Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/dldcq0zDzr0nysPxk5njqw1M6Rs.roa
File: dldcq0zDzr0nysPxk5njqw1M6Rs.roa (raw, json)
Hash identifier: wCtHb4VVD/sZTPrmuXhluor6cBqbfrJFrMJeakvuw58=
Subject key identifier: 76:57:5C:AB:4C:C3:CE:BD:27:CA:C3:F1:93:99:E3:AB:0D:4C:E9:1B
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: 0185729EE029D8A4EEE91E521FF85AC77BF0
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/dldcq0zDzr0nysPxk5njqw1M6Rs.roa
Signing time: Mon 02 Jan 2023 13:14:52 +0000
ROA not before: Mon 02 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 06:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:e0:29:d8:a4:ee:e9:1e:52:1f:f8:5a:c7:7b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: Jan 2 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76575cab4cc3cebd27cac3f19399e3ab0d4ce91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2a:b4:29:2f:13:a0:c6:b7:9c:e4:b3:23:8a:
03:86:00:e0:c1:b6:8e:9b:83:1e:c0:02:14:7e:54:
a3:60:0b:6b:ca:21:57:02:bd:a8:a5:e5:90:4d:0d:
70:76:f1:93:e0:dc:d8:d6:86:84:74:be:18:c1:e3:
b8:6c:21:d8:74:05:b3:87:50:b3:05:52:68:3d:48:
1f:30:58:1f:aa:34:d8:2c:71:70:d7:38:a5:1e:e7:
29:41:a1:43:e3:a6:0b:8f:36:da:fb:9c:96:57:76:
0f:ae:49:2c:e5:f5:97:ae:18:2c:d1:4c:91:09:29:
b1:a4:06:7f:d3:2f:aa:d0:04:32:38:ff:c1:42:a3:
ac:65:6a:dd:58:93:5a:d4:c4:39:e1:25:84:21:2c:
14:38:6e:01:85:94:4b:81:37:98:74:e5:35:84:25:
11:5b:d6:7b:ce:88:56:df:6f:d2:3c:b3:cc:d7:31:
13:01:ad:bc:cf:52:09:6a:8d:e8:1e:1d:f0:b9:cf:
32:5b:57:32:39:5e:48:64:71:2b:0d:e9:f2:88:2b:
92:e0:9a:20:c0:17:22:be:f0:bc:2a:88:58:ee:f6:
cb:d4:27:d7:d8:d8:ca:6d:5c:25:6f:27:fd:8d:9b:
1e:93:2d:aa:81:87:6c:a4:47:f3:ca:b8:ed:99:66:
b6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:57:5C:AB:4C:C3:CE:BD:27:CA:C3:F1:93:99:E3:AB:0D:4C:E9:1B
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/dldcq0zDzr0nysPxk5njqw1M6Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.117.65.0/24
217.117.71.0/24
217.117.76.0/24
Signature Algorithm: sha256WithRSAEncryption
96:60:20:e7:77:63:79:89:1b:53:bd:b3:f5:d1:0a:eb:76:49:
3b:ac:25:c0:50:05:22:d5:a5:d4:57:ee:48:1c:a6:cb:6a:74:
69:97:7d:18:d3:52:ff:ea:bf:c1:40:73:e9:2c:88:79:07:b2:
12:75:dc:54:5c:04:a6:ab:44:5f:37:1d:1b:3d:d2:37:5f:35:
f4:3f:15:e9:08:bb:d9:bf:76:39:a2:9c:39:e9:c0:22:19:cd:
89:26:e2:bc:9d:e3:65:ab:16:1b:c6:01:b0:c9:96:78:64:d4:
2c:9f:52:ff:01:80:d8:a5:0c:85:0e:ac:d9:05:9e:55:23:c8:
c7:a3:f6:84:45:35:a3:27:62:6c:d9:d3:b0:d4:c5:e3:6a:26:
3b:ab:db:89:22:4c:41:2c:0c:17:e8:4c:95:82:a3:f7:7d:b4:
ca:c4:73:01:35:12:55:11:42:4a:c9:ee:ee:38:0e:6e:2c:4d:
e4:97:1c:01:9a:65:74:7b:a9:34:3c:22:15:fc:5a:dd:02:fc:
64:2c:92:94:1b:08:d0:f4:12:e7:ea:e1:2e:ed:c0:84:c7:6c:
05:df:2c:1c:39:c4:0a:15:78:78:ea:82:47:29:18:3d:25:a6:
e3:61:26:5c:5e:58:ab:98:49:73:e0:2a:90:38:1e:27:4e:dd:
ed:b8:9b:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVynuAp2KTu6R5SH/hax3vwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZl
MWM2MjIwHhcNMjMwMTAyMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU3NWNhYjRjYzNjZWJkMjdjYWMzZjE5Mzk5ZTNhYjBkNGNlOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSq0KS8ToMa3nOSzI4oDhgDgwbaO
m4MewAIUflSjYAtryiFXAr2opeWQTQ1wdvGT4NzY1oaEdL4YweO4bCHYdAWzh1Cz
BVJoPUgfMFgfqjTYLHFw1zilHucpQaFD46YLjzba+5yWV3YPrkks5fWXrhgs0UyR
CSmxpAZ/0y+q0AQyOP/BQqOsZWrdWJNa1MQ54SWEISwUOG4BhZRLgTeYdOU1hCUR
W9Z7zohW32/SPLPM1zETAa28z1IJao3oHh3wuc8yW1cyOV5IZHErDenyiCuS4Jog
wBcivvC8KohY7vbL1CfX2NjKbVwlbyf9jZseky2qgYdspEfzyrjtmWa2QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHZXXKtMw869J8rD8ZOZ46sNTOkbMB8GA1UdIwQY
MBaAFCrOIQkO5NeGd0E0I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjkt
NTkwYTk4MTNkZGRmLzEvZGxkY3EwekR6cjBueXNQeGs1bmpxdzFNNlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRm
LzEvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2XVBAwQA
2XVHAwQA2XVMMA0GCSqGSIb3DQEBCwUAA4IBAQCWYCDnd2N5iRtTvbP10Qrrdkk7
rCXAUAUi1aXUV+5IHKbLanRpl30Y01L/6r/BQHPpLIh5B7ISddxUXASmq0RfNx0b
PdI3XzX0PxXpCLvZv3Y5opw56cAiGc2JJuK8neNlqxYbxgGwyZZ4ZNQsn1L/AYDY
pQyFDqzZBZ5VI8jHo/aERTWjJ2Js2dOw1MXjaiY7q9uJIkxBLAwX6EyVgqP3fbTK
xHMBNRJVEUJKye7uOA5uLE3klxwBmmV0e6k0PCIV/FrdAvxkLJKUGwjQ9BLn6uEu
7cCEx2wF3ywcOcQKFXh46oJHKRg9JabjYSZcXlirmElz4CqQOB4nTt3tuJtw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org