Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/wSIp1kyjw9MudX8Krarnse5wzAY.roa
File: wSIp1kyjw9MudX8Krarnse5wzAY.roa (raw, json)
Hash identifier: KE7k/DVif2PyCVwTsfobGHAomFHjAFcbBA0PQxQ7uf8=
Subject key identifier: C1:22:29:D6:4C:A3:C3:D3:2E:75:7F:0A:AD:AA:E7:B1:EE:70:CC:06
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: 0187FF4D9DEDE2D4461DAF5A32C970077894
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/wSIp1kyjw9MudX8Krarnse5wzAY.roa
Signing time: Tue 09 May 2023 06:58:09 +0000
ROA not before: Tue 09 May 2023 06:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
87.238.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:4d:9d:ed:e2:d4:46:1d:af:5a:32:c9:70:07:78:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: May 9 06:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c12229d64ca3c3d32e757f0aadaae7b1ee70cc06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f4:9e:ba:a3:3d:38:fd:3f:db:de:78:e0:b1:
d2:91:b7:62:28:df:50:a0:6e:6a:0d:07:51:6f:b1:
9b:d8:49:f6:5a:5b:a8:69:3c:4c:f0:e5:d2:51:6e:
62:31:c9:33:89:cd:6d:aa:59:e5:94:69:6e:42:45:
69:8e:69:37:34:77:b8:aa:d3:39:2d:4f:65:40:70:
bb:7d:1e:6f:94:30:8c:47:da:36:c9:7e:3f:d3:c9:
09:1a:b0:20:68:24:66:06:78:c7:6a:37:82:6d:11:
31:d9:91:f2:64:11:2f:35:ef:51:f4:b1:33:b4:0e:
fb:93:35:c5:8f:24:88:50:c8:3b:1c:a4:b2:1b:ff:
d7:29:d8:58:86:b7:fa:43:31:af:15:a8:5d:bf:01:
4c:c4:47:1e:be:ac:ef:0f:a6:28:7f:ea:86:5c:2a:
28:82:b6:68:d9:a8:0e:ec:ed:33:16:7d:a5:16:02:
99:f8:8b:39:ab:57:1e:46:fd:e0:47:94:1f:0c:40:
29:15:c0:dc:f6:a2:38:c5:5a:54:4e:e3:8d:cd:8d:
74:54:51:f1:48:32:51:d9:4a:ff:89:7b:e6:5b:a0:
db:da:da:d0:d4:db:7d:be:03:0d:70:1d:79:3c:d2:
be:70:fd:a2:2f:19:a0:5f:54:2c:fa:f3:5d:07:ce:
f3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:22:29:D6:4C:A3:C3:D3:2E:75:7F:0A:AD:AA:E7:B1:EE:70:CC:06
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/wSIp1kyjw9MudX8Krarnse5wzAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.154.0/24
217.117.65.0/24
217.117.71.0/24
217.117.76.0/24
Signature Algorithm: sha256WithRSAEncryption
34:8f:cc:d3:7a:59:ff:da:b3:c5:e7:f0:f9:36:a6:c2:da:bf:
f0:2a:97:04:c9:86:0c:29:be:39:84:47:04:3a:04:79:bc:3a:
27:73:35:67:aa:ab:1b:fd:5e:ae:49:58:9c:c6:46:8b:f1:73:
9b:73:43:cd:71:73:ad:3d:35:f4:63:37:f4:65:64:75:b0:b8:
d3:cb:8a:39:e4:c5:ba:d2:84:12:52:35:ca:29:d5:4b:a9:ed:
cc:d1:7c:a3:36:e9:3d:db:38:bb:15:a5:53:eb:63:b6:cd:7f:
ae:f9:43:49:03:d5:12:31:5d:81:93:33:18:03:36:25:52:cc:
0d:49:ee:2b:d6:8a:37:82:db:d0:38:5e:ee:29:84:ad:4e:f9:
e9:ae:11:60:86:65:fe:8b:72:52:6c:3c:8e:93:d2:32:73:df:
08:50:9d:a2:ea:63:cf:11:fc:1b:96:a3:f6:0f:ee:23:d9:e5:
c2:d9:e0:be:c3:59:60:53:6a:5f:98:74:4b:23:b6:26:e5:55:
62:1b:3b:4b:70:b6:dc:15:e2:69:09:f2:fc:b0:75:6d:d6:4d:
59:c0:ac:5f:b4:5f:31:e1:6c:0f:dd:d4:af:ec:4d:bc:58:c0:
87:36:9d:56:14:40:56:9d:98:59:ff:df:08:45:f8:8d:c3:78:
06:c5:cb:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf/TZ3t4tRGHa9aMslwB3iUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZl
MWM2MjIwHhcNMjMwNTA5MDY1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTIyMjlkNjRjYTNjM2QzMmU3NTdmMGFhZGFhZTdiMWVlNzBjYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fSeuqM9OP0/29544LHSkbdiKN9Q
oG5qDQdRb7Gb2En2WluoaTxM8OXSUW5iMckzic1tqlnllGluQkVpjmk3NHe4qtM5
LU9lQHC7fR5vlDCMR9o2yX4/08kJGrAgaCRmBnjHajeCbREx2ZHyZBEvNe9R9LEz
tA77kzXFjySIUMg7HKSyG//XKdhYhrf6QzGvFahdvwFMxEcevqzvD6Yof+qGXCoo
grZo2agO7O0zFn2lFgKZ+Is5q1ceRv3gR5QfDEApFcDc9qI4xVpUTuONzY10VFHx
SDJR2Ur/iXvmW6Db2trQ1Nt9vgMNcB15PNK+cP2iLxmgX1Qs+vNdB87ziwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMEiKdZMo8PTLnV/Cq2q57HucMwGMB8GA1UdIwQY
MBaAFCrOIQkO5NeGd0E0I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjkt
NTkwYTk4MTNkZGRmLzEvd1NJcDFreWp3OU11ZFg4S3Jhcm5zZTV3ekFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRm
LzEvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV+6aAwQA
2XVBAwQA2XVHAwQA2XVMMA0GCSqGSIb3DQEBCwUAA4IBAQA0j8zTeln/2rPF5/D5
NqbC2r/wKpcEyYYMKb45hEcEOgR5vDonczVnqqsb/V6uSVicxkaL8XObc0PNcXOt
PTX0Yzf0ZWR1sLjTy4o55MW60oQSUjXKKdVLqe3M0XyjNuk92zi7FaVT62O2zX+u
+UNJA9USMV2BkzMYAzYlUswNSe4r1oo3gtvQOF7uKYStTvnprhFghmX+i3JSbDyO
k9Iyc98IUJ2i6mPPEfwblqP2D+4j2eXC2eC+w1lgU2pfmHRLI7Ym5VViGztLcLbc
FeJpCfL8sHVt1k1ZwKxftF8x4WwP3dSv7E28WMCHNp1WFEBWnZhZ/98IRfiNw3gG
xcub
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org