Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/TTckRwLzQZOTCqT0wZgtvS_B70c.roa
File: TTckRwLzQZOTCqT0wZgtvS_B70c.roa (raw, json)
Hash identifier: jtT4CKRdNtdJLcI2px4dzsvm7OZgjjPtK1s7mvGEvBM=
Subject key identifier: 4D:37:24:47:02:F3:41:93:93:0A:A4:F4:C1:98:2D:BD:2F:C1:EF:47
Certificate issuer: /CN=d634007414cff16cdcf3a3aa22a96677f8be2b68
Certificate serial: 018CC9BC941D10FF114F8BD4AC70F4A7657D
Authority key identifier: D6:34:00:74:14:CF:F1:6C:DC:F3:A3:AA:22:A9:66:77:F8:BE:2B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1jQAdBTP8Wzc86OqIqlmd_i-K2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/TTckRwLzQZOTCqT0wZgtvS_B70c.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28731
IP address blocks: 217.14.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:94:1d:10:ff:11:4f:8b:d4:ac:70:f4:a7:65:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d634007414cff16cdcf3a3aa22a96677f8be2b68
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d37244702f34193930aa4f4c1982dbd2fc1ef47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:43:42:1f:f7:11:48:13:0c:90:a4:12:8a:
e7:e8:03:47:66:d1:9e:d5:98:26:40:9b:d3:61:7d:
1f:bb:b3:2f:0d:ac:19:71:12:98:95:5e:26:b5:eb:
02:96:ad:b3:3e:f1:9f:fa:c7:4b:bc:9a:8f:0f:cf:
6b:76:4f:aa:75:dc:2f:74:18:cb:a6:b3:e9:f8:fd:
52:98:4c:a3:0c:28:4e:38:d2:cf:20:fe:bb:37:55:
06:33:e8:f3:27:e8:5d:4c:3b:ce:5c:64:1b:ec:94:
0c:e2:7c:c6:ca:66:ba:bd:f5:69:ac:a7:2b:7a:e7:
5f:34:71:d7:ef:37:69:92:46:81:bb:67:66:1f:7f:
6e:aa:53:43:00:d7:20:f1:d5:8c:e7:4c:8d:f9:ec:
a5:ad:32:ba:0b:fb:17:fe:38:ae:99:c3:1f:52:96:
1f:29:11:4c:2f:53:2d:f8:7f:a8:78:1f:d7:6a:8d:
ff:65:3b:f8:9f:ca:17:ca:bb:f3:ad:73:16:f1:d5:
b2:81:95:c5:48:9c:2c:29:bc:1f:8a:b4:0e:a0:ea:
c8:0e:9e:6e:d0:8a:1f:52:bc:36:3e:d2:cf:f2:a9:
bf:b7:6c:22:85:8b:33:7f:23:d4:dd:85:e1:d7:d9:
73:0e:8f:9c:49:c4:f8:01:ba:ea:4d:02:14:02:c5:
6d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:37:24:47:02:F3:41:93:93:0A:A4:F4:C1:98:2D:BD:2F:C1:EF:47
X509v3 Authority Key Identifier:
keyid:D6:34:00:74:14:CF:F1:6C:DC:F3:A3:AA:22:A9:66:77:F8:BE:2B:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1jQAdBTP8Wzc86OqIqlmd_i-K2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/TTckRwLzQZOTCqT0wZgtvS_B70c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/1jQAdBTP8Wzc86OqIqlmd_i-K2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.144.0/20
Signature Algorithm: sha256WithRSAEncryption
72:9a:4b:4b:16:99:2a:c8:a4:52:f5:dc:61:4b:93:2a:7a:a4:
b8:7d:a2:fc:33:2e:16:9b:ad:6d:f7:c0:0d:6a:22:c4:c4:c5:
76:ce:1d:3e:eb:73:da:f2:b7:0b:4b:63:76:65:5f:76:38:55:
a7:1b:5c:4a:15:39:72:8a:f4:ab:94:54:77:72:13:a6:c8:73:
d5:b3:45:f6:32:d1:a2:58:49:92:df:e4:6c:4e:90:af:bf:d8:
5d:48:27:40:07:12:e6:d4:0c:63:97:ac:b8:ba:3b:7d:e0:ea:
b1:f9:68:db:6c:8a:f9:8d:aa:42:91:99:f3:63:a7:f5:2f:2a:
32:9a:07:8e:b1:b1:14:7d:ff:c4:4e:7d:7a:84:e3:c3:37:0d:
ef:79:81:df:12:f5:5c:88:15:55:2b:a8:81:72:da:48:9e:f7:
34:5a:01:c2:25:8f:dc:87:8b:41:e4:ee:dd:5d:3c:e6:28:d8:
4b:e6:4d:75:8b:8f:a9:66:36:99:80:4e:b8:7e:8e:fc:40:26:
74:8d:0f:0e:00:d8:25:8f:6b:6a:00:34:74:87:d2:40:bf:ad:
1e:12:cc:e5:06:54:9a:df:ec:ad:87:c1:e6:4a:dd:99:3b:5d:
0a:6d:cd:64:b6:5f:4a:16:50:46:69:91:35:3c:c4:07:ee:c3:
5c:91:3e:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvJQdEP8RT4vUrHD0p2V9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MzQwMDc0MTRjZmYxNmNkY2YzYTNhYTIyYTk2Njc3Zjhi
ZTJiNjgwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM3MjQ0NzAyZjM0MTkzOTMwYWE0ZjRjMTk4MmRiZDJmYzFlZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXNDQh/3EUgTDJCkEorn6ANHZtGe
1ZgmQJvTYX0fu7MvDawZcRKYlV4mtesClq2zPvGf+sdLvJqPD89rdk+qddwvdBjL
prPp+P1SmEyjDChOONLPIP67N1UGM+jzJ+hdTDvOXGQb7JQM4nzGyma6vfVprKcr
eudfNHHX7zdpkkaBu2dmH39uqlNDANcg8dWM50yN+eylrTK6C/sX/jiumcMfUpYf
KRFML1Mt+H+oeB/Xao3/ZTv4n8oXyrvzrXMW8dWygZXFSJwsKbwfirQOoOrIDp5u
0IofUrw2PtLP8qm/t2wihYszfyPU3YXh19lzDo+cScT4AbrqTQIUAsVtCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE03JEcC80GTkwqk9MGYLb0vwe9HMB8GA1UdIwQY
MBaAFNY0AHQUz/Fs3POjqiKpZnf4vitoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWpRQWRCVFA4V3pjODZPcUlxbG1kX2ktSzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMDMwZWYtOTJjYi00Y2M1LTg2Yzgt
ZGVjYjkyZDFhNTIzLzEvVFRja1J3THpRWk9UQ3FUMHdaZ3R2U19CNzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kMDMwZWYtOTJjYi00Y2M1LTg2YzgtZGVjYjkyZDFhNTIz
LzEvMWpRQWRCVFA4V3pjODZPcUlxbG1kX2ktSzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2Q6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBymktLFpkqyKRS9dxhS5MqeqS4faL8My4Wm61t98AN
aiLExMV2zh0+63Pa8rcLS2N2ZV92OFWnG1xKFTlyivSrlFR3chOmyHPVs0X2MtGi
WEmS3+RsTpCvv9hdSCdABxLm1Axjl6y4ujt94Oqx+WjbbIr5japCkZnzY6f1Lyoy
mgeOsbEUff/ETn16hOPDNw3veYHfEvVciBVVK6iBctpInvc0WgHCJY/ch4tB5O7d
XTzmKNhL5k11i4+pZjaZgE64fo78QCZ0jQ8OANglj2tqADR0h9JAv60eEszlBlSa
3+yth8HmSt2ZO10Kbc1ktl9KFlBGaZE1PMQH7sNckT62
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:28 2025 by rpki-client