Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/8BkdMn7l5gEZQNvHKWTGdV6uF6A.roa
File: 8BkdMn7l5gEZQNvHKWTGdV6uF6A.roa (raw, json)
Hash identifier: BHUfGCD+SNOp+1SFTXRmLNyS+hS+4rwjbg4L2hXFFAM=
Subject key identifier: F0:19:1D:32:7E:E5:E6:01:19:40:DB:C7:29:64:C6:75:5E:AE:17:A0
Certificate issuer: /CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Certificate serial: 018AF5A2D49141AD642B8CFAB8BBD60B3077
Authority key identifier: 22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/8BkdMn7l5gEZQNvHKWTGdV6uF6A.roa
Signing time: Tue 03 Oct 2023 13:03:23 +0000
ROA not before: Tue 03 Oct 2023 13:03:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 217.169.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:a2:d4:91:41:ad:64:2b:8c:fa:b8:bb:d6:0b:30:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Validity
Not Before: Oct 3 13:03:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0191d327ee5e6011940dbc72964c6755eae17a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:51:85:a6:81:ab:d3:0d:ad:36:67:97:51:44:
f3:2c:94:11:e6:29:2a:d0:c8:1e:a8:6f:94:34:0e:
ea:ec:38:1b:c2:4a:6b:6a:19:b7:a3:0c:a0:84:64:
d2:27:6f:d4:2f:4f:8d:71:07:09:88:39:77:0f:a2:
98:56:42:d3:3b:c3:51:b2:bc:d4:99:32:6d:89:7f:
7c:7b:b7:91:c6:2c:d2:e9:8f:dc:85:50:48:9e:46:
ec:8a:ce:f2:2f:d2:e0:c3:b3:2c:5d:b5:19:5f:ec:
d0:76:4d:d4:64:68:e4:f0:35:28:e6:b1:8d:2f:3d:
ff:dc:5a:8a:16:92:ed:72:c2:fb:5f:f8:48:16:16:
de:1b:37:39:c1:db:32:1d:ce:64:c4:33:02:ea:42:
1f:94:50:98:ed:15:40:84:f1:7f:b4:0f:a6:d7:33:
f4:a2:22:94:81:4f:5b:86:5d:46:e6:20:2f:0f:9b:
bf:3c:41:9c:80:52:86:0a:2b:8d:a1:5b:51:62:8c:
81:f6:4f:4a:f0:3a:57:74:18:06:0c:6e:4f:1d:ea:
1d:06:77:1d:01:20:12:4e:a4:15:42:de:f1:36:f1:
81:f6:07:97:c4:80:df:53:03:9c:11:16:48:7d:c4:
a8:8f:40:72:f8:a1:10:46:da:b9:e6:d9:c9:10:67:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:19:1D:32:7E:E5:E6:01:19:40:DB:C7:29:64:C6:75:5E:AE:17:A0
X509v3 Authority Key Identifier:
keyid:22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/8BkdMn7l5gEZQNvHKWTGdV6uF6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.202.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:dc:d9:21:13:49:03:29:56:3b:ea:81:7c:b5:55:1a:96:aa:
87:7e:b5:72:10:cc:99:e5:51:4f:c4:d4:d3:fc:34:a4:76:13:
e9:93:9a:da:f7:59:f0:fd:03:5f:85:4e:c7:bb:c4:29:6a:7b:
bb:a9:85:d8:c8:74:9c:79:83:49:ea:92:33:b1:d5:19:38:69:
81:60:54:80:48:3f:68:9d:86:76:5e:c8:e2:1f:7e:69:a2:96:
98:db:d9:9e:69:c1:5d:16:bc:03:f7:58:ef:e5:fc:c4:63:2d:
8b:95:16:12:9d:88:21:13:bf:79:ad:16:33:33:c5:5b:8c:82:
8f:0a:d1:d4:f1:ae:b6:9d:8e:c5:fb:da:64:46:f3:81:1b:1e:
44:a9:81:10:31:30:1c:91:09:15:93:b1:45:25:03:0a:36:f3:
55:46:3b:d5:d0:8c:ac:ca:24:42:e9:6c:a7:37:17:2e:dc:c3:
ab:5c:cf:4e:f2:65:c2:c6:0e:9e:88:31:49:7d:4d:ba:b2:10:
1c:33:c3:a7:90:2f:3e:4c:14:75:a2:d8:97:bd:ff:3c:60:8e:
36:2e:7f:7c:bf:8b:49:c8:1f:f5:98:18:1d:79:23:23:76:2a:
3e:6c:17:ff:8b:9a:64:6a:64:4a:da:c6:7f:b2:f1:0f:fe:39:
47:fe:b8:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1otSRQa1kK4z6uLvWCzB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGY0MTNmYjBhZjBiZDhmZTEzMDgyMGQzMDQ5ZDBlNzFl
ZDRiYjAwHhcNMjMxMDAzMTMwMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDE5MWQzMjdlZTVlNjAxMTk0MGRiYzcyOTY0YzY3NTVlYWUxN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1GFpoGr0w2tNmeXUUTzLJQR5ikq
0MgeqG+UNA7q7Dgbwkprahm3owyghGTSJ2/UL0+NcQcJiDl3D6KYVkLTO8NRsrzU
mTJtiX98e7eRxizS6Y/chVBInkbsis7yL9Lgw7MsXbUZX+zQdk3UZGjk8DUo5rGN
Lz3/3FqKFpLtcsL7X/hIFhbeGzc5wdsyHc5kxDMC6kIflFCY7RVAhPF/tA+m1zP0
oiKUgU9bhl1G5iAvD5u/PEGcgFKGCiuNoVtRYoyB9k9K8DpXdBgGDG5PHeodBncd
ASASTqQVQt7xNvGB9geXxIDfUwOcERZIfcSoj0By+KEQRtq55tnJEGdmRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAZHTJ+5eYBGUDbxylkxnVerhegMB8GA1UdIwQY
MBaAFCIPQT+wrwvY/hMIINMEnQ5x7UuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2Njkt
ODJlYmEwY2IzYjBkLzEvOEJrZE1uN2w1Z0VaUU52SEtXVEdkVjZ1RjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2NjktODJlYmEwY2IzYjBk
LzEvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2anKMA0G
CSqGSIb3DQEBCwUAA4IBAQC83NkhE0kDKVY76oF8tVUalqqHfrVyEMyZ5VFPxNTT
/DSkdhPpk5ra91nw/QNfhU7Hu8Qpanu7qYXYyHSceYNJ6pIzsdUZOGmBYFSASD9o
nYZ2XsjiH35popaY29meacFdFrwD91jv5fzEYy2LlRYSnYghE795rRYzM8VbjIKP
CtHU8a62nY7F+9pkRvOBGx5EqYEQMTAckQkVk7FFJQMKNvNVRjvV0IysyiRC6Wyn
Nxcu3MOrXM9O8mXCxg6eiDFJfU26shAcM8OnkC8+TBR1otiXvf88YI42Ln98v4tJ
yB/1mBgdeSMjdio+bBf/i5pkamRK2sZ/svEP/jlH/rjY
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:18 2024 by rpki-client on console-ams.rpki-client.org