Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/a-elH7XV_i39isRVpkEaGYVbevo.roa
File: a-elH7XV_i39isRVpkEaGYVbevo.roa (raw, json)
Hash identifier: CAhHzCGmxX9lyFlygeJ0M2Ud3ueTMMNzqB6OK93nq2I=
Subject key identifier: 6B:E7:A5:1F:B5:D5:FE:2D:FD:8A:C4:55:A6:41:1A:19:85:5B:7A:FA
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018570306F58EA923F4FF3909391C0469572
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/a-elH7XV_i39isRVpkEaGYVbevo.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208107
IP address blocks: 217.199.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6f:58:ea:92:3f:4f:f3:90:93:91:c0:46:95:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6be7a51fb5d5fe2dfd8ac455a6411a19855b7afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9c:d7:13:69:0b:3d:91:1e:46:cc:cf:f1:a6:
85:6f:f4:dc:ac:1b:1a:0a:b7:64:d5:88:04:48:95:
64:85:f1:26:70:6c:4b:dd:11:03:ac:d1:f5:c7:16:
79:14:45:19:18:d7:82:8c:b4:83:9a:ae:b1:16:e3:
26:90:ae:4f:21:58:ee:23:27:5d:b9:f0:b2:e7:c1:
c4:48:83:dc:88:ff:35:2b:27:e5:01:fd:6f:55:79:
b5:88:a9:33:96:6c:4c:dc:fe:ae:3c:68:d1:33:ba:
a0:42:f6:2b:46:20:50:58:58:42:fd:9e:f7:6a:27:
af:e1:26:e2:db:fb:73:ba:0a:5a:b5:62:60:2e:a3:
e0:df:99:e3:13:50:6c:e2:74:5b:2d:8c:e7:27:fd:
09:e1:20:b1:c7:42:db:dd:ba:c5:9e:37:c1:a8:e0:
95:8d:cc:72:e4:f9:84:97:80:f7:97:98:9c:e4:5a:
ee:b5:00:f0:93:cb:59:2c:85:b9:60:1e:a0:d2:76:
67:be:ce:1b:6e:41:ae:05:2e:34:4e:b4:a5:ea:c6:
ce:df:c4:63:e6:21:2c:ff:bf:91:65:3c:bc:dc:d8:
f4:79:94:47:46:80:49:d0:8f:8b:4b:f0:a0:e4:2d:
46:8d:2c:50:bc:de:bb:27:05:0a:af:99:40:85:64:
9f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E7:A5:1F:B5:D5:FE:2D:FD:8A:C4:55:A6:41:1A:19:85:5B:7A:FA
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/a-elH7XV_i39isRVpkEaGYVbevo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.199.208.0/24
Signature Algorithm: sha256WithRSAEncryption
78:19:26:18:2d:02:29:ed:e7:c5:51:55:9c:b8:03:ec:a9:7e:
2d:5b:43:8c:ea:fb:1e:43:e7:2c:43:92:30:57:55:ed:aa:4e:
5a:6f:4f:cb:fe:59:57:c1:ee:9e:b9:26:4a:db:40:38:c7:1e:
fd:36:14:55:00:1b:74:39:11:69:50:6f:b1:cf:1b:11:06:e8:
cd:9f:15:d2:1f:a1:1d:5e:a3:43:9e:fa:b4:66:c3:4b:18:38:
ad:58:4b:5f:15:63:fd:d6:1b:ec:6a:c8:e8:60:6f:25:83:18:
2f:62:8c:a2:71:01:61:65:bf:5c:bf:27:b8:41:43:4d:ff:22:
66:39:e0:0e:af:e1:0c:06:a5:84:35:b1:16:51:6b:5f:bd:35:
6f:5a:ef:b9:51:63:d5:ca:2a:bd:27:0b:91:81:5b:97:62:7c:
36:7f:22:a0:c1:8f:f2:85:88:33:b9:b6:05:0f:39:80:d9:02:
87:a2:e1:c5:03:fd:05:71:86:23:18:cd:8c:82:b5:a7:ee:78:
fd:ad:81:c8:87:b4:1e:60:78:19:cc:99:5e:fe:1b:63:3c:29:
ab:0d:8a:1f:c7:45:1e:03:b7:65:e8:81:fc:47:d0:51:f6:7e:
a9:38:17:53:96:a2:78:3d:27:52:90:32:c8:07:de:39:48:24:
cd:1f:84:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMG9Y6pI/T/OQk5HARpVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU3YTUxZmI1ZDVmZTJkZmQ4YWM0NTVhNjQxMWExOTg1NWI3YWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05zXE2kLPZEeRszP8aaFb/TcrBsa
Crdk1YgESJVkhfEmcGxL3REDrNH1xxZ5FEUZGNeCjLSDmq6xFuMmkK5PIVjuIydd
ufCy58HESIPciP81KyflAf1vVXm1iKkzlmxM3P6uPGjRM7qgQvYrRiBQWFhC/Z73
aiev4Sbi2/tzugpatWJgLqPg35njE1Bs4nRbLYznJ/0J4SCxx0Lb3brFnjfBqOCV
jcxy5PmEl4D3l5ic5FrutQDwk8tZLIW5YB6g0nZnvs4bbkGuBS40TrSl6sbO38Rj
5iEs/7+RZTy83Nj0eZRHRoBJ0I+LS/Cg5C1GjSxQvN67JwUKr5lAhWSfaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvnpR+11f4t/YrEVaZBGhmFW3r6MB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvYS1lbEg3WFZfaTM5aXNSVnBrRWFHWVZiZXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cfQMA0G
CSqGSIb3DQEBCwUAA4IBAQB4GSYYLQIp7efFUVWcuAPsqX4tW0OM6vseQ+csQ5Iw
V1Xtqk5ab0/L/llXwe6euSZK20A4xx79NhRVABt0ORFpUG+xzxsRBujNnxXSH6Ed
XqNDnvq0ZsNLGDitWEtfFWP91hvsasjoYG8lgxgvYoyicQFhZb9cvye4QUNN/yJm
OeAOr+EMBqWENbEWUWtfvTVvWu+5UWPVyiq9JwuRgVuXYnw2fyKgwY/yhYgzubYF
DzmA2QKHouHFA/0FcYYjGM2MgrWn7nj9rYHIh7QeYHgZzJle/htjPCmrDYofx0Ue
A7dl6IH8R9BR9n6pOBdTlqJ4PSdSkDLIB945SCTNH4TX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:48 2024 by rpki-client on console-ams.rpki-client.org