Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/4aHXClNkkkGc8fJQx3-CkbKkYUY.roa
File: 4aHXClNkkkGc8fJQx3-CkbKkYUY.roa (raw, json)
Hash identifier: MeyvwpGBWzY2PW6VV93cS51ol1vgHtlKOgF4glskuf4=
Subject key identifier: E1:A1:D7:0A:53:64:92:41:9C:F1:F2:50:C7:7F:82:91:B2:A4:61:46
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14F07AC80859B24D3029449F8C45CB
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/4aHXClNkkkGc8fJQx3-CkbKkYUY.roa
Signing time: Sun 01 Jan 2023 20:45:21 +0000
ROA not before: Sun 01 Jan 2023 20:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21294
IP address blocks: 217.156.85.0/24 maxlen: 24
217.156.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:f0:7a:c8:08:59:b2:4d:30:29:44:9f:8c:45:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a1d70a536492419cf1f250c77f8291b2a46146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c1:e3:4a:dc:b8:fd:b2:ce:9d:05:29:42:1f:
67:e7:16:27:ed:4c:9b:fa:04:fa:88:37:0e:68:1e:
f5:7d:57:e6:46:81:34:28:bc:7c:1a:ec:a2:69:94:
f5:f0:92:a3:62:e8:50:50:39:a3:2d:fa:b8:aa:65:
81:d9:1a:a6:85:2f:e2:ac:26:5b:18:95:c3:65:a8:
a3:c8:b8:93:1f:82:f9:ba:eb:b9:74:45:cc:03:2e:
81:78:a1:eb:e8:31:01:4b:8d:d5:06:85:fb:53:0c:
c6:e8:5e:d2:34:06:4a:ae:11:ef:fa:ce:08:3f:aa:
05:3a:61:2b:f2:a8:3a:ad:3c:40:9f:4d:e7:3e:bd:
b6:65:e8:a6:62:b7:58:a7:70:75:ed:c7:94:28:c8:
fd:91:ed:bd:c2:32:76:08:25:48:89:c6:66:0e:d4:
68:4a:c0:0b:b4:69:4e:f9:3f:45:61:a6:6a:b3:ea:
6c:d0:0f:6a:43:b1:ba:a5:3a:11:b7:ac:f1:e0:6d:
6f:02:7c:4f:3a:f5:90:0b:6b:56:67:a0:41:c8:7f:
1a:6f:21:5d:e1:ea:a8:ea:88:41:3e:84:25:5d:ac:
56:7c:5e:6a:5c:f8:04:09:10:82:45:e5:eb:c1:1a:
77:1b:2b:da:58:e2:1d:84:62:af:ed:66:1e:fe:a2:
24:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A1:D7:0A:53:64:92:41:9C:F1:F2:50:C7:7F:82:91:B2:A4:61:46
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/4aHXClNkkkGc8fJQx3-CkbKkYUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.156.85.0/24
217.156.99.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ef:96:af:a2:e6:88:0e:65:3a:9d:a7:2f:33:61:ef:9a:f5:
86:ab:f6:54:da:c3:a5:d6:65:35:48:26:52:49:d5:1e:d8:2f:
44:89:28:60:8e:83:2d:bf:04:13:7e:90:03:c4:fe:eb:93:55:
f3:18:7f:2f:3a:e1:41:95:f0:b2:ce:88:a9:1f:24:ac:6c:dd:
90:1e:8f:24:23:99:d1:92:45:09:b9:d1:b2:c9:f8:cc:9a:d7:
fb:64:bc:ed:2e:18:24:7b:b9:1a:27:ce:ed:de:fa:13:80:f9:
64:29:80:12:be:e1:5b:cc:48:26:4f:fa:bd:6e:e1:97:84:72:
58:ad:bd:69:81:c8:bd:7b:ef:80:be:8f:35:8a:16:11:ac:8a:
15:e6:a0:6b:2b:37:01:94:06:02:9d:f1:5a:0e:66:77:58:90:
b4:75:69:e8:2a:76:52:be:ae:2e:8e:b2:f8:d5:fa:cf:db:25:
ea:d5:00:5c:15:a6:a7:ab:2a:1e:ae:da:e9:f6:d0:4c:5c:d6:
e0:4a:83:9c:fe:2e:3a:6c:c7:95:8c:10:a3:c8:ec:c1:fe:a3:
4d:8a:1b:bc:26:10:5a:af:92:a4:63:48:b9:02:f1:e6:8b:88:
ed:1c:48:15:ee:a0:d8:ce:29:18:b0:27:0d:db:3d:c8:5e:42:
58:b4:b2:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFPB6yAhZsk0wKUSfjEXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWExZDcwYTUzNjQ5MjQxOWNmMWYyNTBjNzdmODI5MWIyYTQ2MTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsHjSty4/bLOnQUpQh9n5xYn7Uyb
+gT6iDcOaB71fVfmRoE0KLx8GuyiaZT18JKjYuhQUDmjLfq4qmWB2RqmhS/irCZb
GJXDZaijyLiTH4L5uuu5dEXMAy6BeKHr6DEBS43VBoX7UwzG6F7SNAZKrhHv+s4I
P6oFOmEr8qg6rTxAn03nPr22ZeimYrdYp3B17ceUKMj9ke29wjJ2CCVIicZmDtRo
SsALtGlO+T9FYaZqs+ps0A9qQ7G6pToRt6zx4G1vAnxPOvWQC2tWZ6BByH8abyFd
4eqo6ohBPoQlXaxWfF5qXPgECRCCReXrwRp3GyvaWOIdhGKv7WYe/qIkyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGh1wpTZJJBnPHyUMd/gpGypGFGMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvNGFIWENsTmtra0djOGZKUXgzLUNrYktrWVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2ZxVAwQA
2ZxjMA0GCSqGSIb3DQEBCwUAA4IBAQBy75avouaIDmU6nacvM2HvmvWGq/ZU2sOl
1mU1SCZSSdUe2C9EiShgjoMtvwQTfpADxP7rk1XzGH8vOuFBlfCyzoipHySsbN2Q
Ho8kI5nRkkUJudGyyfjMmtf7ZLztLhgke7kaJ87t3voTgPlkKYASvuFbzEgmT/q9
buGXhHJYrb1pgci9e++Avo81ihYRrIoV5qBrKzcBlAYCnfFaDmZ3WJC0dWnoKnZS
vq4ujrL41frP2yXq1QBcFaanqyoertrp9tBMXNbgSoOc/i46bMeVjBCjyOzB/qNN
ihu8JhBar5KkY0i5AvHmi4jtHEgV7qDYzikYsCcN2z3IXkJYtLIq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org