Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/s2svx8nk3nn6Tw3asYIlBNUtsFk.roa
File: s2svx8nk3nn6Tw3asYIlBNUtsFk.roa (raw, json)
Hash identifier: cxprHHlW/uJzN5a4LUNAj/J11sNa7bUZkJEnCh1b9rg=
Subject key identifier: B3:6B:2F:C7:C9:E4:DE:79:FA:4F:0D:DA:B1:82:25:04:D5:2D:B0:59
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8013467495B1E242AAD4C46FAB1A075
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/s2svx8nk3nn6Tw3asYIlBNUtsFk.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202555
IP address blocks: 217.69.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:34:67:49:5b:1e:24:2a:ad:4c:46:fa:b1:a0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b36b2fc7c9e4de79fa4f0ddab1822504d52db059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:19:fb:86:7a:a1:45:63:77:d9:39:0a:45:c3:
97:fc:e4:b1:d8:b8:43:b9:fc:59:cf:d2:0a:ab:b6:
2c:8b:cc:e5:7c:f5:d2:ed:33:34:97:7f:c7:47:d6:
3b:95:ff:50:fe:3b:77:67:12:62:03:44:90:3e:9d:
e5:97:7e:1b:bb:75:68:c7:57:20:b0:fb:20:f6:d5:
1b:4b:54:50:65:c1:8e:47:3a:21:79:18:bf:72:dc:
f5:83:ba:b7:16:d9:21:c9:5d:e3:da:d5:2e:1e:50:
61:99:86:00:0b:a7:c7:25:e2:ae:a7:dd:7a:dd:65:
65:12:1c:46:c1:e8:77:e2:8a:e5:c5:a8:a8:2a:58:
8d:99:24:40:2f:e9:44:8b:40:d1:27:b8:c3:68:23:
31:79:b6:b6:be:40:1c:8b:91:0b:d6:5e:4f:6a:33:
e8:3d:19:2c:8b:d0:a7:55:fe:95:0c:45:f2:b1:06:
f0:43:1f:92:0c:a5:88:37:f2:d9:8d:6e:25:1d:36:
56:42:ad:76:e5:6f:42:1f:b5:b1:82:4a:05:c2:f7:
ed:1a:37:9a:22:b3:29:38:45:19:af:3b:dd:85:9f:
c8:2a:7a:db:86:aa:e8:9e:16:f7:d5:d5:1b:62:0c:
f8:c7:ae:9e:61:e0:7c:5f:ff:a6:a4:0b:73:3e:7b:
c3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6B:2F:C7:C9:E4:DE:79:FA:4F:0D:DA:B1:82:25:04:D5:2D:B0:59
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/s2svx8nk3nn6Tw3asYIlBNUtsFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.69.113.0/24
Signature Algorithm: sha256WithRSAEncryption
45:d6:89:ed:66:2c:6a:97:e1:63:07:10:76:7c:47:39:3f:89:
90:3c:57:1e:1f:04:bf:d0:c6:31:81:a4:b4:48:f3:74:33:7a:
66:6a:7b:24:be:cc:48:cc:fc:ee:e1:6d:2a:eb:10:93:77:bc:
8b:07:5d:a2:8c:5b:27:15:ee:79:e9:b1:9e:42:94:21:f3:9c:
d2:95:64:48:d7:cb:85:1d:50:a1:0d:89:24:b6:a2:a7:e6:39:
e1:17:e0:fe:48:aa:03:fb:a7:3f:d1:bf:bc:0c:7b:00:6c:74:
dd:e2:cc:d8:fe:37:60:5d:97:66:47:55:7c:4d:63:70:07:1c:
24:14:30:35:6e:19:ff:d5:77:63:f3:f0:0b:ab:f6:33:f2:b3:
99:93:ec:3d:63:27:57:0a:66:68:e0:9a:01:ef:b2:eb:aa:30:
d2:4d:59:c8:7d:cc:c4:ae:df:14:ec:94:29:bb:07:c1:5a:d0:
15:99:ac:bf:c5:be:1c:f2:6a:3a:e4:f7:56:72:3e:e6:51:85:
34:30:5f:ff:20:9d:08:29:1f:1a:6a:40:b9:73:ba:c6:0e:90:
8a:4c:7e:9a:93:8c:80:11:35:7f:c9:d4:d1:fa:1d:23:93:d1:
2f:53:ee:c8:15:31:09:fc:74:78:74:b6:20:d9:33:9a:96:15:
bb:cf:9f:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIATRnSVseJCqtTEb6saB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzZiMmZjN2M5ZTRkZTc5ZmE0ZjBkZGFiMTgyMjUwNGQ1MmRiMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xn7hnqhRWN32TkKRcOX/OSx2LhD
ufxZz9IKq7Ysi8zlfPXS7TM0l3/HR9Y7lf9Q/jt3ZxJiA0SQPp3ll34bu3Vox1cg
sPsg9tUbS1RQZcGORzoheRi/ctz1g7q3FtkhyV3j2tUuHlBhmYYAC6fHJeKup916
3WVlEhxGweh34orlxaioKliNmSRAL+lEi0DRJ7jDaCMxeba2vkAci5EL1l5PajPo
PRksi9CnVf6VDEXysQbwQx+SDKWIN/LZjW4lHTZWQq125W9CH7WxgkoFwvftGjea
IrMpOEUZrzvdhZ/IKnrbhqronhb31dUbYgz4x66eYeB8X/+mpAtzPnvDzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNrL8fJ5N55+k8N2rGCJQTVLbBZMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvczJzdng4bmszbm42VHczYXNZSWxCTlV0c0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UVxMA0G
CSqGSIb3DQEBCwUAA4IBAQBF1ontZixql+FjBxB2fEc5P4mQPFceHwS/0MYxgaS0
SPN0M3pmanskvsxIzPzu4W0q6xCTd7yLB12ijFsnFe556bGeQpQh85zSlWRI18uF
HVChDYkktqKn5jnhF+D+SKoD+6c/0b+8DHsAbHTd4szY/jdgXZdmR1V8TWNwBxwk
FDA1bhn/1Xdj8/ALq/Yz8rOZk+w9YydXCmZo4JoB77LrqjDSTVnIfczErt8U7JQp
uwfBWtAVmay/xb4c8mo65PdWcj7mUYU0MF//IJ0IKR8aakC5c7rGDpCKTH6ak4yA
ETV/ydTR+h0jk9EvU+7IFTEJ/HR4dLYg2TOalhW7z5/z
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:15 2025 by rpki-client