Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/iJW80sc4hlQhpf4AcNWkBtwkXNM.roa
File: iJW80sc4hlQhpf4AcNWkBtwkXNM.roa (raw, json)
Hash identifier: pnciesMGx/BDGMsFFd7mCElga0dPnOP9dPSy45Z5qJ8=
Subject key identifier: 88:95:BC:D2:C7:38:86:54:21:A5:FE:00:70:D5:A4:06:DC:24:5C:D3
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 018DDDDA9CE85445F20080C2648788B5B89E
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/iJW80sc4hlQhpf4AcNWkBtwkXNM.roa
Signing time: Sun 25 Feb 2024 01:21:48 +0000
ROA not before: Sun 25 Feb 2024 01:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16253
IP address blocks: 217.142.0.0/20 maxlen: 20
2a03:f0c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 25 Feb 2024 01:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dd:da:9c:e8:54:45:f2:00:80:c2:64:87:88:b5:b8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Feb 25 01:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8895bcd2c738865421a5fe0070d5a406dc245cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:79:2a:d5:8a:00:47:aa:af:ed:ac:97:49:
12:e7:6b:8e:90:50:11:1d:f4:18:8c:f8:90:01:4a:
d9:3d:be:18:7a:29:ef:00:88:a3:ff:16:a2:30:97:
67:2b:df:47:35:2d:bc:c0:62:60:cd:2f:af:26:54:
7d:56:56:7f:11:7f:38:5c:62:1f:ed:2e:06:08:b4:
fa:15:fe:e2:ce:59:ab:58:43:09:31:11:e6:ed:c5:
d6:be:0f:7d:a8:2f:72:4a:f2:ff:62:a4:bf:09:80:
16:f0:78:12:82:82:87:79:a8:a0:9e:a1:e4:31:f0:
12:0b:0b:1a:01:54:1a:76:f2:a4:5e:c3:9f:ed:47:
7e:15:f0:e9:af:a9:9b:ca:d9:bf:87:4a:91:d9:70:
25:37:0e:a7:30:0e:e3:e9:64:b3:29:dc:1f:f2:be:
bd:c2:c6:06:c9:04:0c:10:26:07:55:b4:24:82:d3:
45:ef:a0:7d:80:1b:eb:27:71:8d:c9:ca:eb:60:76:
e5:df:f6:60:d4:c7:e5:8d:61:9e:57:cf:1b:5e:62:
33:2b:43:7a:de:4b:e3:53:1a:49:5a:2c:47:3d:93:
a4:9f:2c:ed:bc:22:b8:d8:76:7f:75:2c:20:73:3a:
a8:00:b7:55:ae:ad:6d:6c:ab:57:c6:ed:9f:40:23:
be:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:95:BC:D2:C7:38:86:54:21:A5:FE:00:70:D5:A4:06:DC:24:5C:D3
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/iJW80sc4hlQhpf4AcNWkBtwkXNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.0.0/20
IPv6:
2a03:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
74:fe:c4:75:d2:8a:42:89:35:c6:73:c2:4f:97:9e:27:a6:98:
3e:bd:67:2c:b8:ad:56:a6:1b:1c:0b:0f:1e:e0:c6:61:19:a7:
da:90:c5:c5:e9:eb:b1:ce:77:c7:82:38:06:4b:ed:27:0c:31:
ac:6a:db:d4:58:60:df:54:19:07:cc:53:ed:17:59:60:f2:eb:
43:f2:e3:cf:95:85:7f:ca:97:97:a5:24:ee:67:7e:39:de:80:
0f:36:fd:84:f0:60:f3:a0:f0:35:e4:65:be:dc:b5:9f:1f:f3:
a6:2e:3d:6d:0b:b2:af:8e:37:a9:6a:57:ff:61:db:3d:de:ec:
e3:1e:f6:49:b6:eb:a0:1f:a4:89:b1:ef:8a:c6:d8:d6:37:3f:
97:39:2d:b5:a6:e3:c3:9f:fc:04:e2:b1:bb:b0:4a:c4:72:e4:
52:76:d2:4b:5b:db:95:79:57:6d:0a:27:b3:11:02:a0:a6:0b:
05:a0:74:94:2a:b3:b8:e3:72:4f:f4:3f:05:8a:ad:5a:38:57:
ff:d9:29:dd:fb:2d:9c:12:62:b7:0a:8a:59:8a:aa:43:93:d2:
33:4a:18:3a:8d:90:f9:e9:23:55:75:87:e6:78:29:73:f0:26:
c8:e2:d5:95:e3:7f:cf:d3:6f:92:dc:71:83:3f:f1:bd:dc:c8:
8a:84:c3:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3d2pzoVEXyAIDCZIeItbieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjQwMjI1MDEyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODk1YmNkMmM3Mzg4NjU0MjFhNWZlMDA3MGQ1YTQwNmRjMjQ1Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+B5KtWKAEeqr+2sl0kS52uOkFAR
HfQYjPiQAUrZPb4YeinvAIij/xaiMJdnK99HNS28wGJgzS+vJlR9VlZ/EX84XGIf
7S4GCLT6Ff7izlmrWEMJMRHm7cXWvg99qC9ySvL/YqS/CYAW8HgSgoKHeaignqHk
MfASCwsaAVQadvKkXsOf7Ud+FfDpr6mbytm/h0qR2XAlNw6nMA7j6WSzKdwf8r69
wsYGyQQMECYHVbQkgtNF76B9gBvrJ3GNycrrYHbl3/Zg1MfljWGeV88bXmIzK0N6
3kvjUxpJWixHPZOknyztvCK42HZ/dSwgczqoALdVrq1tbKtXxu2fQCO+fQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIiVvNLHOIZUIaX+AHDVpAbcJFzTMB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEvaUpXODBzYzRobFFocGY0QWNOV2tCdHdrWE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2
LzEvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2Y4AMA0E
AgACMAcDBQAqA/DAMA0GCSqGSIb3DQEBCwUAA4IBAQB0/sR10opCiTXGc8JPl54n
ppg+vWcsuK1WphscCw8e4MZhGafakMXF6euxznfHgjgGS+0nDDGsatvUWGDfVBkH
zFPtF1lg8utD8uPPlYV/ypeXpSTuZ3453oAPNv2E8GDzoPA15GW+3LWfH/OmLj1t
C7Kvjjepalf/Yds93uzjHvZJtuugH6SJse+KxtjWNz+XOS21puPDn/wE4rG7sErE
cuRSdtJLW9uVeVdtCiezEQKgpgsFoHSUKrO443JP9D8Fiq1aOFf/2Snd+y2cEmK3
CopZiqpDk9IzShg6jZD56SNVdYfmeClz8CbI4tWV43/P02+S3HGDP/G93MiKhMOg
-----END CERTIFICATE-----
Generated at Sun Feb 25 04:52:07 2024 by rpki-client on console-ams.rpki-client.org