Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/CrLDcGuutoExTybEjRuvWJjrKRY.roa
File: CrLDcGuutoExTybEjRuvWJjrKRY.roa (raw, json)
Hash identifier: g6APSKSj9XfOBLkpc/G+O3F4sgoC1s0DsJEjP6h6kyM=
Subject key identifier: 0A:B2:C3:70:6B:AE:B6:81:31:4F:26:C4:8D:1B:AF:58:98:EB:29:16
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 01856F4B55D5EF0DEE6B3658461A4DCCCF3E
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/CrLDcGuutoExTybEjRuvWJjrKRY.roa
Signing time: Sun 01 Jan 2023 21:44:46 +0000
ROA not before: Sun 01 Jan 2023 21:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15815
IP address blocks: 217.14.96.0/20 maxlen: 22
2a00:7da0::/32 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:55:d5:ef:0d:ee:6b:36:58:46:1a:4d:cc:cf:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Jan 1 21:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ab2c3706baeb681314f26c48d1baf5898eb2916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:60:b4:8e:c8:23:e3:dc:f2:a2:48:de:b2:05:
05:e5:73:ec:81:59:54:24:36:d3:20:fd:25:9c:10:
8e:b9:fe:a1:7e:7f:7b:c3:8a:af:38:63:3f:fb:ee:
bf:20:06:c9:1f:4b:5b:6b:72:a8:8f:37:8f:bf:69:
3a:2e:42:e9:0c:8b:1d:fe:19:1d:98:d1:81:fb:43:
4f:37:73:f4:a2:99:af:e6:55:4b:fa:04:8b:70:e6:
5d:a0:6a:26:19:98:19:c0:e1:89:f8:73:00:14:55:
a8:bb:e7:59:77:db:64:e1:70:9f:ef:e2:e8:93:fd:
bb:93:f4:dd:7c:18:96:6c:f7:f4:22:ce:57:07:cd:
37:02:29:31:16:34:d3:07:65:19:9c:60:a4:c6:b7:
77:5f:55:56:30:c0:54:27:33:0d:16:88:63:aa:b7:
18:e5:e9:a7:81:ec:75:8a:b8:e1:01:aa:69:0d:c9:
01:da:56:6d:7f:b6:60:ff:cb:27:38:3e:2b:42:14:
70:86:f8:11:0f:c7:c0:bf:6b:d5:3b:77:69:33:8f:
37:01:c7:cd:0d:e2:15:fb:3b:46:fb:74:7e:66:d3:
78:fd:db:1c:e7:f6:6f:a2:d1:aa:9b:5f:c9:3e:c3:
c9:cb:d7:2f:bd:25:1b:2b:b6:91:dd:a2:b0:b1:96:
38:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B2:C3:70:6B:AE:B6:81:31:4F:26:C4:8D:1B:AF:58:98:EB:29:16
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/CrLDcGuutoExTybEjRuvWJjrKRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.96.0/20
IPv6:
2a00:7da0::/32
Signature Algorithm: sha256WithRSAEncryption
c9:56:d9:47:81:2e:de:55:66:1c:25:67:9b:d5:1e:1e:71:61:
03:8e:14:df:81:f8:bf:59:a9:6c:6e:6f:7a:47:e0:2f:ad:38:
df:d4:0c:bd:32:78:57:e2:23:8b:76:b7:eb:b1:c7:f9:2f:2b:
51:57:fc:4e:10:af:63:6b:6f:25:90:ea:a8:47:cc:a1:b9:f7:
26:1e:9e:5a:b5:1e:66:d2:46:a8:fe:33:28:51:e5:2f:6f:5c:
6d:51:16:77:fa:59:91:6e:ef:b1:5b:84:0f:20:94:82:12:72:
c3:ec:bb:51:2b:46:fd:be:6b:ca:6e:03:8c:af:42:6a:f6:d3:
84:27:b3:46:e4:63:fa:64:e5:1d:2e:92:21:21:a9:87:e4:db:
dc:68:d7:e1:1f:4e:97:1b:02:2c:6e:50:40:94:55:9f:b0:22:
b2:d3:9a:08:62:a7:1b:77:75:85:4c:f9:40:18:8b:c2:c6:a6:
af:83:a7:43:4d:bc:c3:bd:67:f5:80:db:e4:80:76:db:c7:03:
f9:ee:05:9f:09:42:a2:4e:9e:50:3f:f5:e6:55:62:9a:6b:27:
17:4b:76:5a:58:77:0a:30:ce:db:fc:63:6c:84:14:b6:98:22:
c8:62:c6:4b:ae:38:1d:39:ac:fe:06:1d:ba:e2:9c:7c:f7:83:
f3:91:ca:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS1XV7w3uazZYRhpNzM8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjMwMTAxMjE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWIyYzM3MDZiYWViNjgxMzE0ZjI2YzQ4ZDFiYWY1ODk4ZWIyOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWC0jsgj49zyokjesgUF5XPsgVlU
JDbTIP0lnBCOuf6hfn97w4qvOGM/++6/IAbJH0tba3KojzePv2k6LkLpDIsd/hkd
mNGB+0NPN3P0opmv5lVL+gSLcOZdoGomGZgZwOGJ+HMAFFWou+dZd9tk4XCf7+Lo
k/27k/TdfBiWbPf0Is5XB803AikxFjTTB2UZnGCkxrd3X1VWMMBUJzMNFohjqrcY
5emngex1irjhAappDckB2lZtf7Zg/8snOD4rQhRwhvgRD8fAv2vVO3dpM483AcfN
DeIV+ztG+3R+ZtN4/dsc5/ZvotGqm1/JPsPJy9cvvSUbK7aR3aKwsZY40wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAqyw3BrrraBMU8mxI0br1iY6ykWMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvQ3JMRGNHdXV0b0V4VHliRWpSdXZXSmpyS1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2Q5gMA0E
AgACMAcDBQAqAH2gMA0GCSqGSIb3DQEBCwUAA4IBAQDJVtlHgS7eVWYcJWeb1R4e
cWEDjhTfgfi/Walsbm96R+AvrTjf1Ay9MnhX4iOLdrfrscf5LytRV/xOEK9ja28l
kOqoR8yhufcmHp5atR5m0kao/jMoUeUvb1xtURZ3+lmRbu+xW4QPIJSCEnLD7LtR
K0b9vmvKbgOMr0Jq9tOEJ7NG5GP6ZOUdLpIhIamH5NvcaNfhH06XGwIsblBAlFWf
sCKy05oIYqcbd3WFTPlAGIvCxqavg6dDTbzDvWf1gNvkgHbbxwP57gWfCUKiTp5Q
P/XmVWKaaycXS3ZaWHcKMM7b/GNshBS2mCLIYsZLrjgdOaz+Bh264px894Pzkcq/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:37 2024 by rpki-client on console-ams.rpki-client.org