4k2O6qJkHq0cmuMUHL53dCSoiCGrtq4
VUzTpANB13/iY5Se/lbwaRrZWHwVjPFyF8hzpbplfUh8tR06jhY4kfvBFZGRfMJo
buq5VgCzv+HEp2HPPeMVz9KNZbwgle/s+xTHAGKi40Dr8GlTxetjCXGEhPye4RaS
zRALBNzsoVBPACeH21GBKm5mhB2oAMHV5015gIHobXkRSok4KxU4/JnU4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK6UE//nCoFe/j3uE+Mq2u/xvCtMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvZ3JwUVRfLWNLZ1Y3LVBlNFQ0eXJhN19HOEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhQxMA0G
CSqGSIb3DQEBCwUAA4IBAQBPzf358mQPOeqnzTQeqV/DAqMIhMzq4WPH47h3Vddm
8oUGJAo4rKkgQr0oZP8ZiHVy1vANid/KY098hZaHb35EkOZHDuL0qtZ15NWZeYBG
stLVsB0Gs24w3MvkkPO/s+PcYLMoFDxd4C9v4HMyrdzC/QUjxjwIzyAZg3FX03Rd
C7wma4iqrrBLmNK7tNlSFhgwqk3K4exb+7uGyEf90e4QUNO6Tq9kcwajLl0cRR8b
LHLOLpYe69xo+zI522+8uJQu2RR8PXOkpLW0fH9Ux4env6bEFJSSovuMQFJLB+PU
j+6VcUs2ua22A1B0lgarBATgsYlMf/zseL5ZIfR+Pior
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org