Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/EsopKmYWj9DOu-CIYSsA1JlmU8M.roa
File: EsopKmYWj9DOu-CIYSsA1JlmU8M.roa (raw, json)
Hash identifier: YFLVJcHdg7Eu95wgBYTZWM70M85FE1FDLwA3aO9Hz3Y=
Subject key identifier: 12:CA:29:2A:66:16:8F:D0:CE:BB:E0:88:61:2B:00:D4:99:66:53:C3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0190778C3FD863A477AF78947BDE6D421D13
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/EsopKmYWj9DOu-CIYSsA1JlmU8M.roa
Signing time: Wed 03 Jul 2024 07:43:18 +0000
ROA not before: Wed 03 Jul 2024 07:43:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47585
IP address blocks: 217.180.38.0/24 maxlen: 24
217.180.57.0/24 maxlen: 24
217.180.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 21:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:8c:3f:d8:63:a4:77:af:78:94:7b:de:6d:42:1d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jul 3 07:43:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12ca292a66168fd0cebbe088612b00d4996653c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:be:01:8e:84:e9:a8:4c:c7:08:4b:40:0d:
aa:0e:de:77:22:e4:eb:a5:b2:27:0e:95:05:52:2a:
97:72:bc:e2:9c:dd:27:f5:eb:72:7a:46:db:6f:a0:
f1:c1:a2:23:99:af:ea:c5:b9:52:b7:87:20:b1:91:
ce:4d:7a:89:61:eb:68:ef:e7:2e:c6:3a:e6:85:bd:
08:07:f6:fb:94:05:a3:08:8a:62:25:aa:f6:a3:ec:
7e:3f:23:92:6d:38:d1:84:8d:2b:9e:56:9b:34:c7:
36:01:54:bc:a7:52:50:73:fb:a2:67:dd:72:c5:49:
cb:ed:e3:74:05:b4:2d:5a:f2:01:4c:34:1e:67:89:
77:d8:c8:e6:0a:67:ba:3c:f6:1a:3d:f3:0e:1b:dc:
d3:99:dc:4c:b5:d6:02:ab:bc:41:4f:cc:04:74:1e:
46:51:4c:7c:d1:70:6f:9f:44:9a:ee:b4:8d:11:8c:
fe:dd:3b:c9:82:84:e5:f9:fe:34:97:fc:5d:f8:96:
9c:3f:e3:b2:1c:e5:bc:43:70:fa:40:e1:11:5a:3c:
08:3f:f7:0b:4c:42:3a:77:d2:3a:40:6f:10:e1:a6:
45:eb:89:f7:1f:de:9d:1f:4f:d3:d4:dc:bd:c1:4c:
5e:c7:33:6a:ca:52:6f:0b:5e:84:eb:83:c7:5c:c6:
e5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CA:29:2A:66:16:8F:D0:CE:BB:E0:88:61:2B:00:D4:99:66:53:C3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/EsopKmYWj9DOu-CIYSsA1JlmU8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.180.38.0/24
217.180.57.0/24
217.180.61.0/24
Signature Algorithm: sha256WithRSAEncryption
28:22:7f:7a:f0:7c:98:0b:ef:67:57:9c:ef:ac:38:a7:19:5a:
e4:48:55:46:15:d0:53:16:21:f6:95:3d:2d:dd:eb:d1:63:24:
d0:8a:30:16:50:99:97:62:0b:5b:81:88:87:d8:99:49:d4:94:
42:e4:2a:c9:d4:35:85:49:8e:00:cb:7e:e1:a4:5f:ca:78:36:
dd:18:6a:7f:d1:32:38:7a:93:fa:c5:f2:65:fd:bd:3e:bc:90:
d5:00:8d:0b:cf:91:12:3a:12:88:09:d0:aa:39:5e:34:22:21:
ac:dd:ff:bc:3a:50:e0:08:ce:4a:bf:dc:38:7e:65:6e:54:be:
32:86:cd:37:2d:30:6d:05:9a:67:06:3f:c5:4f:b5:94:bf:c2:
fa:9b:61:59:43:79:d3:31:9f:69:3f:31:07:1e:b1:44:c7:f1:
eb:6a:6b:e0:4a:ba:e0:0d:98:25:03:fc:98:f5:86:00:8f:46:
f2:f5:f1:20:49:89:bf:e1:9e:03:0c:06:08:2c:e6:94:21:3e:
33:79:a4:35:0e:95:41:a5:30:b8:59:87:d4:30:59:75:cf:89:
2d:bd:5d:25:d4:d3:41:fd:ed:e3:7a:85:cf:e2:d8:49:32:b0:
29:ea:6d:52:12:99:e6:59:1a:1a:bf:ca:7c:2e:ed:66:31:28:
0d:da:1d:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB3jD/YY6R3r3iUe95tQh0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwNzAzMDc0MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNhMjkyYTY2MTY4ZmQwY2ViYmUwODg2MTJiMDBkNDk5NjY1M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX2+AY6E6ahMxwhLQA2qDt53IuTr
pbInDpUFUiqXcrzinN0n9etyekbbb6DxwaIjma/qxblSt4cgsZHOTXqJYeto7+cu
xjrmhb0IB/b7lAWjCIpiJar2o+x+PyOSbTjRhI0rnlabNMc2AVS8p1JQc/uiZ91y
xUnL7eN0BbQtWvIBTDQeZ4l32MjmCme6PPYaPfMOG9zTmdxMtdYCq7xBT8wEdB5G
UUx80XBvn0Sa7rSNEYz+3TvJgoTl+f40l/xd+JacP+OyHOW8Q3D6QOERWjwIP/cL
TEI6d9I6QG8Q4aZF64n3H96dH0/T1Ny9wUxexzNqylJvC16E64PHXMblqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBLKKSpmFo/QzrvgiGErANSZZlPDMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRXNvcEttWVdqOURPdS1DSVlTc0ExSmxtVThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2bQmAwQA
2bQ5AwQA2bQ9MA0GCSqGSIb3DQEBCwUAA4IBAQAoIn968HyYC+9nV5zvrDinGVrk
SFVGFdBTFiH2lT0t3evRYyTQijAWUJmXYgtbgYiH2JlJ1JRC5CrJ1DWFSY4Ay37h
pF/KeDbdGGp/0TI4epP6xfJl/b0+vJDVAI0Lz5ESOhKICdCqOV40IiGs3f+8OlDg
CM5Kv9w4fmVuVL4yhs03LTBtBZpnBj/FT7WUv8L6m2FZQ3nTMZ9pPzEHHrFEx/Hr
amvgSrrgDZglA/yY9YYAj0by9fEgSYm/4Z4DDAYILOaUIT4zeaQ1DpVBpTC4WYfU
MFl1z4ktvV0l1NNB/e3jeoXP4thJMrAp6m1SEpnmWRoav8p8Lu1mMSgN2h2e
-----END CERTIFICATE-----
Generated at Sat Aug 3 23:11:26 2024 by rpki-client on console-ams.rpki-client.org