Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/x3rikVuk65UxAVw0HOjUz6mBDE0.roa
File: x3rikVuk65UxAVw0HOjUz6mBDE0.roa (raw, json)
Hash identifier: g+49b8zxYkU9f8LhrrB74DfcvqwRvu0XLpCaMkiet4s=
Subject key identifier: C7:7A:E2:91:5B:A4:EB:95:31:01:5C:34:1C:E8:D4:CF:A9:81:0C:4D
Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Certificate serial: 018570FBD041C1321996E32BE590BEF9D38C
Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/x3rikVuk65UxAVw0HOjUz6mBDE0.roa
Signing time: Mon 02 Jan 2023 05:37:08 +0000
ROA not before: Mon 02 Jan 2023 05:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31180
IP address blocks: 217.144.112.0/24 maxlen: 24
217.144.113.0/24 maxlen: 24
217.144.118.0/24 maxlen: 24
217.144.117.0/24 maxlen: 24
217.144.114.0/24 maxlen: 24
217.144.115.0/24 maxlen: 24
217.144.119.0/24 maxlen: 24
217.144.120.0/24 maxlen: 24
217.144.125.0/24 maxlen: 24
217.144.123.0/24 maxlen: 24
217.144.124.0/24 maxlen: 24
217.144.121.0/24 maxlen: 24
217.144.122.0/24 maxlen: 24
217.144.126.0/24 maxlen: 24
217.144.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Feb 2023 15:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d0:41:c1:32:19:96:e3:2b:e5:90:be:f9:d3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Validity
Not Before: Jan 2 05:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c77ae2915ba4eb9531015c341ce8d4cfa9810c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d0:dd:b7:c4:4a:08:c3:73:61:6a:82:5b:78:
37:3f:e2:36:08:16:cf:c0:a0:16:f5:92:a2:e5:35:
fc:dc:0a:94:4f:d5:5e:5a:d0:6c:23:f9:6c:b2:26:
45:67:41:41:b4:82:6c:50:e6:81:bf:9e:9c:b6:62:
c7:30:15:6f:9d:49:84:64:30:46:55:8b:25:5e:9f:
9f:98:22:c9:ca:c9:03:85:96:c0:d5:fe:d8:6a:fc:
91:b1:85:a2:67:1a:8c:3e:a6:8b:dd:cf:92:ef:7a:
6e:80:9c:10:df:bb:97:b6:60:90:df:e7:91:14:96:
08:79:94:38:13:d2:af:6c:ac:4e:89:87:c6:39:56:
e5:b2:0c:4f:a5:6c:7e:d7:70:37:d3:64:d4:26:4d:
8c:92:d0:7b:79:34:cd:ef:e6:74:d7:ff:cc:67:1e:
2d:98:26:de:7b:c4:c2:67:02:e4:e0:6a:65:a5:c6:
7e:ea:bf:7f:a0:29:0c:c2:b0:82:5f:b6:76:5e:b0:
3f:5d:b3:54:42:1c:a0:d4:e0:15:bc:b3:8d:f5:17:
ef:b3:78:04:dd:f6:8a:6e:32:76:9a:fa:e5:1a:86:
60:f8:d0:c4:b9:d6:84:ab:fa:61:48:12:2a:2c:73:
86:4a:45:17:f7:92:7d:d1:2f:72:14:42:9e:a6:93:
25:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7A:E2:91:5B:A4:EB:95:31:01:5C:34:1C:E8:D4:CF:A9:81:0C:4D
X509v3 Authority Key Identifier:
keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/x3rikVuk65UxAVw0HOjUz6mBDE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.112.0/22
217.144.117.0-217.144.127.255
Signature Algorithm: sha256WithRSAEncryption
42:d6:16:2e:30:c1:3c:7d:7c:55:50:4c:93:3d:2f:fe:c7:a4:
c9:cb:03:6e:95:64:37:c8:91:d2:65:5a:8a:27:b2:dc:76:1a:
59:d7:10:8e:f7:e7:18:62:4b:cf:84:e1:ad:fd:24:df:91:8c:
b9:c5:89:41:ce:6e:d1:64:9d:5f:54:ac:b2:07:5a:b6:d7:bd:
33:18:9c:c7:ce:f2:5d:6a:c6:94:1d:49:53:c6:8d:9e:8a:21:
ba:90:96:fb:11:6f:02:b5:8c:c0:e1:69:fa:42:68:e1:ec:a4:
e2:4e:29:92:7b:6e:3e:c7:06:d4:de:d5:c4:9d:bc:8d:26:79:
e5:16:70:09:f5:b6:99:6f:75:b4:01:f9:29:6c:3b:f1:72:cf:
9d:86:5c:de:a5:f8:7a:0d:13:a5:47:ec:45:8b:22:05:cf:c0:
3c:cf:d8:f2:c2:99:88:e2:f5:63:95:97:cc:f8:66:5a:10:a9:
22:d3:62:41:d3:11:79:33:b8:4a:d1:da:a2:3c:fc:b0:80:62:
38:d8:0c:43:84:1f:f1:b7:eb:e3:dd:95:29:bf:d1:73:69:3e:
ce:94:e4:01:23:e7:37:01:bc:98:3b:e7:e1:bf:ad:f1:b9:aa:
ff:27:9b:18:21:d3:4f:1e:1b:df:23:48:39:98:1a:8e:41:b3:
73:2a:88:53
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVw+9BBwTIZluMr5ZC++dOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy
OTg3MjkwHhcNMjMwMTAyMDUzNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdhZTI5MTViYTRlYjk1MzEwMTVjMzQxY2U4ZDRjZmE5ODEwYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9Ddt8RKCMNzYWqCW3g3P+I2CBbP
wKAW9ZKi5TX83AqUT9VeWtBsI/lssiZFZ0FBtIJsUOaBv56ctmLHMBVvnUmEZDBG
VYslXp+fmCLJyskDhZbA1f7YavyRsYWiZxqMPqaL3c+S73pugJwQ37uXtmCQ3+eR
FJYIeZQ4E9KvbKxOiYfGOVblsgxPpWx+13A302TUJk2MktB7eTTN7+Z01//MZx4t
mCbee8TCZwLk4GplpcZ+6r9/oCkMwrCCX7Z2XrA/XbNUQhyg1OAVvLON9Rfvs3gE
3faKbjJ2mvrlGoZg+NDEudaEq/phSBIqLHOGSkUX95J90S9yFEKeppMlRwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMd64pFbpOuVMQFcNBzo1M+pgQxNMB8GA1UdIwQY
MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct
NWE4MzYwZGVhM2EzLzEveDNyaWtWdWs2NVV4QVZ3MEhPalV6Nm1CREUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez
LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC2ZBwMAwD
BADZkHUDBAfZkAAwDQYJKoZIhvcNAQELBQADggEBAELWFi4wwTx9fFVQTJM9L/7H
pMnLA26VZDfIkdJlWoonstx2GlnXEI735xhiS8+E4a39JN+RjLnFiUHObtFknV9U
rLIHWrbXvTMYnMfO8l1qxpQdSVPGjZ6KIbqQlvsRbwK1jMDhafpCaOHspOJOKZJ7
bj7HBtTe1cSdvI0meeUWcAn1tplvdbQB+SlsO/Fyz52GXN6l+HoNE6VH7EWLIgXP
wDzP2PLCmYji9WOVl8z4ZloQqSLTYkHTEXkzuErR2qI8/LCAYjjYDEOEH/G36+Pd
lSm/0XNpPs6U5AEj5zcBvJg75+G/rfG5qv8nmxgh008eG98jSDmYGo5Bs3MqiFM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:53 2024 by rpki-client on console-fra.rpki-client.org