Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/dOEqbnpx4nO4ci4-uatchPv7RQ8.roa
File: dOEqbnpx4nO4ci4-uatchPv7RQ8.roa (raw, json)
Hash identifier: dGRrpzF+5DH7Lnb1muskbyHih9h3D61EwjpiMxmIkRY=
Subject key identifier: 74:E1:2A:6E:7A:71:E2:73:B8:72:2E:3E:B9:AB:5C:84:FB:FB:45:0F
Certificate issuer: /CN=6ea3b5028ce364f5102c1aec27736b7c33bc0493
Certificate serial: 01856ECBAA4D2D9C260CB022C9AFBE43B892
Authority key identifier: 6E:A3:B5:02:8C:E3:64:F5:10:2C:1A:EC:27:73:6B:7C:33:BC:04:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqO1AozjZPUQLBrsJ3NrfDO8BJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/dOEqbnpx4nO4ci4-uatchPv7RQ8.roa
Signing time: Sun 01 Jan 2023 19:25:19 +0000
ROA not before: Sun 01 Jan 2023 19:25:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205151
IP address blocks: 217.150.64.0/21 maxlen: 21
2a01:8c81::/32 maxlen: 32
2a01:8c82::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:aa:4d:2d:9c:26:0c:b0:22:c9:af:be:43:b8:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ea3b5028ce364f5102c1aec27736b7c33bc0493
Validity
Not Before: Jan 1 19:25:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74e12a6e7a71e273b8722e3eb9ab5c84fbfb450f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:83:e9:a4:33:87:27:5a:db:b3:55:d2:89:38:
8f:fd:9a:91:8d:c5:da:e0:f5:d6:9e:e8:70:be:55:
2a:9c:41:c7:09:8e:47:56:61:45:ab:e3:f2:6f:c9:
42:2e:3e:96:86:fd:35:9e:30:e1:6f:98:f3:98:dc:
e0:cc:9d:cb:9a:2b:a6:0d:75:67:ae:20:f7:49:b8:
7f:03:7c:12:ae:92:c3:c0:55:da:b5:f7:23:88:58:
aa:03:eb:4d:9e:5c:d8:d7:89:4a:66:d8:bd:3a:6e:
2c:56:5d:dc:82:7f:7a:db:58:38:4a:ad:58:6f:84:
7b:90:2c:10:58:d7:d8:49:32:1a:0b:bb:83:86:6b:
36:e1:af:fa:c1:fb:fe:6f:bd:b1:8f:fd:f9:2d:f8:
17:a7:4a:86:16:8e:4a:4e:5f:bd:f2:cb:42:28:1d:
d3:64:33:52:9b:f2:d5:45:c3:6c:21:e7:8b:7d:49:
14:ae:90:89:71:b1:1e:e4:d8:52:d5:65:07:23:c2:
5b:bd:fe:fe:93:2a:c3:e4:65:49:51:6d:e1:68:31:
32:eb:ca:eb:cc:89:c7:d6:ae:32:39:4e:91:db:63:
28:55:e3:82:b8:74:63:d9:18:2b:21:8d:a9:84:a0:
e6:f8:9f:89:f2:25:86:cc:55:b3:c8:77:36:8e:d1:
9d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E1:2A:6E:7A:71:E2:73:B8:72:2E:3E:B9:AB:5C:84:FB:FB:45:0F
X509v3 Authority Key Identifier:
keyid:6E:A3:B5:02:8C:E3:64:F5:10:2C:1A:EC:27:73:6B:7C:33:BC:04:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqO1AozjZPUQLBrsJ3NrfDO8BJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/dOEqbnpx4nO4ci4-uatchPv7RQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea471a-da64-4596-8370-612a762007ec/1/bqO1AozjZPUQLBrsJ3NrfDO8BJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.64.0/21
IPv6:
2a01:8c81::-2a01:8c82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6e:8a:0d:60:2c:0f:2c:4f:d7:36:5e:27:41:0d:34:3a:28:5e:
84:cd:21:4e:67:bb:0c:e4:21:ed:da:57:0a:4a:c3:8f:00:1d:
9a:58:89:e1:65:34:65:80:85:54:d5:09:fd:cb:ff:00:6c:83:
48:6a:41:62:fd:b4:67:b1:2e:6a:fd:6a:e0:d2:99:12:8b:a5:
df:6e:1b:e3:f0:26:45:8b:72:83:64:64:a2:42:d0:78:22:ee:
f5:d0:0a:18:42:a2:23:44:c2:f4:63:8d:68:12:43:f4:90:3e:
a7:f5:53:26:58:08:13:2f:3d:74:74:e7:8e:d2:94:f3:54:e6:
c4:94:35:cd:b0:d7:52:67:a2:cb:19:c3:1c:97:0b:a5:23:f3:
bc:91:c5:b7:62:8c:62:06:85:54:d9:3e:d8:4a:7e:6c:e6:42:
ce:b6:bc:f2:51:62:f0:dd:ea:4d:86:a3:d2:0f:cf:9a:91:82:
fe:b4:07:5e:27:82:6a:4a:00:e4:76:5c:d4:68:b6:e1:77:45:
1d:92:14:73:1f:c5:1c:29:c8:2f:10:5c:0d:f6:77:2e:73:a6:
bf:71:be:29:2c:27:51:75:51:98:d8:4d:6d:c9:49:4a:57:08:
59:0c:8d:e0:d7:b2:1c:e9:30:62:63:66:54:36:68:cd:b4:9a:
77:05:85:c9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuy6pNLZwmDLAiya++Q7iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYTNiNTAyOGNlMzY0ZjUxMDJjMWFlYzI3NzM2YjdjMzNi
YzA0OTMwHhcNMjMwMTAxMTkyNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGUxMmE2ZTdhNzFlMjczYjg3MjJlM2ViOWFiNWM4NGZiZmI0NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYPppDOHJ1rbs1XSiTiP/ZqRjcXa
4PXWnuhwvlUqnEHHCY5HVmFFq+Pyb8lCLj6Whv01njDhb5jzmNzgzJ3LmiumDXVn
riD3Sbh/A3wSrpLDwFXatfcjiFiqA+tNnlzY14lKZti9Om4sVl3cgn9621g4Sq1Y
b4R7kCwQWNfYSTIaC7uDhms24a/6wfv+b72xj/35LfgXp0qGFo5KTl+98stCKB3T
ZDNSm/LVRcNsIeeLfUkUrpCJcbEe5NhS1WUHI8Jbvf7+kyrD5GVJUW3haDEy68rr
zInH1q4yOU6R22MoVeOCuHRj2RgrIY2phKDm+J+J8iWGzFWzyHc2jtGdpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHThKm56ceJzuHIuPrmrXIT7+0UPMB8GA1UdIwQY
MBaAFG6jtQKM42T1ECwa7Cdza3wzvASTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnFPMUFvempaUFVRTEJyc0ozTnJmRE84QkpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTQ3MWEtZGE2NC00NTk2LTgzNzAt
NjEyYTc2MjAwN2VjLzEvZE9FcWJucHg0bk80Y2k0LXVhdGNoUHY3UlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lYTQ3MWEtZGE2NC00NTk2LTgzNzAtNjEyYTc2MjAwN2Vj
LzEvYnFPMUFvempaUFVRTEJyc0ozTnJmRE84QkpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQD2ZZAMBYE
AgACMBAwDgMFACoBjIEDBQAqAYyCMA0GCSqGSIb3DQEBCwUAA4IBAQBuig1gLA8s
T9c2XidBDTQ6KF6EzSFOZ7sM5CHt2lcKSsOPAB2aWInhZTRlgIVU1Qn9y/8AbINI
akFi/bRnsS5q/Wrg0pkSi6Xfbhvj8CZFi3KDZGSiQtB4Iu710AoYQqIjRML0Y41o
EkP0kD6n9VMmWAgTLz10dOeO0pTzVObElDXNsNdSZ6LLGcMclwulI/O8kcW3Yoxi
BoVU2T7YSn5s5kLOtrzyUWLw3epNhqPSD8+akYL+tAdeJ4JqSgDkdlzUaLbhd0Ud
khRzH8UcKcgvEFwN9ncuc6a/cb4pLCdRdVGY2E1tyUlKVwhZDI3g17Ic6TBiY2ZU
NmjNtJp3BYXJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org