Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/2d3lf4v8vTQDjoyg-IFzUVRxy38.roa
File: 2d3lf4v8vTQDjoyg-IFzUVRxy38.roa (raw, json)
Hash identifier: wE7jKw41a0BGUo4O6WQw255aR7sRo3H95CWpkdOLEZI=
Subject key identifier: D9:DD:E5:7F:8B:FC:BD:34:03:8E:8C:A0:F8:81:73:51:54:71:CB:7F
Certificate issuer: /CN=f79c7c1a1baed3260d950d4cfce9a897cc97fa30
Certificate serial: 018991932453EB26C385179F98BC2A0BC6E4
Authority key identifier: F7:9C:7C:1A:1B:AE:D3:26:0D:95:0D:4C:FC:E9:A8:97:CC:97:FA:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/2d3lf4v8vTQDjoyg-IFzUVRxy38.roa
Signing time: Wed 26 Jul 2023 09:41:26 +0000
ROA not before: Wed 26 Jul 2023 09:41:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203587
IP address blocks: 217.20.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:93:24:53:eb:26:c3:85:17:9f:98:bc:2a:0b:c6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f79c7c1a1baed3260d950d4cfce9a897cc97fa30
Validity
Not Before: Jul 26 09:41:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9dde57f8bfcbd34038e8ca0f88173515471cb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:09:c3:6c:1e:63:43:96:23:7a:a3:25:26:b4:
48:94:c3:dd:52:40:4a:15:86:7b:d4:12:0f:35:65:
d3:16:13:51:90:bf:0b:9c:b7:35:e4:1b:4b:24:03:
54:62:3b:c7:65:1a:88:d4:2a:2e:5b:64:ed:bc:af:
a0:14:e8:db:56:9a:4d:64:96:d7:4c:bc:ba:dc:ee:
90:bf:b9:35:39:66:a6:2f:3d:3c:62:7f:a3:2a:07:
d4:43:f3:44:5a:a5:f3:30:5c:2c:24:84:90:6c:34:
c5:30:15:97:18:b0:3e:75:c4:c0:99:ff:35:dd:b0:
c7:b5:0a:dd:d1:45:ad:73:e9:58:4e:80:fa:43:07:
d0:20:3c:55:b4:08:96:d9:16:bb:4a:d7:41:5f:8b:
b6:d6:72:3f:3d:87:42:73:36:c8:9c:03:fd:5a:c2:
b5:46:8d:24:e0:95:76:ec:95:65:18:9c:00:10:af:
7a:83:f8:21:f4:0d:bd:4a:05:3b:1a:c8:fa:b5:fe:
7f:30:7b:4c:33:04:f5:f9:a5:56:d6:26:b8:1a:23:
67:d6:9d:eb:fa:58:98:18:e1:e5:f8:fd:1d:c8:2b:
27:ca:4c:69:ff:c8:d5:2c:2f:3f:48:97:b8:f9:e5:
7d:e5:74:ff:cf:9a:42:6e:be:0d:46:f8:a8:d3:05:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DD:E5:7F:8B:FC:BD:34:03:8E:8C:A0:F8:81:73:51:54:71:CB:7F
X509v3 Authority Key Identifier:
keyid:F7:9C:7C:1A:1B:AE:D3:26:0D:95:0D:4C:FC:E9:A8:97:CC:97:FA:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/2d3lf4v8vTQDjoyg-IFzUVRxy38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/95x8Ghuu0yYNlQ1M_Omol8yX-jA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.255.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f5:62:82:a2:d6:cb:55:3b:ae:fb:c2:9d:e1:a1:df:fd:b0:
4f:b5:68:93:25:37:c7:d8:f9:aa:26:6f:b6:72:7a:8c:07:d8:
c3:a5:d9:26:6a:af:cd:c1:bd:be:12:2d:b9:68:f2:66:e3:2d:
4f:d8:a4:bc:7a:fe:30:84:92:0e:f6:44:c7:57:8b:1f:21:ca:
56:70:6c:8d:8c:c1:ba:90:e8:d7:e7:2e:82:22:74:6e:ef:2f:
e1:fc:fe:67:55:77:1e:18:e5:d0:97:b3:80:e6:e4:a2:df:3f:
3a:85:1e:8e:a0:23:1d:3c:c9:2f:78:de:25:1e:fd:fd:9b:89:
60:0d:a7:a0:5a:88:d0:8e:64:c5:1d:e9:b8:ce:c6:e1:7c:ae:
0e:77:4b:b8:5f:d8:0a:5c:9f:d3:8e:31:99:8e:27:57:a0:0e:
0a:87:f5:1b:c7:a6:19:78:0f:e6:87:1b:c3:1a:54:56:5f:bf:
5c:6e:20:6c:fc:b8:1c:9c:bd:e5:a7:98:d0:83:6f:fd:03:a4:
90:1a:b1:89:0b:71:bb:8e:da:ce:c4:a5:c7:e7:79:f0:ef:d6:
8c:a9:cc:32:7f:6f:a9:3c:24:8a:18:80:9d:50:bf:c1:f6:cb:
49:cc:5d:d2:3c:d9:c2:40:16:3c:00:e3:7b:94:9d:7f:e5:09:
8b:f9:11:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmRkyRT6ybDhRefmLwqC8bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OWM3YzFhMWJhZWQzMjYwZDk1MGQ0Y2ZjZTlhODk3Y2M5
N2ZhMzAwHhcNMjMwNzI2MDk0MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRkZTU3ZjhiZmNiZDM0MDM4ZThjYTBmODgxNzM1MTU0NzFjYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAnDbB5jQ5YjeqMlJrRIlMPdUkBK
FYZ71BIPNWXTFhNRkL8LnLc15BtLJANUYjvHZRqI1CouW2TtvK+gFOjbVppNZJbX
TLy63O6Qv7k1OWamLz08Yn+jKgfUQ/NEWqXzMFwsJISQbDTFMBWXGLA+dcTAmf81
3bDHtQrd0UWtc+lYToD6QwfQIDxVtAiW2Ra7StdBX4u21nI/PYdCczbInAP9WsK1
Ro0k4JV27JVlGJwAEK96g/gh9A29SgU7Gsj6tf5/MHtMMwT1+aVW1ia4GiNn1p3r
+liYGOHl+P0dyCsnykxp/8jVLC8/SJe4+eV95XT/z5pCbr4NRvio0wWvRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnd5X+L/L00A46MoPiBc1FUcct/MB8GA1UdIwQY
MBaAFPecfBobrtMmDZUNTPzpqJfMl/owMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTV4OEdodXUweVlObFExTV9PbW9sOHlYLWpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZGQwM2ItNTg5Yi00NTFjLWI5ZWQt
ZDEyYjU4Y2NiODdjLzEvMmQzbGY0djh2VFFEam95Zy1JRnpVVlJ4eTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yZGQwM2ItNTg5Yi00NTFjLWI5ZWQtZDEyYjU4Y2NiODdj
LzEvOTV4OEdodXUweVlObFExTV9PbW9sOHlYLWpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RT/MA0G
CSqGSIb3DQEBCwUAA4IBAQAh9WKCotbLVTuu+8Kd4aHf/bBPtWiTJTfH2PmqJm+2
cnqMB9jDpdkmaq/Nwb2+Ei25aPJm4y1P2KS8ev4whJIO9kTHV4sfIcpWcGyNjMG6
kOjX5y6CInRu7y/h/P5nVXceGOXQl7OA5uSi3z86hR6OoCMdPMkveN4lHv39m4lg
DaegWojQjmTFHem4zsbhfK4Od0u4X9gKXJ/TjjGZjidXoA4Kh/Ubx6YZeA/mhxvD
GlRWX79cbiBs/LgcnL3lp5jQg2/9A6SQGrGJC3G7jtrOxKXH53nw79aMqcwyf2+p
PCSKGICdUL/B9stJzF3SPNnCQBY8AON7lJ1/5QmL+RHW
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:41 2024 by rpki-client on console-fra.rpki-client.org