Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/tMBD0hkR8KLXGXpeXGd6h5ziAjY.roa
File: tMBD0hkR8KLXGXpeXGd6h5ziAjY.roa (raw, json)
Hash identifier: dW+UOfPoplkV7ad14Qe8boCkG7C0SFhkhHqWcVVUEXc=
Subject key identifier: B4:C0:43:D2:19:11:F0:A2:D7:19:7A:5E:5C:67:7A:87:9C:E2:02:36
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 01856F0B61E24B865CD2D209BDA847223DB6
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/tMBD0hkR8KLXGXpeXGd6h5ziAjY.roa
Signing time: Sun 01 Jan 2023 20:34:54 +0000
ROA not before: Sun 01 Jan 2023 20:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42870
IP address blocks: 217.22.169.0/24 maxlen: 24
217.22.168.0/22 maxlen: 22
217.22.168.0/24 maxlen: 24
217.22.171.0/24 maxlen: 24
217.22.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:61:e2:4b:86:5c:d2:d2:09:bd:a8:47:22:3d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 20:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4c043d21911f0a2d7197a5e5c677a879ce20236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9a:5b:4b:5d:56:3d:4e:67:32:a5:25:cb:9e:
96:33:04:4c:1c:0b:ef:3a:06:94:e7:90:6a:b9:a6:
cd:9b:72:ca:fe:6e:a1:70:9f:42:f1:c4:13:a8:c6:
72:ae:f8:74:00:41:7c:30:bf:9b:43:f4:f8:bf:00:
6d:c1:62:d5:1c:87:f8:1b:04:97:a2:2e:56:51:52:
b3:32:2e:35:58:94:2f:eb:42:fa:02:39:1d:a9:00:
6d:f2:7a:fa:bb:fc:94:b2:89:83:07:36:6f:b1:95:
1b:89:3d:0e:60:86:53:59:e1:c1:ba:f2:d9:62:d4:
24:07:42:4b:af:d6:e9:64:e5:9c:d3:c7:30:82:5c:
c9:32:95:4e:ad:b1:c4:d5:7b:7a:9e:f3:97:8f:d4:
c3:4e:09:db:50:b4:99:e5:7a:7a:df:8f:cf:b7:fa:
dc:b1:1f:f6:cf:7f:1c:bc:d0:c1:03:e0:4a:c4:f7:
27:af:f7:26:28:69:a7:13:de:53:78:47:e6:7b:b9:
6f:2a:2d:72:8b:85:2b:0f:0d:a1:7d:b0:44:96:f5:
b2:f0:e5:54:78:c5:75:d9:0f:e3:a6:b7:ed:68:d0:
23:e4:c8:8d:a3:93:63:c7:ca:dc:2f:da:41:5b:05:
ae:2a:ec:2b:31:fc:b1:27:60:b1:0e:d4:16:0a:b8:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C0:43:D2:19:11:F0:A2:D7:19:7A:5E:5C:67:7A:87:9C:E2:02:36
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/tMBD0hkR8KLXGXpeXGd6h5ziAjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.168.0/22
Signature Algorithm: sha256WithRSAEncryption
75:37:c2:5d:c9:1b:ec:16:18:13:db:88:db:42:ef:c0:a8:db:
42:f8:66:02:06:dc:74:5f:ca:b1:37:ee:60:64:58:18:36:42:
43:49:47:bd:e9:bf:31:88:28:a4:9f:52:13:71:9a:23:9d:1e:
25:7a:f6:f2:68:a4:dc:47:19:8c:e1:7b:de:80:f7:34:0a:dd:
89:1b:44:69:e2:5d:f4:ca:c3:b7:55:c3:7b:51:28:77:62:b8:
c1:c2:5d:1d:d2:8b:e0:aa:e8:75:f6:19:0e:87:f8:e6:ad:8a:
62:88:b2:a0:80:f4:d5:42:8f:cf:8d:ef:cb:77:8f:91:8b:59:
b7:99:c9:fd:fb:f0:f0:a6:e3:e8:72:92:92:8c:6a:37:a1:83:
a2:6d:93:8e:c9:de:e3:ae:9e:14:b9:27:bf:ad:ea:17:d3:38:
76:45:bc:9f:cb:d4:d1:17:d5:79:5f:73:2b:66:6d:eb:2d:c3:
fe:cc:fe:c5:2f:ca:bb:f8:0e:80:be:e8:c3:86:35:2a:a0:83:
e2:a4:8e:ed:20:dd:6f:4a:a5:53:79:68:6f:de:b0:80:85:35:
7c:bf:09:0c:16:0c:2d:b8:0d:0f:03:28:a3:9c:ad:96:22:e2:
ed:85:b3:a8:a3:8c:5c:79:8f:24:36:50:b9:52:c5:d9:fa:40:
3f:1c:a3:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC2HiS4Zc0tIJvahHIj22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjMwMTAxMjAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGMwNDNkMjE5MTFmMGEyZDcxOTdhNWU1YzY3N2E4NzljZTIwMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhppbS11WPU5nMqUly56WMwRMHAvv
OgaU55BquabNm3LK/m6hcJ9C8cQTqMZyrvh0AEF8ML+bQ/T4vwBtwWLVHIf4GwSX
oi5WUVKzMi41WJQv60L6AjkdqQBt8nr6u/yUsomDBzZvsZUbiT0OYIZTWeHBuvLZ
YtQkB0JLr9bpZOWc08cwglzJMpVOrbHE1Xt6nvOXj9TDTgnbULSZ5Xp634/Pt/rc
sR/2z38cvNDBA+BKxPcnr/cmKGmnE95TeEfme7lvKi1yi4UrDw2hfbBElvWy8OVU
eMV12Q/jprftaNAj5MiNo5Njx8rcL9pBWwWuKuwrMfyxJ2CxDtQWCrjFkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTAQ9IZEfCi1xl6Xlxneoec4gI2MB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvdE1CRDBoa1I4S0xYR1hwZVhHZDZoNXppQWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2RaoMA0G
CSqGSIb3DQEBCwUAA4IBAQB1N8JdyRvsFhgT24jbQu/AqNtC+GYCBtx0X8qxN+5g
ZFgYNkJDSUe96b8xiCikn1ITcZojnR4levbyaKTcRxmM4XvegPc0Ct2JG0Rp4l30
ysO3VcN7USh3YrjBwl0d0ovgquh19hkOh/jmrYpiiLKggPTVQo/Pje/Ld4+Ri1m3
mcn9+/DwpuPocpKSjGo3oYOibZOOyd7jrp4UuSe/reoX0zh2Rbyfy9TRF9V5X3Mr
Zm3rLcP+zP7FL8q7+A6AvujDhjUqoIPipI7tIN1vSqVTeWhv3rCAhTV8vwkMFgwt
uA0PAyijnK2WIuLthbOoo4xceY8kNlC5UsXZ+kA/HKNX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:54 2024 by rpki-client on console-fra.rpki-client.org