Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/kT1umwzY8XRYzvukevereCgdn_w.roa
File: kT1umwzY8XRYzvukevereCgdn_w.roa (raw, json)
Hash identifier: uM46csefrO4L5P7YTqhMYyICnRpb92ooEL4aGMEQF+c=
Subject key identifier: 91:3D:6E:9B:0C:D8:F1:74:58:CE:FB:A4:7A:F7:AB:78:28:1D:9F:FC
Certificate issuer: /CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Certificate serial: 0185708296A9F46FFDA36D658629A3EF5C6B
Authority key identifier: 9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/kT1umwzY8XRYzvukevereCgdn_w.roa
Signing time: Mon 02 Jan 2023 03:24:44 +0000
ROA not before: Mon 02 Jan 2023 03:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201633
IP address blocks: 206.225.17.0/24 maxlen: 24
2a12:d4c0:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 May 2023 05:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:96:a9:f4:6f:fd:a3:6d:65:86:29:a3:ef:5c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Validity
Not Before: Jan 2 03:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=913d6e9b0cd8f17458cefba47af7ab78281d9ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:80:e9:22:bd:ea:da:dd:4e:3d:3f:8b:76:
90:7c:c3:43:07:75:43:7a:15:9f:e1:67:b1:35:ce:
5e:5c:e0:e6:99:53:36:81:d6:c0:df:7c:4f:fc:79:
e3:89:ff:42:c2:3c:d7:c2:43:4b:2f:3f:04:a9:7b:
02:36:6e:f3:03:91:a0:bb:c0:8e:68:87:18:83:6b:
dd:67:1a:00:58:55:12:f2:e0:93:18:3f:5d:0f:ca:
fb:47:c3:ae:d2:c2:6d:48:0c:35:5d:2b:e2:10:6a:
24:0a:4b:0f:c4:1a:e8:88:de:3a:a5:53:c6:81:92:
ad:b1:b0:53:bc:0b:28:30:15:92:09:09:ae:f4:7c:
7f:18:5b:16:4b:b1:0a:c0:ea:ce:a9:c3:64:1f:ef:
a2:8b:90:da:a1:f8:f0:27:03:91:e1:3c:2d:b9:09:
e5:1f:6d:a3:20:97:62:0d:ed:ca:74:3a:b4:b1:1a:
ea:14:6b:5d:8e:ec:e5:60:e6:6d:d9:29:bc:c3:3e:
73:db:c1:8c:21:ef:11:51:25:08:7f:e4:aa:88:dc:
e4:c5:d4:a4:31:cb:84:a0:d3:9f:64:44:04:07:45:
98:d1:a4:d2:04:f1:c3:b7:84:ce:d2:56:fe:55:ce:
97:f2:60:52:7d:5c:38:ab:c2:66:dd:44:dc:93:72:
12:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3D:6E:9B:0C:D8:F1:74:58:CE:FB:A4:7A:F7:AB:78:28:1D:9F:FC
X509v3 Authority Key Identifier:
keyid:9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/kT1umwzY8XRYzvukevereCgdn_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/ntoJbbyNWaRCchzBadautkn1_T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.225.17.0/24
IPv6:
2a12:d4c0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
48:e9:d8:89:c4:3c:25:a2:ed:7a:62:84:ec:30:36:08:45:3d:
7f:13:ed:ec:93:6c:56:30:2b:24:3d:80:3a:6c:5d:7b:e0:75:
49:6c:0f:2e:64:0f:58:e4:74:51:85:26:47:ac:76:d9:9a:9c:
da:a9:1c:f3:df:48:1d:f2:d4:8d:ec:cc:37:95:85:e7:70:12:
41:5a:b5:1e:0d:a9:df:1d:8f:47:3f:8e:a3:91:0f:76:56:1f:
67:f1:4b:49:cf:4f:b3:a6:8b:27:15:e3:0a:4b:2d:da:29:88:
f7:c4:30:4d:5e:5c:75:9e:fe:28:c3:a1:a0:e6:96:ef:8b:cd:
cf:50:99:96:cc:89:14:77:ea:67:d2:c4:ce:77:38:00:78:19:
8d:76:c4:b3:28:f8:e0:df:e1:fc:84:ea:42:ca:8d:63:73:33:
7a:27:b1:37:79:eb:16:43:cb:65:e6:af:50:20:02:0b:37:1a:
e5:76:e5:6a:30:15:ff:c4:d0:96:d3:6f:0d:81:95:bd:83:84:
18:da:41:6d:b4:64:59:26:40:d1:73:98:2a:67:8d:87:55:bc:
00:ba:65:ce:06:22:e8:9c:25:35:18:3f:72:74:71:7c:44:9b:
8a:4f:16:4e:8d:79:aa:7b:f7:d5:9e:c8:66:bf:ce:1d:5f:be:
f9:87:8b:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwgpap9G/9o21lhimj71xrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGEwOTZkYmM4ZDU5YTQ0MjcyMWNjMTY5ZDZhZWI2NDlm
NWZkM2YwHhcNMjMwMTAyMDMyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNkNmU5YjBjZDhmMTc0NThjZWZiYTQ3YWY3YWI3ODI4MWQ5ZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq06A6SK96trdTj0/i3aQfMNDB3VD
ehWf4WexNc5eXODmmVM2gdbA33xP/Hnjif9CwjzXwkNLLz8EqXsCNm7zA5Ggu8CO
aIcYg2vdZxoAWFUS8uCTGD9dD8r7R8Ou0sJtSAw1XSviEGokCksPxBroiN46pVPG
gZKtsbBTvAsoMBWSCQmu9Hx/GFsWS7EKwOrOqcNkH++ii5DaofjwJwOR4TwtuQnl
H22jIJdiDe3KdDq0sRrqFGtdjuzlYOZt2Sm8wz5z28GMIe8RUSUIf+SqiNzkxdSk
McuEoNOfZEQEB0WY0aTSBPHDt4TO0lb+Vc6X8mBSfVw4q8Jm3UTck3ISYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJE9bpsM2PF0WM77pHr3q3goHZ/8MB8GA1UdIwQY
MBaAFJ7aCW28jVmkQnIcwWnWrrZJ9f0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAt
YmRjNWQ2Y2IyMTQxLzEva1QxdW13elk4WFJZenZ1a2V2ZXJlQ2dkbl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAtYmRjNWQ2Y2IyMTQx
LzEvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAzuERMA8E
AgACMAkDBwAqEtTAsAswDQYJKoZIhvcNAQELBQADggEBAEjp2InEPCWi7XpihOww
NghFPX8T7eyTbFYwKyQ9gDpsXXvgdUlsDy5kD1jkdFGFJkesdtmanNqpHPPfSB3y
1I3szDeVhedwEkFatR4Nqd8dj0c/jqORD3ZWH2fxS0nPT7OmiycV4wpLLdopiPfE
ME1eXHWe/ijDoaDmlu+Lzc9QmZbMiRR36mfSxM53OAB4GY12xLMo+ODf4fyE6kLK
jWNzM3onsTd56xZDy2Xmr1AgAgs3GuV25WowFf/E0JbTbw2Blb2DhBjaQW20ZFkm
QNFzmCpnjYdVvAC6Zc4GIuicJTUYP3J0cXxEm4pPFk6Neap799WeyGa/zh1fvvmH
izI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org