Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/G98ajpIDVOfXstHoE9te8XufVJA.roa
File: G98ajpIDVOfXstHoE9te8XufVJA.roa (raw, json)
Hash identifier: 3BC6FYGiYuykF9F/p75JOxCQK+vWCl6txlOP6n7XSKI=
Subject key identifier: 1B:DF:1A:8E:92:03:54:E7:D7:B2:D1:E8:13:DB:5E:F1:7B:9F:54:90
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F024FA078B01A8C5B6524FB1783B475
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/G98ajpIDVOfXstHoE9te8XufVJA.roa
Signing time: Sun 01 Jan 2023 20:25:00 +0000
ROA not before: Sun 01 Jan 2023 20:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202555
IP address blocks: 217.69.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4f:a0:78:b0:1a:8c:5b:65:24:fb:17:83:b4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bdf1a8e920354e7d7b2d1e813db5ef17b9f5490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:61:c0:4b:ed:1e:a8:22:e5:18:c2:b9:29:f9:
84:ec:5c:e0:7b:b5:55:49:23:3f:94:2a:78:fb:44:
a0:34:31:05:79:33:67:d8:3f:ee:47:35:7c:45:3b:
59:05:1c:57:b1:76:b2:b1:80:09:a9:53:64:51:02:
76:37:4e:d7:1f:de:4c:c8:a3:02:a4:3b:90:3b:21:
89:85:f1:3d:ef:c0:63:ba:ac:a3:95:77:17:f7:59:
20:0c:d7:6b:5d:f7:68:e7:07:f6:01:4e:8a:f3:e0:
81:09:cd:b0:af:fb:d8:7c:f8:e6:0f:d3:34:e0:f3:
90:68:67:92:92:b4:8b:93:66:97:7f:a3:1f:7d:d0:
c5:48:a6:9f:6f:4e:07:b0:20:bd:39:7e:bf:be:c4:
80:fa:29:9f:24:a0:ea:2a:dc:3b:72:5c:f1:d5:da:
d2:bd:c6:99:50:89:eb:38:79:1d:0d:0b:f5:3d:d3:
f2:b5:44:b8:3d:dd:2e:64:b0:c6:77:4b:bc:e2:2e:
d9:e8:cf:86:ae:44:de:bf:44:e4:8a:11:7a:e6:22:
21:e3:91:1c:66:c7:e7:3d:d0:a9:7d:2c:90:40:39:
9e:96:5a:62:4a:26:26:40:74:6a:d4:77:a3:02:99:
d0:3b:fc:8e:33:90:ac:30:2c:ab:30:70:6c:f8:20:
17:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DF:1A:8E:92:03:54:E7:D7:B2:D1:E8:13:DB:5E:F1:7B:9F:54:90
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/G98ajpIDVOfXstHoE9te8XufVJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.69.113.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f2:51:e1:d7:71:4e:51:9e:7e:14:6e:0b:bc:f7:c9:6d:f6:
43:bd:17:f7:85:bb:8f:88:87:79:1f:be:40:c8:12:fa:b9:41:
e4:83:76:e1:33:25:5f:ec:35:a2:fd:54:77:08:28:c7:db:48:
db:77:e1:dd:f4:f5:f6:c6:f8:f4:32:93:5a:97:9d:e7:aa:5f:
7d:7b:cd:58:6f:c6:ab:36:ce:e7:be:b4:8d:64:a7:13:46:d9:
17:db:2c:e7:c9:5a:85:9e:da:c6:a9:98:00:f1:0b:e1:90:0a:
b3:af:36:ce:79:ab:35:54:27:bd:7d:ac:af:69:9c:e2:13:6d:
4c:c7:59:b5:61:92:82:30:50:28:60:37:71:1e:2f:68:9a:d3:
79:7d:c7:de:5c:5c:dc:50:a2:2b:12:cd:df:1b:29:22:f0:5f:
ae:30:88:21:8f:90:f4:16:01:ee:77:f5:1b:b5:78:21:c9:d9:
82:b7:58:d3:1f:ce:77:a4:aa:14:cd:41:f0:e9:7c:e4:af:7a:
5d:30:e7:56:a9:78:77:a4:60:9f:6a:31:ba:7b:5a:15:44:35:
65:38:a4:e3:93:7b:e0:a0:49:f0:04:f2:9f:fa:5a:c4:f1:26:
84:d5:6a:18:52:0b:07:9e:9c:f7:ac:37:2d:b2:98:d3:63:4f:
f6:46:8a:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAk+geLAajFtlJPsXg7R1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRmMWE4ZTkyMDM1NGU3ZDdiMmQxZTgxM2RiNWVmMTdiOWY1NDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWHAS+0eqCLlGMK5KfmE7Fzge7VV
SSM/lCp4+0SgNDEFeTNn2D/uRzV8RTtZBRxXsXaysYAJqVNkUQJ2N07XH95MyKMC
pDuQOyGJhfE978BjuqyjlXcX91kgDNdrXfdo5wf2AU6K8+CBCc2wr/vYfPjmD9M0
4POQaGeSkrSLk2aXf6MffdDFSKafb04HsCC9OX6/vsSA+imfJKDqKtw7clzx1drS
vcaZUInrOHkdDQv1PdPytUS4Pd0uZLDGd0u84i7Z6M+GrkTev0TkihF65iIh45Ec
ZsfnPdCpfSyQQDmellpiSiYmQHRq1HejApnQO/yOM5CsMCyrMHBs+CAXbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvfGo6SA1Tn17LR6BPbXvF7n1SQMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvRzk4YWpwSURWT2ZYc3RIb0U5dGU4WHVmVkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UVxMA0G
CSqGSIb3DQEBCwUAA4IBAQBy8lHh13FOUZ5+FG4LvPfJbfZDvRf3hbuPiId5H75A
yBL6uUHkg3bhMyVf7DWi/VR3CCjH20jbd+Hd9PX2xvj0MpNal53nql99e81Yb8ar
Ns7nvrSNZKcTRtkX2yznyVqFntrGqZgA8QvhkAqzrzbOeas1VCe9fayvaZziE21M
x1m1YZKCMFAoYDdxHi9omtN5fcfeXFzcUKIrEs3fGyki8F+uMIghj5D0FgHud/Ub
tXghydmCt1jTH853pKoUzUHw6Xzkr3pdMOdWqXh3pGCfajG6e1oVRDVlOKTjk3vg
oEnwBPKf+lrE8SaE1WoYUgsHnpz3rDctspjTY0/2RorU
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org