Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/KiGqCo7gssFVGArs_grG9qf4HAw.roa
File: KiGqCo7gssFVGArs_grG9qf4HAw.roa (raw, json)
Hash identifier: +pDyKqX6j+hu4gGrlo7lITO33FrZLO2OYaGHPJKxHl0=
Subject key identifier: 2A:21:AA:0A:8E:E0:B2:C1:55:18:0A:EC:FE:0A:C6:F6:A7:F8:1C:0C
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 018A3C3102124C288146A4F05E6581EDAF00
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/KiGqCo7gssFVGArs_grG9qf4HAw.roa
Signing time: Mon 28 Aug 2023 12:49:19 +0000
ROA not before: Mon 28 Aug 2023 12:49:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 217.77.16.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:31:02:12:4c:28:81:46:a4:f0:5e:65:81:ed:af:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Aug 28 12:49:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a21aa0a8ee0b2c155180aecfe0ac6f6a7f81c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:01:4f:d3:c8:f1:64:8b:95:b6:81:8f:cb:f9:
e1:79:ef:b2:d5:5e:91:8e:d0:11:60:2a:28:9d:61:
2f:6f:f1:b0:b1:f0:c5:4b:21:ba:d2:59:ea:80:d4:
69:fe:94:0e:70:4d:f6:75:7a:86:9a:4a:7e:9d:00:
9b:2e:11:7a:82:ae:f9:66:89:80:5e:f2:a3:39:8b:
ff:fb:20:b8:b7:60:f5:9c:e9:10:16:fa:64:8d:ed:
fc:cf:95:02:1c:39:95:ee:f9:ba:a9:a4:9f:66:27:
21:40:95:19:68:cc:ad:05:44:c4:45:cf:e0:5d:0f:
a4:51:90:fc:5c:b0:23:42:fe:c1:fe:c5:7b:6f:a5:
8f:b8:a2:2d:7b:73:9d:60:97:db:c1:23:ca:1e:6e:
42:04:85:1b:a5:f0:58:98:a2:93:30:bd:59:ae:5f:
5a:9f:da:b0:57:a7:5c:65:09:81:cf:c8:ff:be:71:
e0:b3:36:88:99:1f:82:fc:e4:7b:e5:b1:19:81:4e:
01:aa:ee:b5:78:cd:7c:43:e8:4f:55:6c:dd:2c:38:
67:48:49:31:7d:74:df:c5:7a:bb:b6:44:10:81:2e:
9e:74:d6:a9:7c:69:cf:33:50:a1:f6:ac:8d:f2:a6:
90:05:6d:b4:18:3a:2a:b7:37:e9:a8:72:28:14:c8:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:21:AA:0A:8E:E0:B2:C1:55:18:0A:EC:FE:0A:C6:F6:A7:F8:1C:0C
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/KiGqCo7gssFVGArs_grG9qf4HAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.77.16.0/21
Signature Algorithm: sha256WithRSAEncryption
73:6c:fa:63:fd:6d:f9:5b:82:28:e8:5d:08:d5:e3:3e:8c:a9:
fc:44:93:f9:cc:af:d5:81:42:0d:15:60:fc:08:e5:cf:46:88:
ba:4a:76:4c:b3:a2:a4:f8:c1:46:b9:6a:1e:d8:31:55:b6:1c:
e8:d5:7f:ae:64:df:01:97:38:c7:1a:53:53:5d:15:73:e6:87:
de:c5:a9:53:aa:7d:48:59:ab:0a:78:e6:84:da:d4:38:dd:4d:
17:1d:20:cc:cd:78:e2:1d:cf:83:dc:69:75:35:67:01:65:27:
f0:9e:89:fe:e8:89:46:e6:f2:0d:a2:01:90:92:9e:81:a4:e7:
17:b3:9d:e7:3a:b3:f5:73:66:18:0e:4d:cb:b6:73:72:e4:cc:
18:b8:b1:2c:9c:31:f3:d2:d6:50:2e:a2:f2:17:8f:59:13:fc:
ee:76:41:96:db:65:97:4e:22:67:41:1b:93:29:d8:52:67:76:
c5:4a:a6:7d:ed:9d:cf:3f:47:23:67:3c:84:97:e7:d6:bd:46:
c8:a8:a4:d2:96:cf:10:3b:8c:81:85:1d:d6:76:a2:fa:1a:45:
12:ea:58:54:78:79:63:c2:4a:b4:0d:98:d9:f2:9a:c8:2e:83:
5c:e2:d1:40:5b:b8:53:c7:dc:11:bc:57:f5:58:f0:bc:39:6f:
1b:62:14:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8MQISTCiBRqTwXmWB7a8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjMwODI4MTI0OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIxYWEwYThlZTBiMmMxNTUxODBhZWNmZTBhYzZmNmE3ZjgxYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gFP08jxZIuVtoGPy/nhee+y1V6R
jtARYCoonWEvb/GwsfDFSyG60lnqgNRp/pQOcE32dXqGmkp+nQCbLhF6gq75ZomA
XvKjOYv/+yC4t2D1nOkQFvpkje38z5UCHDmV7vm6qaSfZichQJUZaMytBUTERc/g
XQ+kUZD8XLAjQv7B/sV7b6WPuKIte3OdYJfbwSPKHm5CBIUbpfBYmKKTML1Zrl9a
n9qwV6dcZQmBz8j/vnHgszaImR+C/OR75bEZgU4Bqu61eM18Q+hPVWzdLDhnSEkx
fXTfxXq7tkQQgS6edNapfGnPM1Ch9qyN8qaQBW20GDoqtzfpqHIoFMjJEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCohqgqO4LLBVRgK7P4Kxvan+BwMMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvS2lHcUNvN2dzc0ZWR0Fyc19nckc5cWY0SEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2U0QMA0G
CSqGSIb3DQEBCwUAA4IBAQBzbPpj/W35W4Io6F0I1eM+jKn8RJP5zK/VgUINFWD8
COXPRoi6SnZMs6Kk+MFGuWoe2DFVthzo1X+uZN8BlzjHGlNTXRVz5ofexalTqn1I
WasKeOaE2tQ43U0XHSDMzXjiHc+D3Gl1NWcBZSfwnon+6IlG5vINogGQkp6BpOcX
s53nOrP1c2YYDk3LtnNy5MwYuLEsnDHz0tZQLqLyF49ZE/zudkGW22WXTiJnQRuT
KdhSZ3bFSqZ97Z3PP0cjZzyEl+fWvUbIqKTSls8QO4yBhR3WdqL6GkUS6lhUeHlj
wkq0DZjZ8prILoNc4tFAW7hTx9wRvFf1WPC8OW8bYhSO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org