Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Cwp9lmGYIRPD-BbvDlCki-z6oW0.roa
File: Cwp9lmGYIRPD-BbvDlCki-z6oW0.roa (raw, json)
Hash identifier: 43IHI4w48XV+V51iwSeiHfxYnoVY3RFYQOc4Z45A/08=
Subject key identifier: 0B:0A:7D:96:61:98:21:13:C3:F8:16:EF:0E:50:A4:8B:EC:FA:A1:6D
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CBA8D0D784E7FEE5F0063B61EE793
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Cwp9lmGYIRPD-BbvDlCki-z6oW0.roa
Signing time: Mon 02 Jan 2023 16:24:46 +0000
ROA not before: Mon 02 Jan 2023 16:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208305
IP address blocks: 217.111.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ba:8d:0d:78:4e:7f:ee:5f:00:63:b6:1e:e7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b0a7d9661982113c3f816ef0e50a48becfaa16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:18:e8:9d:96:84:fa:f8:f9:5e:6e:13:02:61:
84:59:1a:b4:fd:76:76:7b:d6:68:db:9c:88:46:a7:
b7:60:07:28:24:32:1a:87:c0:28:04:63:1f:87:3f:
0f:ae:4d:1f:f5:a5:07:e0:92:e7:8e:95:24:e6:42:
cf:d2:e1:3e:18:98:db:65:d3:47:2c:2c:8b:cd:47:
98:01:e2:2b:02:69:81:95:2e:d0:3b:5d:cc:fe:12:
91:c3:ba:a0:66:2c:f8:14:1b:5c:30:0b:b6:16:5d:
64:db:99:a4:a9:36:22:53:c8:fd:a2:1d:0a:99:03:
81:32:63:b4:7c:42:7f:4e:7a:f0:c9:03:86:64:7a:
2c:06:00:b0:f8:09:3e:a0:46:72:3c:67:82:f0:bb:
4b:97:21:c2:53:29:06:6e:ea:bb:f2:9e:70:8c:71:
fe:2e:63:23:54:4d:0c:73:ac:23:13:d0:96:01:7a:
33:5d:82:1d:93:bf:fb:83:8d:46:36:1a:f3:af:3f:
1d:aa:22:a9:c2:55:d0:f5:80:d0:7c:ae:31:b9:f3:
05:b9:2f:40:a2:34:79:72:2a:b5:f7:41:6b:ab:13:
47:a5:4e:77:d3:7b:b7:97:fa:8f:fd:32:19:51:66:
ca:ae:76:2c:b2:04:b7:36:91:4b:eb:89:6d:9d:9a:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0A:7D:96:61:98:21:13:C3:F8:16:EF:0E:50:A4:8B:EC:FA:A1:6D
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Cwp9lmGYIRPD-BbvDlCki-z6oW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.111.139.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:18:ec:17:d5:f5:3a:7f:4b:27:10:bf:e7:6e:ab:2a:f3:c4:
13:16:ef:ef:8a:b7:24:31:c0:28:4e:88:30:b0:7f:03:8b:35:
25:1b:f3:5e:fa:fc:6d:17:c4:93:f5:c0:a5:ed:a4:ac:90:65:
3b:82:e7:b3:da:dc:8a:21:84:81:59:42:d0:4e:66:f5:5e:73:
59:8a:b9:4b:50:1e:fb:5d:a0:52:d8:eb:44:bf:6c:8c:4a:c3:
7a:55:65:f0:67:c5:60:a8:f3:13:81:55:34:ea:88:5f:63:4a:
d2:d6:4f:bf:7d:ce:c8:d4:ea:06:d5:d3:48:77:13:d8:98:ac:
31:57:5a:69:f3:80:e7:dd:a1:a2:5f:a6:a6:0a:ec:3a:d1:a2:
6e:40:b2:3e:b1:24:58:7e:ef:a6:a4:13:e9:fa:00:9c:59:66:
47:14:af:65:26:47:b4:42:80:cc:15:fb:38:cb:f4:7b:63:56:
ff:94:89:a4:bf:2e:41:f4:58:33:3b:e0:3c:63:47:c0:a5:70:
a0:4e:a3:bc:7f:2d:a9:4b:0b:0d:83:f4:91:1d:17:6e:74:43:
49:d7:85:c7:57:da:3b:2e:3d:ac:ed:9a:eb:6a:e0:71:19:78:
37:3d:54:27:18:58:be:21:21:78:b8:27:3d:bb:50:35:50:f5:
76:ca:1d:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTLqNDXhOf+5fAGO2HueTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBhN2Q5NjYxOTgyMTEzYzNmODE2ZWYwZTUwYTQ4YmVjZmFhMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhjonZaE+vj5Xm4TAmGEWRq0/XZ2
e9Zo25yIRqe3YAcoJDIah8AoBGMfhz8Prk0f9aUH4JLnjpUk5kLP0uE+GJjbZdNH
LCyLzUeYAeIrAmmBlS7QO13M/hKRw7qgZiz4FBtcMAu2Fl1k25mkqTYiU8j9oh0K
mQOBMmO0fEJ/TnrwyQOGZHosBgCw+Ak+oEZyPGeC8LtLlyHCUykGbuq78p5wjHH+
LmMjVE0Mc6wjE9CWAXozXYIdk7/7g41GNhrzrz8dqiKpwlXQ9YDQfK4xufMFuS9A
ojR5ciq190FrqxNHpU5303u3l/qP/TIZUWbKrnYssgS3NpFL64ltnZpGGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsKfZZhmCETw/gW7w5QpIvs+qFtMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvQ3dwOWxtR1lJUlBELUJidkRsQ2tpLXo2b1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2W+LMA0G
CSqGSIb3DQEBCwUAA4IBAQAfGOwX1fU6f0snEL/nbqsq88QTFu/virckMcAoTogw
sH8DizUlG/Ne+vxtF8ST9cCl7aSskGU7guez2tyKIYSBWULQTmb1XnNZirlLUB77
XaBS2OtEv2yMSsN6VWXwZ8VgqPMTgVU06ohfY0rS1k+/fc7I1OoG1dNIdxPYmKwx
V1pp84Dn3aGiX6amCuw60aJuQLI+sSRYfu+mpBPp+gCcWWZHFK9lJke0QoDMFfs4
y/R7Y1b/lImkvy5B9FgzO+A8Y0fApXCgTqO8fy2pSwsNg/SRHRdudENJ14XHV9o7
Lj2s7ZrrauBxGXg3PVQnGFi+ISF4uCc9u1A1UPV2yh2N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org