Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/I8sPKRir594lHFeezsaA0WXHd5o.roa
File: I8sPKRir594lHFeezsaA0WXHd5o.roa (raw, json)
Hash identifier: sSiNLodTC/iM3vF3WfZVDjNyACSwr/BSs7i/qiZ/fBM=
Subject key identifier: 23:CB:0F:29:18:AB:E7:DE:25:1C:57:9E:CE:C6:80:D1:65:C7:77:9A
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018CCA2AA1D7BC3B9A08920E6E86BD9D3DA1
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/I8sPKRir594lHFeezsaA0WXHd5o.roa
Signing time: Tue 02 Jan 2024 12:34:00 +0000
ROA not before: Tue 02 Jan 2024 12:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209406
IP address blocks: 217.199.219.0/24 maxlen: 24
2a03:220:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a1:d7:bc:3b:9a:08:92:0e:6e:86:bd:9d:3d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 12:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23cb0f2918abe7de251c579ecec680d165c7779a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:59:0a:06:21:81:d3:99:1d:a8:f5:31:f4:b5:
3b:24:74:81:08:c7:cb:e0:58:39:99:37:0e:02:0f:
5d:1b:3e:c0:97:eb:7e:26:d0:25:c6:2f:ad:eb:81:
1f:09:55:5b:63:55:af:e1:17:8e:5f:8d:71:11:9c:
68:b4:1b:bf:df:85:eb:b6:68:d3:c5:a3:ee:af:40:
a1:4f:a2:1d:03:78:9e:81:9b:1a:ae:93:fc:48:06:
9e:08:a5:5e:84:47:ec:42:17:c5:fc:bd:9e:73:13:
67:58:b6:d9:c5:f4:5e:21:12:0b:33:d3:68:9a:2f:
10:17:1c:84:f4:f9:22:ee:cf:86:f1:7e:a6:0d:6d:
d9:60:37:d0:07:d9:5d:30:88:a6:d8:7c:59:ca:e2:
53:a6:fb:d5:c2:84:0a:24:18:30:74:86:83:ea:0b:
c8:b7:9f:fd:59:1e:47:c7:37:96:1d:fd:67:56:b1:
39:7c:9d:f7:d3:fe:78:28:ed:2e:37:d4:ab:80:73:
30:f1:ee:2d:ee:72:cd:ff:2a:25:16:f1:04:9c:33:
9e:c7:2a:ae:a2:8b:b6:86:91:0f:32:71:7d:8a:92:
ea:3b:e2:f2:02:92:19:cf:6d:7e:62:9f:a8:01:6a:
5a:29:35:d2:36:eb:36:e1:c5:ba:5a:27:5d:0e:e1:
03:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CB:0F:29:18:AB:E7:DE:25:1C:57:9E:CE:C6:80:D1:65:C7:77:9A
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/I8sPKRir594lHFeezsaA0WXHd5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.199.219.0/24
IPv6:
2a03:220:f000::/48
Signature Algorithm: sha256WithRSAEncryption
83:2b:e8:78:96:e1:23:03:08:eb:49:b6:49:4a:b5:82:7d:1b:
cf:44:e8:f4:48:9d:5c:04:d3:82:5e:a1:3a:f2:ac:61:35:39:
f9:50:96:b7:d3:e6:ad:7a:e8:46:c1:64:18:ad:17:5e:df:01:
2c:28:0f:c8:43:16:49:ed:2c:85:09:ac:74:88:df:59:c0:19:
06:52:6d:47:98:5f:92:cc:11:6d:19:9f:0f:b4:b0:d4:11:7e:
b2:c0:d3:59:70:06:dc:15:5c:62:9b:54:50:db:05:99:2e:6b:
67:ee:0b:be:17:9f:a1:75:84:fb:73:1a:73:97:e4:bc:c1:b7:
ef:bd:c1:d1:d4:67:f6:e7:0b:e9:9a:1e:01:48:2d:85:47:72:
03:78:54:bc:2c:a0:0c:a7:82:2f:f6:bb:21:ac:a2:60:c0:c3:
83:4f:84:19:4d:7e:cc:ae:53:51:e8:9f:ff:fe:08:ef:b6:ad:
af:b5:1c:97:2f:cc:31:d0:35:a3:79:b6:dc:11:92:32:db:30:
d0:22:de:c0:f0:39:d5:09:64:e3:9e:4e:9f:a8:0f:e8:18:19:
41:0d:ef:40:6e:63:89:88:bc:e7:f7:85:d2:a5:8e:c1:1a:86:
bd:d7:60:33:4a:dd:49:d5:39:59:c6:a1:81:49:af:be:d1:10:
0c:c8:4e:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKqHXvDuaCJIOboa9nT2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjQwMTAyMTIzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NiMGYyOTE4YWJlN2RlMjUxYzU3OWVjZWM2ODBkMTY1Yzc3NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVkKBiGB05kdqPUx9LU7JHSBCMfL
4Fg5mTcOAg9dGz7Al+t+JtAlxi+t64EfCVVbY1Wv4ReOX41xEZxotBu/34XrtmjT
xaPur0ChT6IdA3iegZsarpP8SAaeCKVehEfsQhfF/L2ecxNnWLbZxfReIRILM9No
mi8QFxyE9Pki7s+G8X6mDW3ZYDfQB9ldMIim2HxZyuJTpvvVwoQKJBgwdIaD6gvI
t5/9WR5HxzeWHf1nVrE5fJ330/54KO0uN9SrgHMw8e4t7nLN/yolFvEEnDOexyqu
oou2hpEPMnF9ipLqO+LyApIZz21+Yp+oAWpaKTXSNus24cW6WiddDuEDhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCPLDykYq+feJRxXns7GgNFlx3eaMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvSThzUEtSaXI1OTRsSEZlZXpzYUEwV1hIZDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2cfbMA8E
AgACMAkDBwAqAwIg8AAwDQYJKoZIhvcNAQELBQADggEBAIMr6HiW4SMDCOtJtklK
tYJ9G89E6PRInVwE04JeoTryrGE1OflQlrfT5q166EbBZBitF17fASwoD8hDFknt
LIUJrHSI31nAGQZSbUeYX5LMEW0Znw+0sNQRfrLA01lwBtwVXGKbVFDbBZkua2fu
C74Xn6F1hPtzGnOX5LzBt++9wdHUZ/bnC+maHgFILYVHcgN4VLwsoAyngi/2uyGs
omDAw4NPhBlNfsyuU1Hon//+CO+2ra+1HJcvzDHQNaN5ttwRkjLbMNAi3sDwOdUJ
ZOOeTp+oD+gYGUEN70BuY4mIvOf3hdKljsEahr3XYDNK3UnVOVnGoYFJr77REAzI
Ttk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:19 2025 by rpki-client