Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/weWGnONx7Cmtu6vJZFtcXVH7u-0.roa
File: weWGnONx7Cmtu6vJZFtcXVH7u-0.roa (raw, json)
Hash identifier: qQVpIGTkRgWV9OK8Z2hFjBthKGZ95FN9kTyRoA0Xdg0=
Subject key identifier: C1:E5:86:9C:E3:71:EC:29:AD:BB:AB:C9:64:5B:5C:5D:51:FB:BB:ED
Certificate issuer: /CN=d634007414cff16cdcf3a3aa22a96677f8be2b68
Certificate serial: 01856D6F5D7FA3A3228AD96D9969C8EC73EA
Authority key identifier: D6:34:00:74:14:CF:F1:6C:DC:F3:A3:AA:22:A9:66:77:F8:BE:2B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1jQAdBTP8Wzc86OqIqlmd_i-K2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/weWGnONx7Cmtu6vJZFtcXVH7u-0.roa
Signing time: Sun 01 Jan 2023 13:04:53 +0000
ROA not before: Sun 01 Jan 2023 13:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28731
IP address blocks: 217.14.144.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:5d:7f:a3:a3:22:8a:d9:6d:99:69:c8:ec:73:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d634007414cff16cdcf3a3aa22a96677f8be2b68
Validity
Not Before: Jan 1 13:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1e5869ce371ec29adbbabc9645b5c5d51fbbbed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:44:8a:5b:c6:12:c2:8d:f1:62:9f:bb:32:fc:
ad:69:b0:ec:88:5a:5c:ba:bd:a2:39:b5:9c:c0:96:
6d:c6:f3:a7:f3:44:c4:c7:9d:8d:0b:16:f4:26:3b:
6e:e3:15:33:b9:a1:66:46:40:5d:7f:8d:b2:47:98:
2a:38:c9:2d:4b:7c:9c:2b:0b:b4:59:78:a9:84:40:
9f:76:96:db:7c:52:14:50:dc:77:51:ee:b1:96:eb:
59:37:ef:63:e0:61:6f:8d:a1:e7:e8:00:f7:77:42:
ca:63:bd:ab:77:59:5b:d4:18:86:56:a7:7d:2c:77:
e5:02:19:c2:a5:3e:9a:76:83:39:7a:d9:3f:03:f4:
0b:e5:9a:f1:27:04:2f:6f:4b:11:1c:e0:e2:bd:6d:
36:d8:f6:bc:86:5c:4a:55:f8:ed:c1:06:6a:f6:24:
d7:31:01:6d:ba:9c:ed:0e:b1:d2:de:5e:c1:f7:8c:
48:bf:ef:85:b0:23:1d:d2:80:c6:f0:98:5f:f2:09:
8f:82:26:9d:e5:ab:ef:d7:5e:d3:b7:7d:68:9e:da:
e3:e0:7a:2b:49:96:da:05:96:8d:a1:9c:e4:a0:e4:
35:3c:b3:7b:b3:7f:e8:1a:9c:89:10:97:6d:eb:83:
96:b9:b1:69:7e:b8:75:60:cb:1f:41:ca:b8:1d:1e:
cf:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E5:86:9C:E3:71:EC:29:AD:BB:AB:C9:64:5B:5C:5D:51:FB:BB:ED
X509v3 Authority Key Identifier:
keyid:D6:34:00:74:14:CF:F1:6C:DC:F3:A3:AA:22:A9:66:77:F8:BE:2B:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1jQAdBTP8Wzc86OqIqlmd_i-K2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/weWGnONx7Cmtu6vJZFtcXVH7u-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/1jQAdBTP8Wzc86OqIqlmd_i-K2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.144.0/20
Signature Algorithm: sha256WithRSAEncryption
56:54:99:bf:33:a0:77:16:40:9c:b6:0c:ac:a2:6f:7d:f3:47:
e1:d6:da:d3:ee:15:96:00:2e:b9:c1:fc:60:57:bc:23:20:da:
8c:80:66:a2:c0:39:40:32:52:94:82:21:11:ba:36:df:ba:81:
05:f9:92:d2:c0:1a:bd:29:46:f1:af:18:4d:6c:04:60:1d:30:
92:2f:64:13:2d:66:ac:75:ab:73:65:0d:f1:44:46:02:9b:32:
0e:a7:48:a4:b4:37:fb:5c:a1:8a:33:b3:d4:d4:d6:3f:32:f2:
a2:0e:ab:a9:29:3a:7b:28:90:5f:b1:5c:be:4a:fe:07:dc:6f:
65:f1:20:f0:80:e7:8e:c1:e7:66:93:dc:22:49:ec:6c:17:d3:
9f:fc:41:22:18:d9:4e:3b:48:b2:89:be:3b:6d:90:2e:9b:e2:
e9:f8:c4:3b:93:77:b2:39:36:04:4b:59:f1:e2:09:88:bf:6a:
61:5c:92:55:69:60:5f:6c:76:ca:6f:11:76:1a:68:29:d4:dc:
55:9c:5e:49:06:67:b1:74:36:78:e1:5c:a3:bc:26:3c:f7:40:
ad:f9:9a:ea:2e:a7:9c:56:d1:66:d1:0e:cd:86:e5:ae:51:9b:
cd:81:72:44:3c:58:be:b4:ff:4d:9e:6f:18:8e:47:ce:87:04:
18:26:19:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb11/o6MiitltmWnI7HPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MzQwMDc0MTRjZmYxNmNkY2YzYTNhYTIyYTk2Njc3Zjhi
ZTJiNjgwHhcNMjMwMTAxMTMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU1ODY5Y2UzNzFlYzI5YWRiYmFiYzk2NDViNWM1ZDUxZmJiYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0SKW8YSwo3xYp+7MvytabDsiFpc
ur2iObWcwJZtxvOn80TEx52NCxb0Jjtu4xUzuaFmRkBdf42yR5gqOMktS3ycKwu0
WXiphECfdpbbfFIUUNx3Ue6xlutZN+9j4GFvjaHn6AD3d0LKY72rd1lb1BiGVqd9
LHflAhnCpT6adoM5etk/A/QL5ZrxJwQvb0sRHODivW022Pa8hlxKVfjtwQZq9iTX
MQFtupztDrHS3l7B94xIv++FsCMd0oDG8Jhf8gmPgiad5avv117Tt31ontrj4Hor
SZbaBZaNoZzkoOQ1PLN7s3/oGpyJEJdt64OWubFpfrh1YMsfQcq4HR7PjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHlhpzjcewprburyWRbXF1R+7vtMB8GA1UdIwQY
MBaAFNY0AHQUz/Fs3POjqiKpZnf4vitoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWpRQWRCVFA4V3pjODZPcUlxbG1kX2ktSzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMDMwZWYtOTJjYi00Y2M1LTg2Yzgt
ZGVjYjkyZDFhNTIzLzEvd2VXR25PTng3Q210dTZ2SlpGdGNYVkg3dS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kMDMwZWYtOTJjYi00Y2M1LTg2YzgtZGVjYjkyZDFhNTIz
LzEvMWpRQWRCVFA4V3pjODZPcUlxbG1kX2ktSzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2Q6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBWVJm/M6B3FkCctgysom9980fh1trT7hWWAC65wfxg
V7wjINqMgGaiwDlAMlKUgiERujbfuoEF+ZLSwBq9KUbxrxhNbARgHTCSL2QTLWas
datzZQ3xREYCmzIOp0iktDf7XKGKM7PU1NY/MvKiDqupKTp7KJBfsVy+Sv4H3G9l
8SDwgOeOwedmk9wiSexsF9Of/EEiGNlOO0iyib47bZAum+Lp+MQ7k3eyOTYES1nx
4gmIv2phXJJVaWBfbHbKbxF2Gmgp1NxVnF5JBmexdDZ44VyjvCY890Ct+ZrqLqec
VtFm0Q7NhuWuUZvNgXJEPFi+tP9Nnm8YjkfOhwQYJhmu
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:50 2024 by rpki-client on console-fra.rpki-client.org