Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/uP0OWh-PJb2WiB99bXM98LFXPqM.roa
File: uP0OWh-PJb2WiB99bXM98LFXPqM.roa (raw, json)
Hash identifier: RIPfUZscn7H78oe5PRQ2ZXIfUoAcWKLNO+S9b9GhsDo=
Subject key identifier: B8:FD:0E:5A:1F:8F:25:BD:96:88:1F:7D:6D:73:3D:F0:B1:57:3E:A3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019251B41407976B9671238D4937956C706F
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/uP0OWh-PJb2WiB99bXM98LFXPqM.roa
Signing time: Thu 03 Oct 2024 09:26:49 +0000
ROA not before: Thu 03 Oct 2024 09:26:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 217.177.32.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 13:11:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:b4:14:07:97:6b:96:71:23:8d:49:37:95:6c:70:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Oct 3 09:26:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8fd0e5a1f8f25bd96881f7d6d733df0b1573ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:df:98:1b:0e:3a:7d:43:b6:4a:ca:13:2f:
c5:82:f0:aa:2b:b1:6d:4c:cc:00:f8:df:e5:76:4c:
4c:e0:2a:e3:ba:78:2c:59:3d:1d:6c:83:37:3e:13:
92:9d:a4:9e:ef:a0:63:af:9c:70:7e:64:6c:b9:bc:
37:04:60:03:e4:e0:35:7d:3c:43:fc:ee:3c:04:02:
74:71:c0:19:6f:6e:f4:0d:bc:ea:b2:15:f9:23:e7:
36:ca:ed:cd:b0:0f:7d:51:2e:c7:00:d1:03:c8:49:
de:c4:8e:6a:d9:9a:6f:fa:fe:f6:58:93:b0:da:a4:
4f:72:a8:80:6f:86:56:93:2c:da:65:cd:cf:63:b7:
69:c5:09:9b:36:fa:01:5e:55:df:24:4b:af:fd:4b:
64:0f:4b:05:a9:c0:f5:c4:83:52:b2:c9:7c:5c:b5:
25:06:e9:55:5e:6a:b7:a5:55:ff:68:dc:4f:bc:ba:
1e:82:06:67:56:da:03:a8:38:3f:f3:c4:bb:50:63:
2f:f0:a0:3c:33:de:bc:3f:8d:b7:7b:b9:e3:69:27:
14:67:61:19:2f:9c:15:64:3c:e3:b4:46:a4:67:66:
bc:33:43:ae:6a:7e:35:c3:99:ef:ad:bc:39:43:ca:
c0:53:cc:46:a5:f7:21:57:7b:9a:ee:19:96:5e:db:
6a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:FD:0E:5A:1F:8F:25:BD:96:88:1F:7D:6D:73:3D:F0:B1:57:3E:A3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/uP0OWh-PJb2WiB99bXM98LFXPqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.32.0/24
217.177.35.0/24
217.180.12.0/24
217.180.61.0/24
Signature Algorithm: sha256WithRSAEncryption
66:7f:12:df:9d:e1:f0:17:b3:f7:66:45:2b:f1:05:6c:c3:9d:
09:59:7a:f5:b8:25:5a:3f:8b:d9:63:4a:33:f6:d4:c3:b8:29:
b6:b6:00:ed:2e:80:38:ce:70:93:79:31:32:cd:e8:63:6b:92:
8f:04:d4:8d:e2:06:cf:75:aa:9b:12:96:4c:97:72:94:0c:f1:
cc:33:2b:9c:c9:96:f7:e4:cc:e6:47:60:b1:1b:60:6c:ae:0a:
96:dc:96:c2:65:76:e5:75:a6:67:2b:a7:0b:2d:e4:e7:73:49:
7a:f8:a9:a2:90:31:72:fc:b1:87:ef:d3:15:fc:21:03:c7:3b:
a3:dd:ba:16:d3:a8:fc:30:cc:b4:75:3d:60:37:c4:da:1a:9c:
b1:b1:f1:db:5d:4d:5e:ee:fd:6a:99:85:e4:67:eb:f5:a6:bd:
12:99:70:9f:98:4c:a2:99:6d:43:40:ea:12:9c:1b:0d:07:ea:
3f:b7:1f:23:bb:75:43:b5:c6:a1:2e:e2:4e:bd:8d:58:73:7a:
86:c2:91:9c:0b:89:13:8a:9e:48:33:a6:af:31:64:62:99:fc:
b1:4a:2d:61:54:b7:09:25:05:7e:aa:b2:14:28:68:c1:e8:3d:
23:02:2a:d1:ef:6e:5b:f6:c3:e7:72:7c:d3:66:6c:3a:97:bb:
be:b9:ca:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJRtBQHl2uWcSONSTeVbHBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMDAzMDkyNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGZkMGU1YTFmOGYyNWJkOTY4ODFmN2Q2ZDczM2RmMGIxNTczZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyrfmBsOOn1DtkrKEy/FgvCqK7Ft
TMwA+N/ldkxM4CrjungsWT0dbIM3PhOSnaSe76Bjr5xwfmRsubw3BGAD5OA1fTxD
/O48BAJ0ccAZb270DbzqshX5I+c2yu3NsA99US7HANEDyEnexI5q2Zpv+v72WJOw
2qRPcqiAb4ZWkyzaZc3PY7dpxQmbNvoBXlXfJEuv/UtkD0sFqcD1xINSssl8XLUl
BulVXmq3pVX/aNxPvLoeggZnVtoDqDg/88S7UGMv8KA8M968P423e7njaScUZ2EZ
L5wVZDzjtEakZ2a8M0Ouan41w5nvrbw5Q8rAU8xGpfchV3ua7hmWXttqvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLj9DlofjyW9logffW1zPfCxVz6jMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvdVAwT1doLVBKYjJXaUI5OWJYTTk4TEZYUHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA2bEgAwQA
2bEjAwQA2bQMAwQA2bQ9MA0GCSqGSIb3DQEBCwUAA4IBAQBmfxLfneHwF7P3ZkUr
8QVsw50JWXr1uCVaP4vZY0oz9tTDuCm2tgDtLoA4znCTeTEyzehja5KPBNSN4gbP
daqbEpZMl3KUDPHMMyucyZb35MzmR2CxG2BsrgqW3JbCZXbldaZnK6cLLeTnc0l6
+KmikDFy/LGH79MV/CEDxzuj3boW06j8MMy0dT1gN8TaGpyxsfHbXU1e7v1qmYXk
Z+v1pr0SmXCfmEyimW1DQOoSnBsNB+o/tx8ju3VDtcahLuJOvY1Yc3qGwpGcC4kT
ip5IM6avMWRimfyxSi1hVLcJJQV+qrIUKGjB6D0jAirR725b9sPncnzTZmw6l7u+
ucrR
-----END CERTIFICATE-----
Generated at Tue Oct 15 17:45:12 2024 by rpki-client on console-ams.rpki-client.org