Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/gqjDvVgGmp1_ATIkVGwi9XvQeJo.roa
File: gqjDvVgGmp1_ATIkVGwi9XvQeJo.roa (raw, json)
Hash identifier: mqNQrVIKTxRBR2cFTJbulhx30AgDVGQfmxOZzhZHKKg=
Subject key identifier: 82:A8:C3:BD:58:06:9A:9D:7F:01:32:24:54:6C:22:F5:7B:D0:78:9A
Certificate issuer: /CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Certificate serial: 0185737A99A36D8D0CF0ABB541772D875CDE
Authority key identifier: 22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/gqjDvVgGmp1_ATIkVGwi9XvQeJo.roa
Signing time: Mon 02 Jan 2023 17:14:52 +0000
ROA not before: Mon 02 Jan 2023 17:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12794
IP address blocks: 217.169.192.0/22 maxlen: 22
217.169.192.0/21 maxlen: 21
217.169.192.0/24 maxlen: 24
217.169.192.0/20 maxlen: 24
217.169.193.0/24 maxlen: 24
217.169.194.0/24 maxlen: 24
217.169.198.0/24 maxlen: 24
217.169.199.0/24 maxlen: 24
217.169.197.0/24 maxlen: 24
217.169.195.0/24 maxlen: 24
217.169.196.0/24 maxlen: 24
217.169.200.0/24 maxlen: 24
217.169.201.0/24 maxlen: 24
217.169.206.0/24 maxlen: 24
217.169.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:99:a3:6d:8d:0c:f0:ab:b5:41:77:2d:87:5c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Validity
Not Before: Jan 2 17:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82a8c3bd58069a9d7f013224546c22f57bd0789a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e5:b5:1f:75:39:8c:f2:05:e2:63:95:58:63:
7f:3d:84:c7:0e:bc:f9:33:66:c4:93:02:8a:09:e1:
5c:80:5b:05:23:30:88:09:c9:12:a1:6b:13:d8:0d:
46:10:9d:c4:be:5d:dc:17:52:71:03:b9:f0:32:04:
06:e8:2e:bc:de:f6:7b:90:8c:d6:81:5a:69:39:e6:
84:c4:9b:48:2a:3f:c4:02:63:31:8a:b2:56:11:5c:
5d:91:06:dd:0d:58:15:c3:50:7e:75:01:a9:25:46:
c2:11:b1:20:bb:97:03:4c:d2:00:43:5a:42:5e:57:
d6:76:5d:e7:16:a6:24:37:c5:d5:62:09:30:4c:18:
12:bf:56:ff:32:0f:ac:14:37:9f:04:65:a3:dd:75:
6c:02:8e:3b:34:3e:a6:0d:7a:a7:f6:97:fb:2e:24:
56:b0:94:8f:d5:67:5d:9c:b6:01:94:d1:15:ee:1c:
14:0a:c1:d7:29:6b:9f:74:e1:d0:2d:63:70:22:fa:
90:ed:bf:29:25:0e:8a:3e:d7:ce:b3:fb:c4:b7:7a:
cc:27:8e:a1:98:8f:a6:f2:23:19:46:b9:f3:e6:20:
b8:81:6f:84:ef:d3:ae:ad:fb:73:30:1d:54:35:79:
79:78:43:c8:13:99:91:cb:71:8e:69:0b:8b:ba:70:
b7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A8:C3:BD:58:06:9A:9D:7F:01:32:24:54:6C:22:F5:7B:D0:78:9A
X509v3 Authority Key Identifier:
keyid:22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/gqjDvVgGmp1_ATIkVGwi9XvQeJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.192.0/20
Signature Algorithm: sha256WithRSAEncryption
28:a4:42:45:cf:d2:c0:7e:f8:04:cf:6c:a2:07:77:68:f1:25:
2c:30:5e:ae:07:e9:a4:b3:00:e9:24:76:62:5b:f5:fd:7a:cc:
62:7d:24:de:16:c8:92:f7:85:0f:1d:cf:e6:a4:ee:87:56:6b:
fe:0f:6e:19:46:5e:09:55:ac:4e:e4:7b:8b:fd:e7:ff:6c:9d:
41:7d:33:74:d3:7c:5e:98:18:c2:ce:dd:2a:e3:de:d9:94:af:
c8:ad:de:2b:41:a9:cb:3d:17:3f:34:79:85:7f:d5:bd:2a:b8:
78:0e:f1:8c:c4:c7:71:57:7f:58:30:aa:29:36:9c:1a:59:16:
69:07:bd:42:67:83:a3:a1:f9:03:a0:a3:66:d5:6a:6b:88:0b:
83:3a:0c:7e:8f:13:6d:33:e8:14:46:77:b3:0d:99:10:e7:98:
b4:de:97:f3:4e:49:e9:5b:01:9d:7f:b9:95:a6:6c:84:96:66:
d4:ef:0f:62:2a:51:39:be:cd:9a:53:98:1b:84:8d:ac:99:14:
c6:f0:94:ad:c6:78:03:73:5c:30:85:a1:28:10:fe:4d:dd:98:
f2:09:de:82:ff:8b:4b:8b:74:bb:0a:07:f2:b8:86:a2:47:23:
a1:8c:7f:de:a4:f8:e0:58:23:19:5e:33:3a:bd:24:e6:28:07:
e7:dd:2b:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzepmjbY0M8Ku1QXcth1zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGY0MTNmYjBhZjBiZDhmZTEzMDgyMGQzMDQ5ZDBlNzFl
ZDRiYjAwHhcNMjMwMTAyMTcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmE4YzNiZDU4MDY5YTlkN2YwMTMyMjQ1NDZjMjJmNTdiZDA3ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+W1H3U5jPIF4mOVWGN/PYTHDrz5
M2bEkwKKCeFcgFsFIzCICckSoWsT2A1GEJ3Evl3cF1JxA7nwMgQG6C683vZ7kIzW
gVppOeaExJtIKj/EAmMxirJWEVxdkQbdDVgVw1B+dQGpJUbCEbEgu5cDTNIAQ1pC
XlfWdl3nFqYkN8XVYgkwTBgSv1b/Mg+sFDefBGWj3XVsAo47ND6mDXqn9pf7LiRW
sJSP1WddnLYBlNEV7hwUCsHXKWufdOHQLWNwIvqQ7b8pJQ6KPtfOs/vEt3rMJ46h
mI+m8iMZRrnz5iC4gW+E79OurftzMB1UNXl5eEPIE5mRy3GOaQuLunC3KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKow71YBpqdfwEyJFRsIvV70HiaMB8GA1UdIwQY
MBaAFCIPQT+wrwvY/hMIINMEnQ5x7UuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2Njkt
ODJlYmEwY2IzYjBkLzEvZ3FqRHZWZ0dtcDFfQVRJa1ZHd2k5WHZRZUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2NjktODJlYmEwY2IzYjBk
LzEvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2anAMA0G
CSqGSIb3DQEBCwUAA4IBAQAopEJFz9LAfvgEz2yiB3do8SUsMF6uB+mkswDpJHZi
W/X9esxifSTeFsiS94UPHc/mpO6HVmv+D24ZRl4JVaxO5HuL/ef/bJ1BfTN003xe
mBjCzt0q497ZlK/Ird4rQanLPRc/NHmFf9W9Krh4DvGMxMdxV39YMKopNpwaWRZp
B71CZ4OjofkDoKNm1WpriAuDOgx+jxNtM+gURnezDZkQ55i03pfzTknpWwGdf7mV
pmyElmbU7w9iKlE5vs2aU5gbhI2smRTG8JStxngDc1wwhaEoEP5N3ZjyCd6C/4tL
i3S7CgfyuIaiRyOhjH/epPjgWCMZXjM6vSTmKAfn3Su0
-----END CERTIFICATE-----
Generated at Wed Sep 20 15:05:11 2023 by rpki-client on console-ams.rpki-client.org