Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/OdyzRq5mKfI9nr1vGGCVqM6W0SU.roa
File: OdyzRq5mKfI9nr1vGGCVqM6W0SU.roa (raw, json)
Hash identifier: f7+Vz3bc2IJ5TPQpOTLqnKcgpFjqU90VIxgNy0pxl2U=
Subject key identifier: 39:DC:B3:46:AE:66:29:F2:3D:9E:BD:6F:18:60:95:A8:CE:96:D1:25
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 018572C389552736ED11948744D165BD73AE
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/OdyzRq5mKfI9nr1vGGCVqM6W0SU.roa
Signing time: Mon 02 Jan 2023 13:54:55 +0000
ROA not before: Mon 02 Jan 2023 13:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 217.64.151.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:89:55:27:36:ed:11:94:87:44:d1:65:bd:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Jan 2 13:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39dcb346ae6629f23d9ebd6f186095a8ce96d125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:73:71:7a:08:4b:83:a5:83:fd:78:16:3d:37:
b9:d7:1f:5f:70:ac:63:21:7a:31:a4:ca:53:ff:25:
91:94:48:d1:23:56:b0:ef:29:86:c9:7f:52:26:a6:
60:52:be:33:06:60:d5:5f:8d:ca:c5:0a:24:e3:0e:
a0:aa:fe:e3:d5:f4:3e:ae:8c:ba:f3:b0:70:c4:76:
6b:15:64:05:d5:06:32:8a:e6:dd:3e:b8:f5:95:58:
74:7a:4f:44:c1:b9:b9:be:61:c2:5e:3f:9a:01:e6:
10:b1:c6:96:09:6d:2b:b5:fa:19:ed:26:52:9c:e4:
b3:a3:02:27:71:3d:f9:33:3a:70:4c:92:36:f4:cd:
06:5f:e4:46:09:d2:0a:77:49:36:d8:9f:53:32:9f:
44:05:4b:32:38:73:a7:18:39:c5:42:28:54:cf:4c:
a7:88:fc:7f:de:f4:ae:98:b5:aa:15:94:64:51:96:
0e:e5:ad:0c:47:14:7d:99:0d:4c:82:55:de:2a:f1:
8d:64:05:83:b7:bc:ca:16:05:dc:8f:67:59:17:97:
29:1c:65:c7:e2:18:17:46:1d:41:60:3e:76:5b:f6:
bd:a0:0e:c8:22:f6:74:d2:74:65:5e:30:b1:b8:38:
e0:08:a3:d2:68:c7:f3:3e:7a:25:ef:93:3f:d7:06:
ad:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DC:B3:46:AE:66:29:F2:3D:9E:BD:6F:18:60:95:A8:CE:96:D1:25
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/OdyzRq5mKfI9nr1vGGCVqM6W0SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.64.151.0/24
Signature Algorithm: sha256WithRSAEncryption
42:0e:99:8e:5c:80:c3:e3:17:ad:05:de:ff:98:68:8b:27:43:
8f:79:25:37:42:05:88:f7:91:a3:68:fa:cd:7e:4e:02:19:b8:
c7:ec:75:27:d6:b0:37:d8:ac:f0:9f:6f:5a:ac:c4:b0:db:1b:
55:10:f5:40:ee:c0:d0:e2:22:e6:ff:f5:e1:1b:52:40:60:1f:
24:03:87:f6:98:81:03:e2:1f:fa:70:74:6b:75:96:dd:18:a5:
d9:3a:bb:0e:23:16:df:96:44:35:72:21:cc:ed:2f:8c:3e:e3:
80:8d:b0:c1:22:63:3d:1c:c6:52:fc:d1:28:37:35:6c:75:7e:
b5:c3:ab:f0:35:f7:e7:e3:21:a6:d5:5e:7f:1d:2e:5d:1e:c3:
87:78:95:73:23:59:8b:68:5a:93:61:8d:5e:98:6c:3b:20:5b:
1b:e0:d7:0e:0b:88:98:9f:df:76:78:0e:6b:f8:18:55:4e:5e:
2b:61:27:a3:4e:0c:24:69:62:05:41:07:46:20:3d:12:72:33:
d9:4e:9a:54:8b:fc:ae:e4:13:b0:8d:b6:cd:03:fc:f5:ac:6f:
b3:32:b2:23:b9:13:06:b2:f8:6e:91:5b:86:9f:b6:bb:e4:31:
74:35:c6:13:b9:c0:c2:3e:0a:d0:d1:17:d4:07:a0:32:19:c0:
94:ea:bd:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw4lVJzbtEZSHRNFlvXOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjMwMTAyMTM1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRjYjM0NmFlNjYyOWYyM2Q5ZWJkNmYxODYwOTVhOGNlOTZkMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHNxeghLg6WD/XgWPTe51x9fcKxj
IXoxpMpT/yWRlEjRI1aw7ymGyX9SJqZgUr4zBmDVX43KxQok4w6gqv7j1fQ+roy6
87BwxHZrFWQF1QYyiubdPrj1lVh0ek9Ewbm5vmHCXj+aAeYQscaWCW0rtfoZ7SZS
nOSzowIncT35MzpwTJI29M0GX+RGCdIKd0k22J9TMp9EBUsyOHOnGDnFQihUz0yn
iPx/3vSumLWqFZRkUZYO5a0MRxR9mQ1MglXeKvGNZAWDt7zKFgXcj2dZF5cpHGXH
4hgXRh1BYD52W/a9oA7IIvZ00nRlXjCxuDjgCKPSaMfzPnol75M/1watAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDncs0auZinyPZ69bxhglajOltElMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvT2R5elJxNW1LZkk5bnIxdkdHQ1ZxTTZXMFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UCXMA0G
CSqGSIb3DQEBCwUAA4IBAQBCDpmOXIDD4xetBd7/mGiLJ0OPeSU3QgWI95GjaPrN
fk4CGbjH7HUn1rA32Kzwn29arMSw2xtVEPVA7sDQ4iLm//XhG1JAYB8kA4f2mIED
4h/6cHRrdZbdGKXZOrsOIxbflkQ1ciHM7S+MPuOAjbDBImM9HMZS/NEoNzVsdX61
w6vwNffn4yGm1V5/HS5dHsOHeJVzI1mLaFqTYY1emGw7IFsb4NcOC4iYn992eA5r
+BhVTl4rYSejTgwkaWIFQQdGID0ScjPZTppUi/yu5BOwjbbNA/z1rG+zMrIjuRMG
svhukVuGn7a75DF0NcYTucDCPgrQ0RfUB6AyGcCU6r3I
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:21 2024 by rpki-client on console-ams.rpki-client.org