Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/U3xHBUVwQLR7AYrmLYQ9cnhSoiY.roa
File: U3xHBUVwQLR7AYrmLYQ9cnhSoiY.roa (raw, json)
Hash identifier: lFjKG9d3ZclCBwAf8yshspEQl1xosn92wz8dECprY+I=
Subject key identifier: 53:7C:47:05:45:70:40:B4:7B:01:8A:E6:2D:84:3D:72:78:52:A2:26
Certificate issuer: /CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Certificate serial: 01856B9347A84F0AE9AFFD9FBB77FDDAF685
Authority key identifier: 18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/U3xHBUVwQLR7AYrmLYQ9cnhSoiY.roa
Signing time: Sun 01 Jan 2023 04:24:52 +0000
ROA not before: Sun 01 Jan 2023 04:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208425
IP address blocks: 217.28.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:47:a8:4f:0a:e9:af:fd:9f:bb:77:fd:da:f6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Validity
Not Before: Jan 1 04:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=537c4705457040b47b018ae62d843d727852a226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c1:9a:ef:56:4f:49:e1:f4:2f:4f:5c:47:7c:
e4:17:f5:45:f5:ec:a8:f0:85:ea:42:7d:7b:9e:57:
10:a0:f5:71:b1:b2:6f:ea:d4:89:52:05:6d:7e:6b:
a0:3c:bb:b8:dc:9d:3c:9f:15:dc:ea:41:d7:1f:b6:
03:42:d3:ae:d7:9f:98:25:2f:f9:02:e4:0d:6f:c6:
55:20:3a:8f:4f:04:45:84:3d:86:d5:fc:36:92:e4:
84:2b:16:c6:2a:c0:14:04:e7:53:60:7e:17:4e:e9:
c0:35:8a:57:6a:aa:b7:43:c4:55:88:12:a1:fb:0d:
6e:9b:cc:14:39:42:a9:72:33:30:1c:e8:3d:df:94:
ae:6a:1c:6a:68:2e:50:5d:ee:37:6c:47:db:06:cf:
fc:78:05:83:62:0f:a8:88:af:40:7a:17:90:a3:35:
9e:6d:1e:40:46:b5:5e:0a:e9:8d:5d:dd:90:d0:79:
e0:2c:0b:81:68:b5:32:f7:ae:3b:d1:84:fe:e9:c4:
d7:d2:f7:80:06:9a:c1:37:90:b3:6b:a4:42:80:33:
e7:c7:64:c8:67:08:17:b8:45:0d:13:47:7f:51:d9:
8f:14:84:e5:54:8b:1b:de:3e:41:1b:6d:ef:3f:00:
07:14:04:c4:1e:c9:40:46:bd:2d:af:a9:af:5e:c4:
bb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7C:47:05:45:70:40:B4:7B:01:8A:E6:2D:84:3D:72:78:52:A2:26
X509v3 Authority Key Identifier:
keyid:18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/U3xHBUVwQLR7AYrmLYQ9cnhSoiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.139.0/24
Signature Algorithm: sha256WithRSAEncryption
64:74:35:b2:01:fa:b2:74:f4:96:63:43:b7:bf:e0:e5:bb:b1:
aa:72:ee:93:f0:36:36:f2:e0:45:32:7c:86:fb:3d:44:3d:a0:
c9:63:74:c9:81:8d:af:14:72:22:b9:71:0d:f8:52:64:1f:bd:
eb:2b:9e:18:f8:71:80:2c:57:70:2c:32:70:69:7f:35:c9:1d:
cd:5f:6c:b4:19:8e:e1:30:6d:07:d9:a8:d3:ae:09:0f:0f:e7:
70:82:c4:45:50:ff:94:ab:4a:ed:6a:84:3f:3d:cd:42:6c:b3:
17:1c:ef:17:56:0a:55:b9:d8:f2:ff:aa:0d:ea:96:88:b2:15:
50:1d:f1:d9:6f:ae:08:13:06:94:47:52:7f:9e:46:86:4a:79:
9f:40:6e:3f:be:15:43:36:e1:dd:dc:02:15:52:33:4d:b8:1e:
95:59:86:f1:5f:1e:41:7c:f2:b1:ad:21:2d:49:b1:16:34:be:
25:61:a6:02:35:90:2c:cc:01:97:5b:39:fd:33:02:14:71:3c:
5a:b2:76:e8:58:6b:8b:de:af:35:1b:43:dc:e2:e3:a9:40:3a:
8f:12:f3:2d:fa:7b:67:b6:4b:74:b4:17:c3:bc:c5:20:9b:3a:
d3:64:fa:39:76:b3:c6:0d:1e:59:27:21:bb:9b:d2:b1:f2:92:
13:a0:e1:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrk0eoTwrpr/2fu3f92vaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NGQxYzAwMmYwNjBlYzk1NmU2NGU1Y2ZlNGYxZGMwOTg1
ODdmZDYwHhcNMjMwMTAxMDQyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzdjNDcwNTQ1NzA0MGI0N2IwMThhZTYyZDg0M2Q3Mjc4NTJhMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicGa71ZPSeH0L09cR3zkF/VF9eyo
8IXqQn17nlcQoPVxsbJv6tSJUgVtfmugPLu43J08nxXc6kHXH7YDQtOu15+YJS/5
AuQNb8ZVIDqPTwRFhD2G1fw2kuSEKxbGKsAUBOdTYH4XTunANYpXaqq3Q8RViBKh
+w1um8wUOUKpcjMwHOg935SuahxqaC5QXe43bEfbBs/8eAWDYg+oiK9AeheQozWe
bR5ARrVeCumNXd2Q0HngLAuBaLUy96470YT+6cTX0veABprBN5Cza6RCgDPnx2TI
ZwgXuEUNE0d/UdmPFITlVIsb3j5BG23vPwAHFATEHslARr0tr6mvXsS7kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFN8RwVFcEC0ewGK5i2EPXJ4UqImMB8GA1UdIwQY
MBaAFBhNHAAvBg7JVuZOXP5PHcCYWH/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYt
MTQxNWM5Nzc5ZTE3LzEvVTN4SEJVVndRTFI3QVlybUxZUTljbmhTb2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYtMTQxNWM5Nzc5ZTE3
LzEvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyLMA0G
CSqGSIb3DQEBCwUAA4IBAQBkdDWyAfqydPSWY0O3v+Dlu7Gqcu6T8DY28uBFMnyG
+z1EPaDJY3TJgY2vFHIiuXEN+FJkH73rK54Y+HGALFdwLDJwaX81yR3NX2y0GY7h
MG0H2ajTrgkPD+dwgsRFUP+Uq0rtaoQ/Pc1CbLMXHO8XVgpVudjy/6oN6paIshVQ
HfHZb64IEwaUR1J/nkaGSnmfQG4/vhVDNuHd3AIVUjNNuB6VWYbxXx5BfPKxrSEt
SbEWNL4lYaYCNZAszAGXWzn9MwIUcTxasnboWGuL3q81G0Pc4uOpQDqPEvMt+ntn
tkt0tBfDvMUgmzrTZPo5drPGDR5ZJyG7m9Kx8pIToOGu
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:20 2024 by rpki-client on console-fra.rpki-client.org