Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/eIdNsMUcGisg_KOM0LBe795dpeE.roa
File: eIdNsMUcGisg_KOM0LBe795dpeE.roa (raw, json)
Hash identifier: zeMMlOjRlPU0Ggk4VNXqvmmhdD51Qs2UiIxQDrY4jAc=
Subject key identifier: 78:87:4D:B0:C5:1C:1A:2B:20:FC:A3:8C:D0:B0:5E:EF:DE:5D:A5:E1
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B77B94EAFB969675E4A817640A38B
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/eIdNsMUcGisg_KOM0LBe795dpeE.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35470
IP address blocks: 217.170.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:77:b9:4e:af:b9:69:67:5e:4a:81:76:40:a3:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78874db0c51c1a2b20fca38cd0b05eefde5da5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:25:ca:b0:bd:64:73:9d:5d:ab:9b:c7:c2:13:
f0:75:34:86:c3:c6:b4:69:c2:06:50:c9:3d:15:ae:
ed:d9:50:df:22:5c:2d:c3:a0:d7:ff:37:2a:89:af:
a3:29:ff:a5:87:75:e2:ff:17:51:5f:d6:cb:1e:ba:
18:f6:27:b7:00:7f:14:ea:9b:0e:87:a2:0a:a5:d9:
a8:7a:99:6f:6d:6c:a8:7d:ee:dc:34:05:d4:f9:13:
5e:66:e4:1b:12:25:86:01:af:cf:cd:44:d6:fc:1a:
b2:01:dc:78:bb:ea:52:eb:5a:06:85:bf:d5:3d:2f:
94:1d:9d:9d:b7:e3:7a:51:e4:03:d7:1e:de:a8:06:
da:91:15:7e:62:c8:bc:12:38:6b:7d:d4:bd:0a:52:
2a:b6:cb:9a:dc:f2:fc:ca:9f:9a:5a:93:6e:09:a1:
11:cc:28:80:0a:34:30:b1:4d:2a:7a:9a:70:6c:bc:
05:33:1f:a5:68:c2:c0:fd:95:ee:90:e3:0e:23:f9:
d8:8b:cf:1b:08:0e:93:00:c4:d3:66:01:17:16:e1:
ff:73:34:1d:1e:53:05:f0:d3:dd:4f:b8:b4:ea:b0:
42:59:9f:f5:aa:29:56:1d:32:d8:3c:ea:5f:c4:2e:
f3:b4:be:b6:10:a5:0b:7f:26:1f:17:cf:66:d4:8d:
01:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:87:4D:B0:C5:1C:1A:2B:20:FC:A3:8C:D0:B0:5E:EF:DE:5D:A5:E1
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/eIdNsMUcGisg_KOM0LBe795dpeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.21.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:2c:1b:a7:20:28:e9:1e:b0:cf:49:07:c7:4d:71:d9:b7:d6:
71:93:1b:59:bc:d6:39:e5:51:1f:a4:c0:d9:7a:dc:79:08:1d:
34:67:d9:82:4c:e5:de:b4:7a:d1:c7:92:fe:3d:2c:6f:74:6d:
d3:df:c0:eb:c3:07:8f:58:59:d3:d2:77:93:d3:96:c8:c3:2f:
ba:59:04:1f:40:01:49:41:dd:7d:d9:79:bc:43:34:ea:bd:3c:
d7:4c:32:c7:22:88:a3:45:fb:06:0c:c6:5a:b5:61:70:14:88:
a4:19:47:76:d1:be:53:1f:d0:87:3a:02:49:9b:9e:fe:0f:81:
0d:29:e7:63:18:93:fd:18:8a:13:68:b4:26:f8:bb:87:ef:9d:
95:54:d8:34:f6:85:95:82:c9:ed:8d:eb:d7:38:c0:ff:a2:15:
b3:bf:40:01:b6:b4:0d:bd:f3:51:a4:85:46:0b:71:60:9a:f2:
68:cd:c1:fb:dc:0d:fd:99:d6:2e:f7:e1:56:e2:4f:68:a0:56:
45:c4:e1:da:d5:e8:f9:5a:6e:4b:43:1e:b3:76:d1:ba:8f:f0:
0c:f0:f6:ad:b5:31:cf:f1:64:67:5c:80:aa:c5:88:1f:ac:90:
8f:0c:7c:8a:ef:12:89:57:77:bb:ec:0c:d0:3b:b2:75:db:7b:
3a:91:1d:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3e5Tq+5aWdeSoF2QKOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODg3NGRiMGM1MWMxYTJiMjBmY2EzOGNkMGIwNWVlZmRlNWRhNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yXKsL1kc51dq5vHwhPwdTSGw8a0
acIGUMk9Fa7t2VDfIlwtw6DX/zcqia+jKf+lh3Xi/xdRX9bLHroY9ie3AH8U6psO
h6IKpdmoeplvbWyofe7cNAXU+RNeZuQbEiWGAa/PzUTW/BqyAdx4u+pS61oGhb/V
PS+UHZ2dt+N6UeQD1x7eqAbakRV+Ysi8EjhrfdS9ClIqtsua3PL8yp+aWpNuCaER
zCiACjQwsU0qeppwbLwFMx+laMLA/ZXukOMOI/nYi88bCA6TAMTTZgEXFuH/czQd
HlMF8NPdT7i06rBCWZ/1qilWHTLYPOpfxC7ztL62EKULfyYfF89m1I0B/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHiHTbDFHBorIPyjjNCwXu/eXaXhMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvZUlkTnNNVWNHaXNnX0tPTTBMQmU3OTVkcGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2aoVMA0G
CSqGSIb3DQEBCwUAA4IBAQBsLBunICjpHrDPSQfHTXHZt9ZxkxtZvNY55VEfpMDZ
etx5CB00Z9mCTOXetHrRx5L+PSxvdG3T38DrwwePWFnT0neT05bIwy+6WQQfQAFJ
Qd192Xm8QzTqvTzXTDLHIoijRfsGDMZatWFwFIikGUd20b5TH9CHOgJJm57+D4EN
KedjGJP9GIoTaLQm+LuH752VVNg09oWVgsntjevXOMD/ohWzv0ABtrQNvfNRpIVG
C3FgmvJozcH73A39mdYu9+FW4k9ooFZFxOHa1ej5Wm5LQx6zdtG6j/AM8PattTHP
8WRnXICqxYgfrJCPDHyK7xKJV3e77AzQO7J123s6kR36
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:02 2024 by rpki-client on console-ams.rpki-client.org