Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/gik3FHyRZixBEHeRLMZKViKx2R0.roa
File: gik3FHyRZixBEHeRLMZKViKx2R0.roa (raw, json)
Hash identifier: fEBvYiPFLbkFBCuY8LxQ57N7PO2yJrq2K3IIaaUoFq4=
Subject key identifier: 82:29:37:14:7C:91:66:2C:41:10:77:91:2C:C6:4A:56:22:B1:D9:1D
Certificate issuer: /CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8
Certificate serial: 018FCAB7B55AA3BCF1DEDD4A5B7DC0431BF2
Authority key identifier: 0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/gik3FHyRZixBEHeRLMZKViKx2R0.roa
Signing time: Thu 30 May 2024 18:16:28 +0000
ROA not before: Thu 30 May 2024 18:16:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2559
IP address blocks: 198.217.240.0/24 maxlen: 24
198.217.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 18:09:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ca:b7:b5:5a:a3:bc:f1:de:dd:4a:5b:7d:c0:43:1b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8
Validity
Not Before: May 30 18:16:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822937147c91662c411077912cc64a5622b1d91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dc:ca:37:c4:45:52:08:c1:2d:89:85:a1:f2:
62:27:8d:d8:c3:d6:d4:c6:55:8e:14:60:33:08:14:
7c:60:55:1f:0e:48:b2:7e:28:1a:ac:23:8a:18:48:
3e:30:d7:f7:94:25:68:1a:6b:5e:57:d1:da:5a:75:
7e:16:92:fc:d2:5b:f0:68:2c:bb:e5:cb:da:de:49:
e8:1e:08:42:af:84:d9:02:3b:ea:b8:cb:de:42:77:
75:68:af:20:c6:a3:ea:d2:fb:d5:0b:e5:5b:4a:15:
64:c3:4f:cb:4e:4c:21:8e:8f:e3:06:1e:a4:0d:00:
c0:e2:22:43:95:b1:f9:84:ae:16:b3:f3:da:7a:54:
dc:59:65:f8:c6:41:8c:91:10:5d:15:79:6b:36:01:
7f:8b:a4:d1:e1:35:9c:20:50:91:cf:2c:6b:ba:80:
61:0e:1a:19:c0:e4:52:d3:1f:ec:63:b4:c4:3a:61:
5e:93:ba:6e:01:97:45:38:b1:ee:32:1c:24:76:d2:
ac:0d:3e:23:58:b8:9c:7d:84:30:c3:27:e7:43:36:
6f:72:16:49:ed:5a:0e:1e:14:6d:c5:ed:bc:d4:92:
c2:46:d9:38:d5:c1:48:89:f9:f8:e7:59:c0:18:b3:
83:a5:53:a5:c0:50:f3:1d:f0:09:f5:e4:12:d8:56:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:29:37:14:7C:91:66:2C:41:10:77:91:2C:C6:4A:56:22:B1:D9:1D
X509v3 Authority Key Identifier:
keyid:0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/gik3FHyRZixBEHeRLMZKViKx2R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.217.240.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:32:75:d5:4d:20:3d:15:94:8b:72:92:df:05:d5:87:ee:ed:
5d:af:84:66:56:c2:39:7c:9d:e7:fd:12:bd:6e:26:e5:d5:bb:
3c:3b:c8:2b:8d:99:95:4b:30:dc:1a:70:46:32:68:1c:86:12:
b2:be:61:75:fb:19:0c:e9:1c:fd:17:4f:ee:52:05:06:66:5a:
38:2c:26:3e:d2:8f:43:ff:e4:d2:37:59:7c:3b:80:59:10:90:
c4:e2:f8:bd:9d:08:d9:4e:b5:21:05:e1:17:29:69:89:2a:71:
70:a9:6b:1c:46:8e:d6:60:3c:62:7c:d6:d9:db:ea:f4:c8:ef:
34:2a:ab:be:e7:a4:d6:f1:ea:93:d4:34:38:c1:cc:d1:49:46:
d5:3d:5a:ad:62:06:80:a4:74:ab:35:61:98:1c:c8:57:7b:42:
da:12:dd:ec:a6:b6:62:2d:ee:63:2f:5b:3a:25:be:e8:ee:7f:
0b:27:2f:a9:a4:c4:a1:ec:1e:b2:f5:bd:50:69:4b:f7:fd:3a:
3f:88:2e:1f:0e:4f:a0:30:2c:87:f8:6b:59:e9:86:b2:12:19:
69:3c:8a:24:30:7c:cd:ed:94:13:95:0d:5e:0d:20:df:71:a1:
e2:29:7a:d8:c0:56:99:2a:8e:fe:22:9f:ba:d2:ae:7c:2a:df:
83:56:b4:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/Kt7Vao7zx3t1KW33AQxvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzRlNWFmMmZhNzIxNWNhNDY5YjI3YzEwNzlmMWZmZDVm
Y2FlZjgwHhcNMjQwNTMwMTgxNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjI5MzcxNDdjOTE2NjJjNDExMDc3OTEyY2M2NGE1NjIyYjFkOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodzKN8RFUgjBLYmFofJiJ43Yw9bU
xlWOFGAzCBR8YFUfDkiyfigarCOKGEg+MNf3lCVoGmteV9HaWnV+FpL80lvwaCy7
5cva3knoHghCr4TZAjvquMveQnd1aK8gxqPq0vvVC+VbShVkw0/LTkwhjo/jBh6k
DQDA4iJDlbH5hK4Ws/PaelTcWWX4xkGMkRBdFXlrNgF/i6TR4TWcIFCRzyxruoBh
DhoZwORS0x/sY7TEOmFek7puAZdFOLHuMhwkdtKsDT4jWLicfYQwwyfnQzZvchZJ
7VoOHhRtxe281JLCRtk41cFIifn451nAGLODpVOlwFDzHfAJ9eQS2FaCeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIpNxR8kWYsQRB3kSzGSlYisdkdMB8GA1UdIwQY
MBaAFA905a8vpyFcpGmyfBB58f/V/K74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUt
ZWFiY2JjMDgzZjliLzEvZ2lrM0ZIeVJaaXhCRUhlUkxNWktWaUt4MlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUtZWFiY2JjMDgzZjli
LzEvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBxtnwMA0G
CSqGSIb3DQEBCwUAA4IBAQAtMnXVTSA9FZSLcpLfBdWH7u1dr4RmVsI5fJ3n/RK9
bibl1bs8O8grjZmVSzDcGnBGMmgchhKyvmF1+xkM6Rz9F0/uUgUGZlo4LCY+0o9D
/+TSN1l8O4BZEJDE4vi9nQjZTrUhBeEXKWmJKnFwqWscRo7WYDxifNbZ2+r0yO80
Kqu+56TW8eqT1DQ4wczRSUbVPVqtYgaApHSrNWGYHMhXe0LaEt3sprZiLe5jL1s6
Jb7o7n8LJy+ppMSh7B6y9b1QaUv3/To/iC4fDk+gMCyH+GtZ6YayEhlpPIokMHzN
7ZQTlQ1eDSDfcaHiKXrYwFaZKo7+Ip+60q58Kt+DVrQf
-----END CERTIFICATE-----
Generated at Fri Jun 28 00:03:53 2024 by rpki-client on console-ams.rpki-client.org