Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/D540n0bQzT8E9STi_t2V5NJxyHM.roa
File: D540n0bQzT8E9STi_t2V5NJxyHM.roa (raw, json)
Hash identifier: ndesXuN6In9c7dxO5urY6Xpe7MoRi4eo6ogh9WCJFWc=
Subject key identifier: 0F:9E:34:9F:46:D0:CD:3F:04:F5:24:E2:FE:DD:95:E4:D2:71:C8:73
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01918A00A276773C6795A183133A2F07E50D
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/D540n0bQzT8E9STi_t2V5NJxyHM.roa
Signing time: Sun 25 Aug 2024 14:46:22 +0000
ROA not before: Sun 25 Aug 2024 14:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134176
IP address blocks: 217.180.20.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 12:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8a:00:a2:76:77:3c:67:95:a1:83:13:3a:2f:07:e5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Aug 25 14:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9e349f46d0cd3f04f524e2fedd95e4d271c873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d7:94:a6:75:6c:00:e2:c6:fc:ee:df:fc:cf:
e1:79:5a:2f:cd:0f:b4:15:bc:b3:da:c6:92:b2:d3:
69:ae:2b:e4:e6:3b:d8:fb:f2:4f:75:af:1d:0a:8d:
93:6d:77:60:c1:a5:bf:18:22:ca:23:a0:58:24:1b:
0f:bf:93:73:b4:45:16:a1:8c:7a:49:5e:12:d6:bf:
01:7c:d1:b7:f2:7a:1d:3c:12:d1:bc:28:73:21:da:
42:ae:7e:20:f5:c0:cd:40:9a:4b:cf:7a:29:22:2f:
a1:3d:0f:fa:b0:bf:1d:75:1a:f6:c9:76:04:08:e2:
84:81:f3:7a:70:94:97:8e:48:34:d9:a3:f6:eb:67:
da:d3:ff:b7:8c:f8:2d:5e:65:05:a3:4b:81:3e:90:
10:4f:ae:d2:87:5b:2c:ef:2d:70:dc:66:4e:6c:d1:
8e:bf:a9:4e:e2:c3:f4:fa:56:dc:84:9e:5f:21:b1:
c4:6a:64:5e:8e:4b:b3:01:90:66:8a:43:18:ad:3e:
92:06:39:d5:41:e8:9a:ff:d2:88:88:0f:cf:5e:97:
90:c3:4a:f3:d9:03:15:4d:81:08:e4:2a:95:82:ac:
ca:68:00:35:7d:53:63:6f:69:5b:64:71:3a:af:cd:
1d:f7:1e:b5:cd:3d:c0:e6:2c:ae:6f:17:e5:2a:da:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9E:34:9F:46:D0:CD:3F:04:F5:24:E2:FE:DD:95:E4:D2:71:C8:73
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/D540n0bQzT8E9STi_t2V5NJxyHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.180.20.0/24
217.180.45.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e5:60:1a:24:95:96:dc:13:c4:d9:98:1c:83:6d:7e:32:dd:
c4:9a:41:b0:d8:25:2a:ac:96:02:9f:85:a6:32:d0:0a:40:1a:
c6:3f:f5:a1:11:de:55:79:29:16:32:a1:68:c4:7d:f0:32:62:
6c:bd:ff:ef:16:e8:d8:66:02:a5:56:1b:ba:68:71:e1:1a:3e:
cd:61:21:71:63:c7:7f:2a:ee:44:0d:09:ca:8e:a0:3e:a0:c9:
7a:d3:42:97:b8:39:01:71:fe:c1:00:1e:0b:4c:cb:be:61:7d:
ab:ec:b4:c5:40:e2:a7:16:09:fe:43:7d:d9:8f:43:da:a0:d7:
e0:8c:1f:dd:95:e8:9e:a2:23:81:a3:98:8d:46:cd:7d:ce:2c:
e7:85:1a:d8:e8:2a:9d:f0:1c:32:48:3b:d8:a5:ed:d6:36:51:
de:93:70:7f:23:92:a3:79:84:47:dd:fa:05:f3:9d:a8:c8:17:
b9:f3:2c:3d:2a:6f:e1:5b:b1:5b:30:81:02:89:af:e2:03:76:
14:e0:3e:fb:6f:fe:f5:82:5f:e8:b9:62:88:8b:c5:72:04:7e:
e7:34:e9:32:d1:ad:33:b1:17:a7:13:ed:e3:a6:d1:d2:87:0d:
1b:52:16:03:17:29:b6:ee:54:bb:31:00:b0:5b:d7:e2:2e:e1:
7d:24:61:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGKAKJ2dzxnlaGDEzovB+UNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwODI1MTQ0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjllMzQ5ZjQ2ZDBjZDNmMDRmNTI0ZTJmZWRkOTVlNGQyNzFjODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09eUpnVsAOLG/O7f/M/heVovzQ+0
Fbyz2saSstNprivk5jvY+/JPda8dCo2TbXdgwaW/GCLKI6BYJBsPv5NztEUWoYx6
SV4S1r8BfNG38nodPBLRvChzIdpCrn4g9cDNQJpLz3opIi+hPQ/6sL8ddRr2yXYE
COKEgfN6cJSXjkg02aP262fa0/+3jPgtXmUFo0uBPpAQT67Sh1ss7y1w3GZObNGO
v6lO4sP0+lbchJ5fIbHEamRejkuzAZBmikMYrT6SBjnVQeia/9KIiA/PXpeQw0rz
2QMVTYEI5CqVgqzKaAA1fVNjb2lbZHE6r80d9x61zT3A5iyubxflKto7wwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+eNJ9G0M0/BPUk4v7dleTScchzMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRDU0MG4wYlF6VDhFOVNUaV90MlY1Tkp4eUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2bQUAwQA
2bQtMA0GCSqGSIb3DQEBCwUAA4IBAQBM5WAaJJWW3BPE2Zgcg21+Mt3EmkGw2CUq
rJYCn4WmMtAKQBrGP/WhEd5VeSkWMqFoxH3wMmJsvf/vFujYZgKlVhu6aHHhGj7N
YSFxY8d/Ku5EDQnKjqA+oMl600KXuDkBcf7BAB4LTMu+YX2r7LTFQOKnFgn+Q33Z
j0PaoNfgjB/dleieoiOBo5iNRs19ziznhRrY6Cqd8BwySDvYpe3WNlHek3B/I5Kj
eYRH3foF852oyBe58yw9Km/hW7FbMIECia/iA3YU4D77b/71gl/ouWKIi8VyBH7n
NOky0a0zsRenE+3jptHShw0bUhYDFym27lS7MQCwW9fiLuF9JGFg
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:34 2024 by rpki-client on console-fra.rpki-client.org