Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/oqP2_YftC2TncPEQPgc196wyJX4.roa
File: oqP2_YftC2TncPEQPgc196wyJX4.roa (raw, json)
Hash identifier: uH9ReK6hdVyXVyQsWU9/BK+jAPX+SQYfM+faT65VXxg=
Subject key identifier: A2:A3:F6:FD:87:ED:0B:64:E7:70:F1:10:3E:07:35:F7:AC:32:25:7E
Certificate issuer: /CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Certificate serial: 018AB300EDEA50534F183549943F9CFD1F08
Authority key identifier: 22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/oqP2_YftC2TncPEQPgc196wyJX4.roa
Signing time: Wed 20 Sep 2023 14:31:37 +0000
ROA not before: Wed 20 Sep 2023 14:31:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12794
IP address blocks: 217.169.192.0/22 maxlen: 22
217.169.192.0/21 maxlen: 21
217.169.192.0/24 maxlen: 24
217.169.192.0/20 maxlen: 24
217.169.193.0/24 maxlen: 24
217.169.194.0/24 maxlen: 24
217.169.198.0/24 maxlen: 24
217.169.199.0/24 maxlen: 24
217.169.197.0/24 maxlen: 24
217.169.195.0/24 maxlen: 24
217.169.196.0/24 maxlen: 24
217.169.200.0/24 maxlen: 24
217.169.201.0/24 maxlen: 24
217.169.206.0/24 maxlen: 24
217.169.203.0/24 maxlen: 24
217.169.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:00:ed:ea:50:53:4f:18:35:49:94:3f:9c:fd:1f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Validity
Not Before: Sep 20 14:31:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a3f6fd87ed0b64e770f1103e0735f7ac32257e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ea:d4:4a:28:9a:98:53:b3:32:25:96:e8:24:
e1:cc:8c:c2:ce:0a:b9:e3:f4:36:a2:3d:5e:ab:c0:
6d:64:2a:82:13:95:08:59:88:e5:43:75:bf:77:cd:
d0:27:fa:75:f0:80:19:c9:6d:5b:e8:f0:ae:3f:ec:
ff:9f:a4:04:69:21:d9:be:d4:c7:60:33:9f:6f:5e:
27:40:99:24:cb:89:51:68:ba:17:3b:f3:c6:42:62:
5a:43:fd:b4:51:27:b7:a1:db:ee:cd:29:90:a1:a2:
d2:8b:d4:21:7f:00:67:ba:0f:4b:88:b3:6f:3a:4a:
e1:f1:d5:c3:2f:cb:8e:38:e0:d5:8a:e7:70:9c:1d:
68:cd:96:8d:e5:d4:35:d2:d8:f7:b7:ca:35:91:4b:
49:8e:e1:a4:a5:cc:fa:60:d4:9f:b9:64:c0:0d:0c:
27:00:84:96:44:6c:2d:4d:e0:33:68:ab:07:02:9c:
e4:e0:be:84:d6:df:eb:31:c8:0a:a4:23:e3:b4:95:
c5:87:c0:99:44:9c:4b:1b:5e:0d:ac:3e:cc:37:06:
38:c6:00:81:83:ba:2a:4a:18:1f:74:70:07:c6:cc:
55:2b:5c:c5:4c:89:8c:de:d6:3f:e5:9e:e8:6e:63:
cc:0b:39:4b:bb:c1:3f:8f:7a:91:0d:96:2c:52:d3:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A3:F6:FD:87:ED:0B:64:E7:70:F1:10:3E:07:35:F7:AC:32:25:7E
X509v3 Authority Key Identifier:
keyid:22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/oqP2_YftC2TncPEQPgc196wyJX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.192.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:e0:b7:17:9c:fc:1f:cc:b6:d2:89:e9:bd:cb:76:6d:24:31:
08:23:89:33:04:b4:33:a1:28:91:7b:be:ff:29:39:c8:87:ba:
b3:f8:c2:92:26:3e:82:5d:7d:8b:cd:de:49:7d:17:4f:ab:51:
f2:f7:11:f8:64:73:c2:48:1e:45:98:d6:88:1c:81:30:de:c1:
4f:8c:e9:5e:02:3a:37:d5:bd:bd:83:16:3d:04:88:bf:3e:e7:
a1:c5:df:ff:3c:ec:ab:9c:ac:ce:35:77:c4:ee:9f:76:84:f5:
64:14:7f:0a:b4:12:92:8f:72:05:38:b1:b1:4d:ed:15:13:3c:
5d:cc:f0:31:70:53:50:94:c4:b0:45:81:9d:a8:a1:5a:f3:08:
95:d2:6e:7c:85:5a:fb:41:23:fe:da:c3:f1:c3:bd:9c:d1:f5:
66:64:2c:e8:87:56:ee:6d:99:9b:a7:96:78:14:bf:fe:5c:86:
1a:bf:e7:5c:d2:1b:c2:6e:9b:3b:bc:bd:13:7a:22:88:b5:fc:
84:8c:15:57:d3:e3:19:ca:b8:be:d6:29:a8:32:1d:12:6c:f9:
47:3b:69:2e:2d:11:68:ab:dd:d7:36:43:4f:ff:1e:0e:ce:1d:
b4:90:8f:67:80:0c:7b:bd:0b:58:70:f2:99:3c:fe:fc:55:8c:
91:e1:9d:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqzAO3qUFNPGDVJlD+c/R8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGY0MTNmYjBhZjBiZDhmZTEzMDgyMGQzMDQ5ZDBlNzFl
ZDRiYjAwHhcNMjMwOTIwMTQzMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEzZjZmZDg3ZWQwYjY0ZTc3MGYxMTAzZTA3MzVmN2FjMzIyNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOrUSiiamFOzMiWW6CThzIzCzgq5
4/Q2oj1eq8BtZCqCE5UIWYjlQ3W/d83QJ/p18IAZyW1b6PCuP+z/n6QEaSHZvtTH
YDOfb14nQJkky4lRaLoXO/PGQmJaQ/20USe3odvuzSmQoaLSi9QhfwBnug9LiLNv
Okrh8dXDL8uOOODViudwnB1ozZaN5dQ10tj3t8o1kUtJjuGkpcz6YNSfuWTADQwn
AISWRGwtTeAzaKsHApzk4L6E1t/rMcgKpCPjtJXFh8CZRJxLG14NrD7MNwY4xgCB
g7oqShgfdHAHxsxVK1zFTImM3tY/5Z7obmPMCzlLu8E/j3qRDZYsUtPboQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKj9v2H7Qtk53DxED4HNfesMiV+MB8GA1UdIwQY
MBaAFCIPQT+wrwvY/hMIINMEnQ5x7UuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2Njkt
ODJlYmEwY2IzYjBkLzEvb3FQMl9ZZnRDMlRuY1BFUVBnYzE5Nnd5Slg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2NjktODJlYmEwY2IzYjBk
LzEvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2anAMA0G
CSqGSIb3DQEBCwUAA4IBAQCd4LcXnPwfzLbSiem9y3ZtJDEII4kzBLQzoSiRe77/
KTnIh7qz+MKSJj6CXX2Lzd5JfRdPq1Hy9xH4ZHPCSB5FmNaIHIEw3sFPjOleAjo3
1b29gxY9BIi/Puehxd//POyrnKzONXfE7p92hPVkFH8KtBKSj3IFOLGxTe0VEzxd
zPAxcFNQlMSwRYGdqKFa8wiV0m58hVr7QSP+2sPxw72c0fVmZCzoh1bubZmbp5Z4
FL/+XIYav+dc0hvCbps7vL0TeiKItfyEjBVX0+MZyri+1imoMh0SbPlHO2kuLRFo
q93XNkNP/x4Ozh20kI9ngAx7vQtYcPKZPP78VYyR4Z0/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org