Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bEBaBesiKXykHa2aTA6YjFY4Zj8.roa
File: bEBaBesiKXykHa2aTA6YjFY4Zj8.roa (raw, json)
Hash identifier: +YYyxDAtcU2dR0eNVvsZ8mJQLMAmEdQTApw/K0Z78hY=
Subject key identifier: 6C:40:5A:05:EB:22:29:7C:A4:1D:AD:9A:4C:0E:98:8C:56:38:66:3F
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64AF16EB26B4FD7ED66CCC417BB8F90
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bEBaBesiKXykHa2aTA6YjFY4Zj8.roa
Signing time: Mon 01 Jan 2024 18:30:49 +0000
ROA not before: Mon 01 Jan 2024 18:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61224
IP address blocks: 217.156.20.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 17 Jul 2024 05:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f1:6e:b2:6b:4f:d7:ed:66:cc:c4:17:bb:8f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c405a05eb22297ca41dad9a4c0e988c5638663f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d6:44:88:40:0f:f2:e5:51:b9:3d:4b:26:a1:
f4:18:30:b4:8b:8f:9f:36:d8:58:37:ee:ff:a1:13:
0b:82:be:e7:ca:55:00:9c:f8:d3:2c:5f:e0:fa:74:
0e:96:cf:9d:34:5b:5b:ab:46:71:eb:c9:26:5f:78:
3e:51:26:74:2d:97:7f:e7:14:4f:6d:8c:63:1f:70:
e1:9e:f6:cf:e9:25:65:52:cf:46:76:22:45:ca:fe:
1a:6c:28:b0:14:46:be:8a:cb:e0:09:39:c4:bc:5b:
1c:41:d5:21:8d:b5:c1:8c:b9:e0:67:75:f1:8c:83:
10:2d:41:3e:48:e8:05:55:6f:c2:4f:56:95:06:c8:
c7:da:2e:26:42:12:00:82:f4:72:0a:59:3e:a3:a4:
38:e5:5b:3b:d2:f6:a0:40:13:bb:7d:a2:fa:e6:ce:
c8:47:99:d5:36:e4:01:62:d5:9a:18:ef:36:96:05:
9d:a3:da:16:22:dd:5b:f6:0b:ea:e1:64:6e:98:3c:
69:d6:12:97:a0:c2:e6:1c:5c:75:e6:ba:77:51:5c:
2c:d5:b5:c0:a9:bd:72:80:58:91:ee:16:48:8d:a4:
eb:99:d1:63:78:93:0a:8b:7a:10:19:62:9b:66:5a:
a3:83:2f:11:7d:13:ff:6d:73:31:e1:3c:c7:77:0c:
8d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:40:5A:05:EB:22:29:7C:A4:1D:AD:9A:4C:0E:98:8C:56:38:66:3F
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bEBaBesiKXykHa2aTA6YjFY4Zj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.156.20.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:e7:59:d3:43:91:5c:f5:d3:7f:cd:ed:0c:21:c2:8b:be:c5:
32:43:d9:66:67:31:7f:2f:1f:be:bf:94:07:0c:48:e8:92:02:
b0:3e:4a:e1:ae:e3:0f:b8:e2:2c:26:fc:dd:9c:d2:f8:df:20:
74:f0:4e:fd:23:0b:82:54:c4:f6:ed:2e:05:ce:9d:a0:ce:48:
fb:8a:fe:89:9a:63:0f:ec:31:a1:74:df:1e:76:be:92:32:3f:
45:1c:c3:c0:4e:cb:95:44:77:ce:32:bb:01:e9:88:8b:2a:71:
e4:10:32:73:02:8e:69:4a:92:51:22:ec:f4:00:eb:98:06:c4:
9a:59:5d:d3:fe:a0:72:7e:1b:89:3e:59:00:f4:14:a7:fc:05:
46:8f:f8:0c:1a:a0:39:e2:fd:32:8a:a4:df:95:d8:15:b3:f7:
ef:bf:bb:2f:b8:c8:2e:83:fa:36:53:f0:9b:cd:d8:46:be:79:
b8:83:9a:02:81:21:8c:9f:14:6c:b6:85:d6:ae:21:eb:6f:2b:
03:01:6b:50:35:73:72:d2:f2:25:1f:45:6c:a2:37:e4:f1:48:
7f:7c:0c:9a:9e:dc:78:2d:7d:fa:5c:1a:7f:f2:dd:7f:3a:89:
2b:bc:2d:43:c8:2f:eb:87:a7:8f:ed:5d:31:e1:82:3f:de:cc:
10:63:82:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSvFusmtP1+1mzMQXu4+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQwNWEwNWViMjIyOTdjYTQxZGFkOWE0YzBlOTg4YzU2Mzg2NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dZEiEAP8uVRuT1LJqH0GDC0i4+f
NthYN+7/oRMLgr7nylUAnPjTLF/g+nQOls+dNFtbq0Zx68kmX3g+USZ0LZd/5xRP
bYxjH3DhnvbP6SVlUs9GdiJFyv4abCiwFEa+isvgCTnEvFscQdUhjbXBjLngZ3Xx
jIMQLUE+SOgFVW/CT1aVBsjH2i4mQhIAgvRyClk+o6Q45Vs70vagQBO7faL65s7I
R5nVNuQBYtWaGO82lgWdo9oWIt1b9gvq4WRumDxp1hKXoMLmHFx15rp3UVws1bXA
qb1ygFiR7hZIjaTrmdFjeJMKi3oQGWKbZlqjgy8RfRP/bXMx4TzHdwyNIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxAWgXrIil8pB2tmkwOmIxWOGY/MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYkVCYUJlc2lLWHlrSGEyYVRBNllqRlk0Wmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZwUMA0G
CSqGSIb3DQEBCwUAA4IBAQCj51nTQ5Fc9dN/ze0MIcKLvsUyQ9lmZzF/Lx++v5QH
DEjokgKwPkrhruMPuOIsJvzdnNL43yB08E79IwuCVMT27S4Fzp2gzkj7iv6JmmMP
7DGhdN8edr6SMj9FHMPATsuVRHfOMrsB6YiLKnHkEDJzAo5pSpJRIuz0AOuYBsSa
WV3T/qByfhuJPlkA9BSn/AVGj/gMGqA54v0yiqTfldgVs/fvv7svuMgug/o2U/Cb
zdhGvnm4g5oCgSGMnxRstoXWriHrbysDAWtQNXNy0vIlH0Vsojfk8Uh/fAyantx4
LX36XBp/8t1/OokrvC1DyC/rh6eP7V0x4YI/3swQY4K+
-----END CERTIFICATE-----
Generated at Wed Jul 17 06:41:59 2024 by rpki-client on console-ams.rpki-client.org