Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/nWeF2BvUgPv_QH1albiBcMgWgfM.roa
File: nWeF2BvUgPv_QH1albiBcMgWgfM.roa (raw, json)
Hash identifier: vi0TJD2aqJxFubF1Hc5whostDqxkCAUcYD8RcX3ARlk=
Subject key identifier: 9D:67:85:D8:1B:D4:80:FB:FF:40:7D:5A:95:B8:81:70:C8:16:81:F3
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B71A2DCA81941E091C51B3593ED82
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/nWeF2BvUgPv_QH1albiBcMgWgfM.roa
Signing time: Sun 01 Jan 2023 21:44:53 +0000
ROA not before: Sun 01 Jan 2023 21:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5418
IP address blocks: 217.170.15.0/24 maxlen: 24
2a02:10:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:71:a2:dc:a8:19:41:e0:91:c5:1b:35:93:ed:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d6785d81bd480fbff407d5a95b88170c81681f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:57:9a:5d:76:2c:fa:00:70:60:20:49:55:74:
1a:ac:35:c0:24:d0:37:a0:1a:eb:80:ab:02:fa:6e:
16:fa:14:19:43:1b:dd:b4:e7:1e:51:db:64:e0:32:
f5:6d:c6:c9:11:61:d8:bf:b0:26:cd:23:36:00:f2:
1b:cb:a3:ce:0f:e7:2a:e0:4b:b8:55:cd:79:57:16:
89:8e:1d:84:2f:49:f4:65:41:ff:48:2e:c8:8a:34:
b7:ba:41:04:de:03:dc:78:9f:0e:eb:ef:13:76:07:
4f:1c:12:b5:40:1c:72:94:73:19:02:3b:51:72:da:
8f:fb:a5:ad:03:f0:01:cc:c8:51:b0:e8:0d:fb:c0:
7a:77:69:cd:e5:d6:bf:c2:71:28:28:c9:b3:7c:2e:
46:60:dd:ff:ae:65:41:48:c9:14:fb:d0:9c:3d:f5:
a6:e8:75:0d:3c:29:c9:72:e6:1e:b2:6e:55:83:ed:
82:fe:12:16:d8:7b:b6:15:5f:3f:b3:8e:60:16:66:
30:6e:39:cd:48:44:3a:11:be:39:42:be:b6:e6:8c:
c8:bb:03:f9:5b:f6:da:53:09:67:b8:79:01:6b:2a:
a9:95:bc:e4:38:5a:b8:0f:98:7b:26:17:be:bd:55:
5a:3f:bb:81:20:d4:26:8d:62:db:5f:45:72:96:45:
f3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:67:85:D8:1B:D4:80:FB:FF:40:7D:5A:95:B8:81:70:C8:16:81:F3
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/nWeF2BvUgPv_QH1albiBcMgWgfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.15.0/24
IPv6:
2a02:10:100::/48
Signature Algorithm: sha256WithRSAEncryption
66:e2:88:f6:d4:dc:34:d5:6c:d4:52:33:13:2b:18:3b:46:d4:
b8:0a:2d:44:7b:93:ed:34:db:45:ab:58:59:a8:be:a8:a9:38:
28:e0:07:73:83:27:75:59:55:d2:20:72:f0:e3:23:f7:12:f2:
be:83:8d:20:08:89:7e:0e:a4:85:ef:56:1a:da:2c:0d:23:58:
6c:cd:cf:6f:12:cf:f5:4b:08:22:a1:10:59:bb:aa:f3:83:86:
ea:81:65:d0:ee:38:95:aa:c2:01:a3:26:7a:fc:fd:46:a8:54:
32:0e:60:92:ff:b2:c6:54:21:b9:dd:56:d5:1d:90:bc:27:99:
39:d8:c6:54:18:3f:f4:20:e3:75:63:a0:e0:8c:aa:a4:b0:b3:
3c:dc:12:30:e9:56:cd:90:6b:55:33:2c:74:64:86:2d:0a:e6:
f3:41:bd:6f:1f:11:6a:3d:8d:a9:87:8f:d4:60:20:b7:c4:24:
ae:6d:60:c6:5a:04:a8:22:be:47:ec:05:93:05:2b:88:28:3e:
93:85:ae:ee:b4:74:e9:bc:9f:0c:fe:7c:de:12:66:7e:7d:bd:
fc:b3:1c:03:26:28:c7:c4:51:de:c3:67:5c:aa:ca:e2:6f:58:
04:42:4c:7c:fa:2f:fb:02:31:91:2f:9f:de:a2:a4:eb:6b:f0:
c2:e0:b9:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvS3Gi3KgZQeCRxRs1k+2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY3ODVkODFiZDQ4MGZiZmY0MDdkNWE5NWI4ODE3MGM4MTY4MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFeaXXYs+gBwYCBJVXQarDXAJNA3
oBrrgKsC+m4W+hQZQxvdtOceUdtk4DL1bcbJEWHYv7AmzSM2APIby6POD+cq4Eu4
Vc15VxaJjh2EL0n0ZUH/SC7IijS3ukEE3gPceJ8O6+8TdgdPHBK1QBxylHMZAjtR
ctqP+6WtA/ABzMhRsOgN+8B6d2nN5da/wnEoKMmzfC5GYN3/rmVBSMkU+9CcPfWm
6HUNPCnJcuYesm5Vg+2C/hIW2Hu2FV8/s45gFmYwbjnNSEQ6Eb45Qr625ozIuwP5
W/baUwlnuHkBayqplbzkOFq4D5h7Jhe+vVVaP7uBINQmjWLbX0VylkXzSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ1nhdgb1ID7/0B9WpW4gXDIFoHzMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvbldlRjJCdlVnUHZfUUgxYWxiaUJjTWdXZ2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2aoPMA8E
AgACMAkDBwAqAgAQAQAwDQYJKoZIhvcNAQELBQADggEBAGbiiPbU3DTVbNRSMxMr
GDtG1LgKLUR7k+0020WrWFmovqipOCjgB3ODJ3VZVdIgcvDjI/cS8r6DjSAIiX4O
pIXvVhraLA0jWGzNz28Sz/VLCCKhEFm7qvODhuqBZdDuOJWqwgGjJnr8/UaoVDIO
YJL/ssZUIbndVtUdkLwnmTnYxlQYP/Qg43VjoOCMqqSwszzcEjDpVs2Qa1UzLHRk
hi0K5vNBvW8fEWo9jamHj9RgILfEJK5tYMZaBKgivkfsBZMFK4goPpOFru60dOm8
nwz+fN4SZn59vfyzHAMmKMfEUd7DZ1yqyuJvWARCTHz6L/sCMZEvn96ipOtr8MLg
uf4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:00 2024 by rpki-client on console-fra.rpki-client.org