Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/gF81QKpzJwxpLRQVRAEuc5uQPH4.roa
File: gF81QKpzJwxpLRQVRAEuc5uQPH4.roa (raw, json)
Hash identifier: 7sfnxGCgjgPgsEvob4fcwXjl7OsLWVc2ManQm+qW8ks=
Subject key identifier: 80:5F:35:40:AA:73:27:0C:69:2D:14:15:44:01:2E:73:9B:90:3C:7E
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0185726B71BD3DAD5DBEA25BED08885116DD
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/gF81QKpzJwxpLRQVRAEuc5uQPH4.roa
Signing time: Mon 02 Jan 2023 12:18:42 +0000
ROA not before: Mon 02 Jan 2023 12:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48481
IP address blocks: 217.64.152.0/22 maxlen: 22
217.64.152.0/23 maxlen: 23
217.64.154.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6b:71:bd:3d:ad:5d:be:a2:5b:ed:08:88:51:16:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 12:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=805f3540aa73270c692d141544012e739b903c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:65:88:b2:e4:1f:b9:46:1c:a4:17:04:bb:97:
cb:52:20:64:2e:11:19:6f:e8:35:b4:a2:ae:90:45:
76:23:f8:72:75:43:20:d6:d5:2a:73:99:dc:33:82:
a4:41:35:52:70:20:48:9d:02:05:01:66:56:d9:0b:
f1:9d:f5:84:91:e9:41:7e:78:c8:42:63:b7:ee:c4:
26:57:d4:4f:a8:5d:33:59:9f:f8:d2:4c:a6:41:fb:
62:72:ab:4a:55:19:c7:17:bd:1f:cd:85:f8:e8:ce:
07:8f:ae:8e:02:fa:e1:37:fa:93:e4:02:77:b7:09:
1b:a9:e9:71:64:d6:c0:8e:d7:c4:2f:61:9d:b0:b2:
ea:74:3a:ce:3a:4e:ca:73:59:52:da:b8:de:ad:9e:
fc:2a:9e:57:28:4e:7e:fa:82:b8:16:a2:8a:fe:d6:
9c:3b:09:c8:c2:a1:ea:8e:4b:8f:90:70:56:89:76:
3e:ed:f7:9e:0e:e8:ee:3e:3f:1f:64:c2:94:4c:07:
59:5e:64:7d:54:90:69:d1:c0:49:71:32:df:1b:89:
f4:98:a9:14:da:e5:d4:9b:c8:60:a2:45:7f:ff:ab:
45:33:31:b9:87:53:4f:04:49:db:c0:22:8e:22:2a:
6a:6c:7e:0c:0f:a6:5a:fa:50:f5:e0:19:11:69:c6:
18:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5F:35:40:AA:73:27:0C:69:2D:14:15:44:01:2E:73:9B:90:3C:7E
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/gF81QKpzJwxpLRQVRAEuc5uQPH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.64.152.0/22
Signature Algorithm: sha256WithRSAEncryption
35:6a:0e:ff:6c:58:bd:aa:78:b9:2e:ae:f4:b7:2a:47:96:56:
c6:25:da:63:a2:35:93:5b:5b:0c:16:05:97:4e:50:ab:e3:67:
7b:ba:1e:54:35:3d:cd:0f:56:ba:1a:77:30:61:62:45:92:68:
71:95:73:13:32:00:db:8b:94:d2:e1:1f:fe:df:16:1c:07:81:
bb:90:7e:59:36:58:72:71:8c:d5:8c:04:46:c4:37:c7:60:ae:
2b:a0:dc:da:0a:6e:72:e7:72:65:22:7e:79:7b:f4:34:5f:8a:
c4:cc:a0:5d:20:43:80:f2:d9:71:d4:39:8a:76:a9:9b:d8:37:
1d:32:57:0e:b2:6e:b6:b7:76:e8:c7:3c:5c:2a:90:28:6d:3d:
d8:a5:a5:1c:db:58:90:cf:f1:95:4c:a1:11:be:0e:b8:f4:dc:
e5:37:ef:d3:da:37:1c:1c:c3:3d:76:af:6b:44:73:86:58:16:
d4:b5:e3:2e:56:76:18:95:6a:c5:f5:b6:4e:7f:72:21:61:51:
b6:d5:2b:1c:11:71:ae:ed:db:38:db:fe:69:76:89:1e:bd:1c:
eb:0e:9d:c8:65:62:bd:b3:23:2a:1b:38:1b:ac:60:b9:94:8a:
e4:05:72:99:7c:dd:51:86:ef:dd:cd:54:79:75:df:52:9b:b7:
1a:e6:ad:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVya3G9Pa1dvqJb7QiIURbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjMwMTAyMTIxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVmMzU0MGFhNzMyNzBjNjkyZDE0MTU0NDAxMmU3MzliOTAzYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmWIsuQfuUYcpBcEu5fLUiBkLhEZ
b+g1tKKukEV2I/hydUMg1tUqc5ncM4KkQTVScCBInQIFAWZW2QvxnfWEkelBfnjI
QmO37sQmV9RPqF0zWZ/40kymQfticqtKVRnHF70fzYX46M4Hj66OAvrhN/qT5AJ3
twkbqelxZNbAjtfEL2GdsLLqdDrOOk7Kc1lS2rjerZ78Kp5XKE5++oK4FqKK/tac
OwnIwqHqjkuPkHBWiXY+7feeDujuPj8fZMKUTAdZXmR9VJBp0cBJcTLfG4n0mKkU
2uXUm8hgokV//6tFMzG5h1NPBEnbwCKOIipqbH4MD6Za+lD14BkRacYYowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBfNUCqcycMaS0UFUQBLnObkDx+MB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvZ0Y4MVFLcHpKd3hwTFJRVlJBRXVjNXVRUEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UCYMA0G
CSqGSIb3DQEBCwUAA4IBAQA1ag7/bFi9qni5Lq70typHllbGJdpjojWTW1sMFgWX
TlCr42d7uh5UNT3ND1a6GncwYWJFkmhxlXMTMgDbi5TS4R/+3xYcB4G7kH5ZNlhy
cYzVjARGxDfHYK4roNzaCm5y53JlIn55e/Q0X4rEzKBdIEOA8tlx1DmKdqmb2Dcd
MlcOsm62t3boxzxcKpAobT3YpaUc21iQz/GVTKERvg649NzlN+/T2jccHMM9dq9r
RHOGWBbUteMuVnYYlWrF9bZOf3IhYVG21SscEXGu7ds42/5pdokevRzrDp3IZWK9
syMqGzgbrGC5lIrkBXKZfN1Rhu/dzVR5dd9Sm7ca5q0Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:13 2024 by rpki-client on console-ams.rpki-client.org