Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/tx18L8Gzqug1Vpx93lHaQ9cU4lA.roa
File: tx18L8Gzqug1Vpx93lHaQ9cU4lA.roa (raw, json)
Hash identifier: xkFN0auXc/0djBUGNnwI5DA5P1emeJzL1FwTsm/9Mwc=
Subject key identifier: B7:1D:7C:2F:C1:B3:AA:E8:35:56:9C:7D:DE:51:DA:43:D7:14:E2:50
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B75142BF3AD4333A5BC69D0C52CE2
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/tx18L8Gzqug1Vpx93lHaQ9cU4lA.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29001
IP address blocks: 217.170.16.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:75:14:2b:f3:ad:43:33:a5:bc:69:d0:c5:2c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b71d7c2fc1b3aae835569c7dde51da43d714e250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e0:d8:eb:d4:68:6e:fa:2a:f1:44:83:fe:d3:
87:e8:85:32:a7:49:05:4d:94:ad:38:b8:bd:a2:09:
04:d0:50:c1:ee:6f:47:ad:02:2c:a5:40:c7:19:e8:
5e:7b:55:21:41:ca:f3:a9:09:e8:71:03:22:95:bb:
9b:7f:dd:0e:4e:36:6b:16:48:37:78:60:a5:99:a1:
59:d0:f7:96:96:0f:8d:3c:23:16:fc:ba:28:32:e7:
62:a9:06:69:c8:91:8b:a3:e6:99:6c:5d:f4:19:1f:
05:78:fb:8a:c0:35:a2:ff:27:64:7b:dc:5c:54:8a:
26:c0:c8:5f:1d:c5:f1:e1:75:89:9c:88:dc:eb:c5:
f3:14:e4:45:5c:2b:0f:8e:8f:18:a7:30:3c:ee:29:
f4:26:08:93:d8:2a:aa:75:15:d1:d6:27:e9:2b:dd:
ec:d8:f3:b9:f5:92:d6:92:05:e3:c1:55:b8:92:d6:
21:38:ea:9c:0b:17:67:ea:1a:35:96:0a:a5:f0:61:
0f:8a:2e:e7:1f:80:7d:eb:45:70:11:dc:96:f1:7a:
67:75:d2:79:02:2b:04:ae:9c:bb:3b:44:a4:eb:87:
56:dc:6a:a9:1d:5c:4b:28:a9:ca:e9:c7:33:29:a7:
e7:88:e2:ff:af:b9:ae:e9:e5:32:27:93:60:30:64:
66:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1D:7C:2F:C1:B3:AA:E8:35:56:9C:7D:DE:51:DA:43:D7:14:E2:50
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/tx18L8Gzqug1Vpx93lHaQ9cU4lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.16.0/23
Signature Algorithm: sha256WithRSAEncryption
72:74:20:26:2b:2e:16:33:4a:bb:b1:ed:73:3d:ab:75:77:6d:
6a:99:c6:65:98:2a:7d:db:a3:0e:39:7a:e9:8f:12:61:9a:46:
fd:6f:19:be:87:31:9e:ea:95:f7:96:95:9c:56:84:bf:84:5c:
d7:9b:4b:4f:e9:f7:b6:22:35:74:c9:83:9c:87:c5:e5:0f:79:
2b:e6:18:05:9d:11:56:dd:5c:7e:25:10:5e:e9:f8:54:6d:26:
43:c9:33:c7:42:83:9e:c3:1f:67:ca:aa:c1:4a:f3:5e:89:d0:
ae:d3:61:9e:a7:d4:5d:52:64:4c:b1:33:b1:f7:8e:c8:2e:f3:
9e:86:84:2a:5a:d8:53:18:4f:23:e2:06:c6:71:68:0c:10:e6:
a5:9a:02:42:30:6a:11:af:ff:28:ce:c8:26:97:b8:97:c4:07:
6b:3c:99:37:89:1c:e3:cd:c1:1f:4d:0b:38:2c:44:82:7f:4f:
bb:82:cd:dd:c7:c3:bd:70:b0:0f:5b:ce:35:6a:9a:58:6a:24:
8c:56:ce:a9:fa:76:e6:a1:26:b3:f2:96:fb:d1:27:6f:16:9c:
04:61:10:45:37:6d:d0:3a:48:7a:b5:a8:61:b4:2a:0c:6c:39:
b8:fe:ed:68:2d:40:84:e9:b3:b5:8b:80:8b:7e:c5:80:94:b4:
1f:d2:a5:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3UUK/OtQzOlvGnQxSziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFkN2MyZmMxYjNhYWU4MzU1NjljN2RkZTUxZGE0M2Q3MTRlMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreDY69Robvoq8USD/tOH6IUyp0kF
TZStOLi9ogkE0FDB7m9HrQIspUDHGehee1UhQcrzqQnocQMilbubf90OTjZrFkg3
eGClmaFZ0PeWlg+NPCMW/LooMudiqQZpyJGLo+aZbF30GR8FePuKwDWi/ydke9xc
VIomwMhfHcXx4XWJnIjc68XzFORFXCsPjo8YpzA87in0JgiT2CqqdRXR1ifpK93s
2PO59ZLWkgXjwVW4ktYhOOqcCxdn6ho1lgql8GEPii7nH4B960VwEdyW8XpnddJ5
AisErpy7O0Sk64dW3GqpHVxLKKnK6cczKafniOL/r7mu6eUyJ5NgMGRmiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcdfC/Bs6roNVacfd5R2kPXFOJQMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvdHgxOEw4R3pxdWcxVnB4OTNsSGFROWNVNGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2aoQMA0G
CSqGSIb3DQEBCwUAA4IBAQBydCAmKy4WM0q7se1zPat1d21qmcZlmCp926MOOXrp
jxJhmkb9bxm+hzGe6pX3lpWcVoS/hFzXm0tP6fe2IjV0yYOch8XlD3kr5hgFnRFW
3Vx+JRBe6fhUbSZDyTPHQoOewx9nyqrBSvNeidCu02Gep9RdUmRMsTOx947ILvOe
hoQqWthTGE8j4gbGcWgMEOalmgJCMGoRr/8ozsgml7iXxAdrPJk3iRzjzcEfTQs4
LESCf0+7gs3dx8O9cLAPW841appYaiSMVs6p+nbmoSaz8pb70SdvFpwEYRBFN23Q
Okh6tahhtCoMbDm4/u1oLUCE6bO1i4CLfsWAlLQf0qVy
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:00 2024 by rpki-client on console-fra.rpki-client.org