Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/srtF7ph8HkNkzQXDUE-S6_y9iMM.roa
File: srtF7ph8HkNkzQXDUE-S6_y9iMM.roa (raw, json)
Hash identifier: TWY5eZC1ZhILaJoBoxIbrKYYhtxZujk960flywN3Q88=
Subject key identifier: B2:BB:45:EE:98:7C:1E:43:64:CD:05:C3:50:4F:92:EB:FC:BD:88:C3
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018C1181B246CE0798826E95C59035D1278E
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/srtF7ph8HkNkzQXDUE-S6_y9iMM.roa
Signing time: Mon 27 Nov 2023 15:59:21 +0000
ROA not before: Mon 27 Nov 2023 15:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 217.144.176.0/20 maxlen: 32
185.136.32.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Dec 2023 14:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:81:b2:46:ce:07:98:82:6e:95:c5:90:35:d1:27:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Nov 27 15:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2bb45ee987c1e4364cd05c3504f92ebfcbd88c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:79:1f:00:56:67:04:00:ce:90:22:27:b7:d2:
70:51:ad:73:1b:12:04:4a:08:0e:02:f7:2a:c5:05:
2d:30:46:b9:77:38:fb:28:30:d4:69:09:6c:63:c1:
9c:51:fa:e1:49:76:65:31:b8:35:df:5a:46:99:4d:
aa:31:5d:91:10:ce:97:ca:52:eb:95:c8:4c:16:3a:
d6:87:e2:a3:04:40:19:41:28:77:9f:c5:68:e2:6a:
a5:1a:23:f8:5f:9a:81:a4:ef:30:ac:3a:22:6b:bd:
fb:15:1e:1c:2d:6b:f7:6c:42:85:ea:a7:18:a2:80:
2e:f5:68:30:74:2a:b5:45:f9:c8:d4:09:6b:2f:02:
a4:e4:77:6b:45:b3:64:d7:d0:28:27:29:e8:f8:da:
90:ca:8a:05:7f:28:f7:57:4a:0e:c1:34:47:35:06:
6d:76:69:83:57:08:d5:bd:37:d1:f5:71:58:13:b4:
b5:32:12:a9:0f:ca:f3:b1:0f:f3:81:93:e4:da:97:
18:da:de:da:12:4c:8b:aa:69:f4:ce:7a:2c:ab:c9:
47:64:72:01:69:df:38:24:f8:ad:ba:3f:74:23:fd:
6c:ae:ac:de:e4:81:94:63:5f:7f:f8:02:ed:b4:82:
5f:95:c0:89:be:1b:da:8c:6b:ae:b0:81:51:55:6d:
93:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BB:45:EE:98:7C:1E:43:64:CD:05:C3:50:4F:92:EB:FC:BD:88:C3
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/srtF7ph8HkNkzQXDUE-S6_y9iMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.32.0/22
217.144.176.0/20
Signature Algorithm: sha256WithRSAEncryption
33:49:83:87:7c:a2:66:61:e1:86:39:35:f1:53:40:a7:32:df:
0a:eb:78:93:3b:66:2b:2c:25:a1:4e:f1:07:3d:ca:e3:86:ac:
3b:fb:4f:c3:b0:4f:f1:0b:5d:50:ca:ce:1e:93:fc:63:fe:78:
11:82:84:c5:43:db:5b:3e:42:10:12:88:25:63:d7:12:0b:7b:
dc:fd:8b:2d:33:24:74:1b:4b:7e:8e:72:07:be:b2:cd:11:f5:
46:28:a5:57:21:5e:eb:99:b9:6a:ec:c3:4d:87:64:eb:83:91:
a0:06:2c:a6:ba:5c:ad:d1:36:dc:51:2b:0d:cd:df:c1:3e:b2:
0d:ad:57:b4:7b:d8:f0:5b:2b:b2:17:79:7b:5f:b9:87:5c:46:
7c:dc:6c:d2:8b:3b:80:fd:20:0d:08:cb:5f:f7:f5:f4:c7:12:
4d:54:db:d3:9a:04:cb:66:ef:39:d9:73:9d:79:63:51:0e:a8:
c4:60:e1:8f:3d:c4:89:bc:85:c8:29:6d:64:d9:6b:e2:72:01:
cc:5e:4a:83:4a:8e:44:84:da:1b:7d:7d:54:8e:90:de:c4:38:
10:da:d8:cb:26:f8:51:14:53:6e:5f:6e:68:97:d4:b0:19:07:
a6:87:76:5e:ff:80:f2:48:cf:3d:2c:cb:8a:c4:e7:8b:bc:09:
c9:eb:69:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwRgbJGzgeYgm6VxZA10SeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMTI3MTU1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmJiNDVlZTk4N2MxZTQzNjRjZDA1YzM1MDRmOTJlYmZjYmQ4OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3kfAFZnBADOkCInt9JwUa1zGxIE
SggOAvcqxQUtMEa5dzj7KDDUaQlsY8GcUfrhSXZlMbg131pGmU2qMV2REM6XylLr
lchMFjrWh+KjBEAZQSh3n8Vo4mqlGiP4X5qBpO8wrDoia737FR4cLWv3bEKF6qcY
ooAu9WgwdCq1RfnI1AlrLwKk5HdrRbNk19AoJyno+NqQyooFfyj3V0oOwTRHNQZt
dmmDVwjVvTfR9XFYE7S1MhKpD8rzsQ/zgZPk2pcY2t7aEkyLqmn0znosq8lHZHIB
ad84JPituj90I/1srqze5IGUY19/+ALttIJflcCJvhvajGuusIFRVW2T9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLK7Re6YfB5DZM0Fw1BPkuv8vYjDMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvc3J0RjdwaDhIa05relFYRFVFLVM2X3k5aU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYggAwQE
2ZCwMA0GCSqGSIb3DQEBCwUAA4IBAQAzSYOHfKJmYeGGOTXxU0CnMt8K63iTO2Yr
LCWhTvEHPcrjhqw7+0/DsE/xC11Qys4ek/xj/ngRgoTFQ9tbPkIQEoglY9cSC3vc
/YstMyR0G0t+jnIHvrLNEfVGKKVXIV7rmblq7MNNh2Trg5GgBiymulyt0TbcUSsN
zd/BPrINrVe0e9jwWyuyF3l7X7mHXEZ83GzSizuA/SANCMtf9/X0xxJNVNvTmgTL
Zu852XOdeWNRDqjEYOGPPcSJvIXIKW1k2WvicgHMXkqDSo5EhNobfX1UjpDexDgQ
2tjLJvhRFFNuX25ol9SwGQemh3Ze/4DySM89LMuKxOeLvAnJ62mX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org