Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/0F4FDEcJLbDo151gJxdoedevfKc.roa
File: 0F4FDEcJLbDo151gJxdoedevfKc.roa (raw, json)
Hash identifier: Q9axT7hP8AYgYo+vscUocpzy7QuH1mqs1/TweIHJVC0=
Subject key identifier: D0:5E:05:0C:47:09:2D:B0:E8:D7:9D:60:27:17:68:79:D7:AF:7C:A7
Certificate issuer: /CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Certificate serial: 0186D6F913C477DAB01F4A19D44645540CF6
Authority key identifier: CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/0F4FDEcJLbDo151gJxdoedevfKc.roa
Signing time: Sun 12 Mar 2023 17:58:13 +0000
ROA not before: Sun 12 Mar 2023 17:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 217.196.142.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d6:f9:13:c4:77:da:b0:1f:4a:19:d4:46:45:54:0c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Validity
Not Before: Mar 12 17:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d05e050c47092db0e8d79d6027176879d7af7ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cc:b8:d4:e7:45:23:0d:d8:0a:dd:c6:71:93:
39:05:50:d0:4c:8a:89:af:c9:a7:4b:b2:64:f2:f4:
77:32:ea:28:57:9d:d2:c7:f0:b5:db:0c:bb:a3:8f:
c2:3d:a0:5a:2a:b7:89:65:2d:b3:d3:1d:bd:34:e6:
bb:52:0a:ed:4b:a4:f0:72:9f:df:dd:dd:90:94:3e:
66:0a:c9:bb:f0:ee:91:2e:ae:27:50:3a:e8:6a:17:
b4:65:40:66:be:a3:79:ea:3b:8f:13:60:5f:44:bf:
18:02:ae:87:d4:af:36:60:04:71:2b:73:99:e9:fb:
e3:0f:ec:1b:d0:65:57:bc:61:e7:8e:1e:71:3a:72:
c5:8c:1a:16:e0:31:4f:5b:c0:01:9e:ca:54:89:b4:
12:00:40:73:6f:bd:cf:06:7c:d1:1a:60:8a:ab:70:
08:e1:f3:b3:5c:9f:ee:f3:ad:f7:48:ba:ab:ef:7c:
d4:65:4c:41:f9:0d:66:d2:e1:dd:33:6c:bd:cc:69:
63:06:70:54:14:da:1f:8e:92:c6:33:fa:81:8c:79:
a2:e8:36:2b:ef:73:23:e4:2d:ca:87:a6:f4:d6:c9:
46:28:6e:a2:0a:ba:e7:b8:40:42:6c:f8:cf:ff:f0:
47:b7:f4:c5:df:c2:b1:d9:40:2b:f9:39:6e:a9:4b:
41:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5E:05:0C:47:09:2D:B0:E8:D7:9D:60:27:17:68:79:D7:AF:7C:A7
X509v3 Authority Key Identifier:
keyid:CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/0F4FDEcJLbDo151gJxdoedevfKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.142.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:02:73:14:e5:4b:c5:a5:98:a2:de:10:ec:e8:8f:dd:67:1b:
16:15:bc:64:a9:5c:b5:05:e2:94:c2:8c:e1:8e:ea:f9:2c:bb:
60:bd:a7:65:2c:ee:72:59:9a:d2:c6:1c:ee:bb:d9:e4:64:8c:
e0:64:86:9f:f4:2b:94:c7:ee:3a:d9:d5:0e:29:24:3c:4e:a6:
92:d2:85:01:92:e6:8c:56:d0:e2:2e:7d:5a:32:f0:2c:e4:13:
0d:fb:ca:49:d4:92:36:3a:14:78:37:a8:b7:2d:38:6c:83:27:
ab:a1:5c:4f:dc:76:7f:18:18:05:b2:38:f3:3e:56:c6:73:76:
1c:9a:66:7c:03:5a:9c:79:08:55:0d:71:16:44:26:28:e3:4f:
7f:73:fe:6a:b7:bf:fd:7c:28:9d:3e:a0:2f:4d:b5:b9:a5:cc:
d9:a0:94:fc:5c:44:2d:e4:18:2e:ae:28:25:ba:e8:44:32:05:
5c:0c:36:42:69:e1:02:a3:5b:04:e1:15:ae:62:72:0f:ca:f3:
c7:e8:f4:08:2f:8e:a3:82:19:69:9b:89:5d:35:11:e3:0b:4a:
d6:37:a0:0f:c4:9c:fb:6b:c5:11:80:cf:09:64:b6:79:47:4e:
3e:f0:9f:67:fb:1a:c6:e1:3e:39:7b:a2:b8:09:b1:84:11:8e:
84:f1:2b:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbW+RPEd9qwH0oZ1EZFVAz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjI2YmJiN2I2OWVlYzlmNjc5MGIwMzcwNTU0NWI4OTJm
YTJlOGEwHhcNMjMwMzEyMTc1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDVlMDUwYzQ3MDkyZGIwZThkNzlkNjAyNzE3Njg3OWQ3YWY3Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsy41OdFIw3YCt3GcZM5BVDQTIqJ
r8mnS7Jk8vR3MuooV53Sx/C12wy7o4/CPaBaKreJZS2z0x29NOa7UgrtS6Twcp/f
3d2QlD5mCsm78O6RLq4nUDroahe0ZUBmvqN56juPE2BfRL8YAq6H1K82YARxK3OZ
6fvjD+wb0GVXvGHnjh5xOnLFjBoW4DFPW8ABnspUibQSAEBzb73PBnzRGmCKq3AI
4fOzXJ/u8633SLqr73zUZUxB+Q1m0uHdM2y9zGljBnBUFNofjpLGM/qBjHmi6DYr
73Mj5C3Kh6b01slGKG6iCrrnuEBCbPjP//BHt/TF38Kx2UAr+TluqUtB3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBeBQxHCS2w6NedYCcXaHnXr3ynMB8GA1UdIwQY
MBaAFM1ia7t7ae7J9nkLA3BVRbiS+i6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDct
YzBmODlhZDM2YmNhLzEvMEY0RkRFY0pMYkRvMTUxZ0p4ZG9lZGV2ZktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDctYzBmODlhZDM2YmNh
LzEveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2cSOMA0G
CSqGSIb3DQEBCwUAA4IBAQAKAnMU5UvFpZii3hDs6I/dZxsWFbxkqVy1BeKUwozh
jur5LLtgvadlLO5yWZrSxhzuu9nkZIzgZIaf9CuUx+462dUOKSQ8TqaS0oUBkuaM
VtDiLn1aMvAs5BMN+8pJ1JI2OhR4N6i3LThsgyeroVxP3HZ/GBgFsjjzPlbGc3Yc
mmZ8A1qceQhVDXEWRCYo409/c/5qt7/9fCidPqAvTbW5pczZoJT8XEQt5Bgurigl
uuhEMgVcDDZCaeECo1sE4RWuYnIPyvPH6PQIL46jghlpm4ldNRHjC0rWN6APxJz7
a8URgM8JZLZ5R04+8J9n+xrG4T45e6K4CbGEEY6E8Svr
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:08 2024 by rpki-client on console-fra.rpki-client.org