Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/pr_ExGaiSlswk22RxXQbrtmJuSE.roa
File: pr_ExGaiSlswk22RxXQbrtmJuSE.roa (raw, json)
Hash identifier: 2ee6hLxoCHauY9j+e5mugMK+VIqhlS0HOA3hJf303yc=
Subject key identifier: A6:BF:C4:C4:66:A2:4A:5B:30:93:6D:91:C5:74:1B:AE:D9:89:B9:21
Certificate issuer: /CN=ea0f08d4ee1f94f984493b467bd8aca2adfa2866
Certificate serial: 01856D4AAE85776A086D67DF61C769A6FCED
Authority key identifier: EA:0F:08:D4:EE:1F:94:F9:84:49:3B:46:7B:D8:AC:A2:AD:FA:28:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g8I1O4flPmESTtGe9isoq36KGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/pr_ExGaiSlswk22RxXQbrtmJuSE.roa
Signing time: Sun 01 Jan 2023 12:24:48 +0000
ROA not before: Sun 01 Jan 2023 12:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200780
IP address blocks: 217.18.221.0/24 maxlen: 24
217.18.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:ae:85:77:6a:08:6d:67:df:61:c7:69:a6:fc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f08d4ee1f94f984493b467bd8aca2adfa2866
Validity
Not Before: Jan 1 12:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6bfc4c466a24a5b30936d91c5741baed989b921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b8:22:e4:24:00:9f:12:25:b0:b0:4a:b7:ed:
c3:79:48:ea:f1:6d:69:a9:52:90:99:39:89:e5:64:
a6:47:39:18:fd:7f:18:72:1a:5d:7f:13:0e:12:7e:
bb:06:8e:c9:2f:d8:93:a5:22:be:9d:3f:2a:27:3b:
1a:a6:ee:49:a2:d1:15:c6:e1:8c:44:9c:36:ee:b5:
cb:da:93:f8:82:2c:86:ea:50:4e:58:ab:d3:75:22:
29:f9:cd:93:0e:54:16:00:de:c3:27:5f:bf:04:a2:
dd:12:09:d1:0a:26:b7:e0:59:b9:1d:fb:61:e6:00:
1c:1d:82:72:ac:ff:e6:03:3f:d3:c8:71:65:cd:91:
c2:d9:d2:3c:7d:61:c1:d9:e1:16:47:8f:c1:02:7f:
03:47:16:c2:39:c2:5e:d4:55:c8:60:b4:3d:83:c3:
9c:6f:39:da:f2:0e:9d:5d:d3:59:8e:ab:90:43:41:
58:d8:47:97:4d:bd:96:f3:37:18:17:d2:26:01:ca:
31:ed:63:5d:c0:19:49:cb:09:b8:ca:12:16:31:64:
6e:44:fb:5f:7c:19:bc:54:67:2c:b1:5c:dc:14:dd:
10:68:fd:46:81:62:2e:8c:6f:28:1a:9e:1e:1a:38:
a2:da:cd:14:8e:74:d6:fb:92:ca:5b:d6:a8:30:c8:
d6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BF:C4:C4:66:A2:4A:5B:30:93:6D:91:C5:74:1B:AE:D9:89:B9:21
X509v3 Authority Key Identifier:
keyid:EA:0F:08:D4:EE:1F:94:F9:84:49:3B:46:7B:D8:AC:A2:AD:FA:28:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g8I1O4flPmESTtGe9isoq36KGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/pr_ExGaiSlswk22RxXQbrtmJuSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/6g8I1O4flPmESTtGe9isoq36KGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.220.0/23
Signature Algorithm: sha256WithRSAEncryption
26:75:05:d3:37:76:36:18:4f:0b:8e:21:33:c8:d6:08:03:06:
7d:11:31:d7:d4:1d:29:01:37:45:86:3c:0a:24:5e:fc:96:b6:
48:bb:3e:03:47:25:40:38:bb:9f:3d:17:42:23:3d:9b:20:aa:
d3:ea:51:7f:22:82:52:e3:39:bb:16:0f:28:a6:43:16:be:15:
eb:9c:8b:c7:75:cf:51:c0:17:6d:77:e7:ae:71:d0:2a:32:2e:
68:6c:32:17:75:7f:c5:63:13:66:c4:78:06:9a:ad:4b:f3:83:
13:9a:e9:c9:c1:4e:6a:27:03:e3:62:24:8d:a0:f7:92:21:d5:
c1:96:f8:ac:79:c0:29:b5:e8:63:4f:11:d2:ce:05:23:59:a0:
00:a5:40:d1:71:cd:e4:54:bf:52:f2:3c:d9:d7:0b:60:36:c8:
9c:0b:bb:48:25:9a:94:c3:79:d3:35:20:25:ae:19:fc:eb:dd:
da:55:51:4f:1d:d8:6e:66:e0:c6:dc:3d:be:1b:62:35:3e:d3:
6d:3e:c7:cf:c2:d4:67:5a:0f:8b:cf:5b:80:08:9d:34:4f:07:
2a:6f:03:37:cf:65:0c:fb:2f:55:3b:38:d9:0c:79:e7:d3:bf:
0d:97:23:8f:16:cb:5d:ae:70:ca:9b:0a:4e:50:c3:94:47:d0:
cb:37:00:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSq6Fd2oIbWffYcdppvztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGYwOGQ0ZWUxZjk0Zjk4NDQ5M2I0NjdiZDhhY2EyYWRm
YTI4NjYwHhcNMjMwMTAxMTIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJmYzRjNDY2YTI0YTViMzA5MzZkOTFjNTc0MWJhZWQ5ODliOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprgi5CQAnxIlsLBKt+3DeUjq8W1p
qVKQmTmJ5WSmRzkY/X8YchpdfxMOEn67Bo7JL9iTpSK+nT8qJzsapu5JotEVxuGM
RJw27rXL2pP4giyG6lBOWKvTdSIp+c2TDlQWAN7DJ1+/BKLdEgnRCia34Fm5Hfth
5gAcHYJyrP/mAz/TyHFlzZHC2dI8fWHB2eEWR4/BAn8DRxbCOcJe1FXIYLQ9g8Oc
bzna8g6dXdNZjquQQ0FY2EeXTb2W8zcYF9ImAcox7WNdwBlJywm4yhIWMWRuRPtf
fBm8VGcssVzcFN0QaP1GgWIujG8oGp4eGjii2s0UjnTW+5LKW9aoMMjWOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKa/xMRmokpbMJNtkcV0G67ZibkhMB8GA1UdIwQY
MBaAFOoPCNTuH5T5hEk7RnvYrKKt+ihmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc4STFPNGZsUG1FU1R0R2U5aXNvcTM2S0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82N2ViNDktZmYwOC00ZWE0LWJiOWUt
MmVmYjQ2MWZkNDEzLzEvcHJfRXhHYWlTbHN3azIyUnhYUWJydG1KdVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82N2ViNDktZmYwOC00ZWE0LWJiOWUtMmVmYjQ2MWZkNDEz
LzEvNmc4STFPNGZsUG1FU1R0R2U5aXNvcTM2S0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2RLcMA0G
CSqGSIb3DQEBCwUAA4IBAQAmdQXTN3Y2GE8LjiEzyNYIAwZ9ETHX1B0pATdFhjwK
JF78lrZIuz4DRyVAOLufPRdCIz2bIKrT6lF/IoJS4zm7Fg8opkMWvhXrnIvHdc9R
wBdtd+eucdAqMi5obDIXdX/FYxNmxHgGmq1L84MTmunJwU5qJwPjYiSNoPeSIdXB
lvisecAptehjTxHSzgUjWaAApUDRcc3kVL9S8jzZ1wtgNsicC7tIJZqUw3nTNSAl
rhn8693aVVFPHdhuZuDG3D2+G2I1PtNtPsfPwtRnWg+Lz1uACJ00TwcqbwM3z2UM
+y9VOzjZDHnn078NlyOPFstdrnDKmwpOUMOUR9DLNwDj
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:20 2024 by rpki-client on console-ams.rpki-client.org