Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/17KrB73i_Amq5ytl70qyJIJBZRM.roa
File: 17KrB73i_Amq5ytl70qyJIJBZRM.roa (raw, json)
Hash identifier: IyTbCXGHRxFcxPUMbQEq2uyQeb+vZQSezlGA3US6sVY=
Subject key identifier: D7:B2:AB:07:BD:E2:FC:09:AA:E7:2B:65:EF:4A:B2:24:82:41:65:13
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018A25B8753F7414FF2E21DE8E66D6448EDA
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/17KrB73i_Amq5ytl70qyJIJBZRM.roa
Signing time: Thu 24 Aug 2023 04:06:00 +0000
ROA not before: Thu 24 Aug 2023 04:06:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198883
IP address blocks: 188.66.25.0/24 maxlen: 24
188.66.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:25:b8:75:3f:74:14:ff:2e:21:de:8e:66:d6:44:8e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Aug 24 04:06:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7b2ab07bde2fc09aae72b65ef4ab22482416513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7d:dc:67:97:d0:42:15:d3:95:08:8d:57:e3:
ba:0b:2e:d5:e0:9b:0c:86:66:d1:3f:84:ed:f8:20:
0d:01:dd:32:39:9d:a6:01:ea:92:f9:8f:1a:f1:52:
a6:b1:6e:15:6f:e0:da:fe:9c:c5:0f:41:db:46:01:
c1:09:fe:e9:73:21:a9:b5:6c:20:ff:fa:b1:6d:95:
02:b7:1c:d3:23:8d:d9:53:fc:21:fa:80:65:a1:05:
68:00:b2:f7:87:08:d6:d1:24:0f:c1:5d:e9:2a:db:
57:a1:22:08:83:90:09:f1:6c:91:86:a4:f8:51:ba:
97:d6:fb:16:1b:05:f5:ea:b2:48:1f:17:f2:e9:de:
df:d8:ee:b1:b0:3d:33:53:6a:af:46:3c:83:6f:4b:
32:ce:4a:62:04:d5:2a:e2:93:4c:a2:a4:d1:91:0b:
c7:8f:fa:67:d9:5d:52:bd:d3:cd:3c:93:54:f4:ea:
af:5e:87:94:8d:49:15:4e:a5:a1:e7:d8:10:c4:10:
8d:40:ab:62:e5:5b:03:24:2c:3a:c0:b7:b2:49:97:
2c:04:61:43:6f:11:02:21:af:8c:74:dd:cc:86:ac:
bd:cd:4e:f8:16:4b:46:f9:87:fa:50:a4:9c:4f:81:
19:25:7d:f8:ef:9c:83:32:2e:64:12:a6:7b:27:c8:
45:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B2:AB:07:BD:E2:FC:09:AA:E7:2B:65:EF:4A:B2:24:82:41:65:13
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/17KrB73i_Amq5ytl70qyJIJBZRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.25.0/24
188.66.27.0/24
Signature Algorithm: sha256WithRSAEncryption
17:bd:d1:30:6c:8a:98:56:29:f1:bd:6d:49:90:bd:dd:99:13:
ff:87:3f:c4:96:4c:17:31:c7:93:2c:38:6b:1f:cb:d1:62:2b:
88:8f:70:59:dd:1f:f6:a3:29:26:8e:a1:0a:67:25:d7:13:6d:
17:53:71:49:03:25:ce:35:49:48:7a:0b:19:f7:29:50:d7:16:
5c:6f:1a:37:63:a8:95:27:cd:e6:37:d1:8b:d9:54:99:eb:22:
30:57:74:87:96:08:96:32:04:ab:38:4e:ae:49:1d:35:76:c9:
1a:76:38:35:c0:78:4f:46:18:39:41:7e:14:ff:47:13:48:15:
36:cc:9a:69:14:d3:37:ca:5a:fc:04:26:bf:a1:f1:2c:9c:f9:
33:f5:a0:20:30:b0:5c:77:99:73:0f:bf:e6:7d:35:66:3a:a3:
0f:4f:c0:a7:d9:80:11:d2:2d:f3:ad:89:bb:30:b9:f5:cf:4a:
f6:72:08:4e:13:2f:29:44:a1:ad:a5:df:07:6d:56:c7:32:86:
5e:0c:d8:c8:65:24:5c:ae:03:24:35:83:9f:ca:4b:39:a6:b8:
ad:30:68:b2:2f:09:c5:cc:ba:46:61:79:35:47:2d:6c:c2:08:
3b:80:48:09:23:39:ca:bb:81:1d:49:ea:60:21:d8:7e:d4:53:
7c:15:df:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoluHU/dBT/LiHejmbWRI7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMwODI0MDQwNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IyYWIwN2JkZTJmYzA5YWFlNzJiNjVlZjRhYjIyNDgyNDE2NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX3cZ5fQQhXTlQiNV+O6Cy7V4JsM
hmbRP4Tt+CANAd0yOZ2mAeqS+Y8a8VKmsW4Vb+Da/pzFD0HbRgHBCf7pcyGptWwg
//qxbZUCtxzTI43ZU/wh+oBloQVoALL3hwjW0SQPwV3pKttXoSIIg5AJ8WyRhqT4
UbqX1vsWGwX16rJIHxfy6d7f2O6xsD0zU2qvRjyDb0syzkpiBNUq4pNMoqTRkQvH
j/pn2V1SvdPNPJNU9OqvXoeUjUkVTqWh59gQxBCNQKti5VsDJCw6wLeySZcsBGFD
bxECIa+MdN3Mhqy9zU74FktG+Yf6UKScT4EZJX3475yDMi5kEqZ7J8hFzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNeyqwe94vwJqucrZe9KsiSCQWUTMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvMTdLckI3M2lfQW1xNXl0bDcwcXlKSUpCWlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEIZAwQA
vEIbMA0GCSqGSIb3DQEBCwUAA4IBAQAXvdEwbIqYVinxvW1JkL3dmRP/hz/ElkwX
MceTLDhrH8vRYiuIj3BZ3R/2oykmjqEKZyXXE20XU3FJAyXONUlIegsZ9ylQ1xZc
bxo3Y6iVJ83mN9GL2VSZ6yIwV3SHlgiWMgSrOE6uSR01dskadjg1wHhPRhg5QX4U
/0cTSBU2zJppFNM3ylr8BCa/ofEsnPkz9aAgMLBcd5lzD7/mfTVmOqMPT8Cn2YAR
0i3zrYm7MLn1z0r2cghOEy8pRKGtpd8HbVbHMoZeDNjIZSRcrgMkNYOfyks5prit
MGiyLwnFzLpGYXk1Ry1swgg7gEgJIznKu4EdSepgIdh+1FN8Fd/i
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:44 2024 by rpki-client on console-fra.rpki-client.org