Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/ze2p70sFDYBrkB-Wnh0ynA2BMMk.roa
File: ze2p70sFDYBrkB-Wnh0ynA2BMMk.roa (raw, json)
Hash identifier: 4p3p8AaBY+AM2v8/wA+BBM4AmxtOfXix0m+ONAyhW7Q=
Subject key identifier: CD:ED:A9:EF:4B:05:0D:80:6B:90:1F:96:9E:1D:32:9C:0D:81:30:C9
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B7359A7D22FC699FFCFDCB067A9ED
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/ze2p70sFDYBrkB-Wnh0ynA2BMMk.roa
Signing time: Sun 01 Jan 2023 21:44:53 +0000
ROA not before: Sun 01 Jan 2023 21:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25151
IP address blocks: 217.170.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:73:59:a7:d2:2f:c6:99:ff:cf:dc:b0:67:a9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdeda9ef4b050d806b901f969e1d329c0d8130c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:13:64:c1:69:1c:35:94:17:e0:4e:31:a4:60:
55:4a:51:bc:f2:53:42:12:e3:55:9c:cb:4b:0b:af:
20:94:48:50:9c:c5:c5:87:07:7d:10:ef:ae:11:42:
3c:40:5e:fd:77:3e:ac:fd:78:dc:92:64:46:95:18:
13:6b:be:51:7e:10:5b:9d:e8:91:c0:65:4f:1d:9d:
91:41:8d:dd:2b:3c:2a:80:5c:54:9b:ca:a7:ed:1a:
fc:77:b5:1b:ea:50:76:c7:3c:f9:be:c8:96:39:dd:
5a:0e:09:e0:72:ed:cc:9d:4a:42:4a:f4:5b:1c:34:
1c:6e:f3:e6:cb:99:61:99:27:1e:63:33:36:98:b9:
65:b4:7f:0c:4a:76:2c:b0:a6:51:ce:d8:2f:c3:09:
d7:ab:2f:41:b3:5d:50:6e:cb:0a:66:33:65:0e:56:
4c:2f:3f:df:6f:8c:b6:b1:bc:b2:a3:46:33:70:8b:
bb:83:f9:c2:56:be:7d:45:b9:69:c9:f1:a1:aa:f2:
a1:9a:9b:08:34:a1:87:50:3f:d2:b7:db:cb:71:83:
cd:b9:bd:99:62:5f:d1:47:f3:83:32:e5:3c:87:ae:
38:f9:77:4d:f0:43:57:fe:cf:81:fd:e1:5a:a6:c2:
38:79:ae:9f:8f:51:c5:a5:de:47:04:cc:5f:5a:48:
4a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:ED:A9:EF:4B:05:0D:80:6B:90:1F:96:9E:1D:32:9C:0D:81:30:C9
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/ze2p70sFDYBrkB-Wnh0ynA2BMMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:e2:c8:72:f3:c7:85:25:d4:99:1f:5a:09:01:01:c5:81:b5:
bb:71:d2:18:6e:aa:f0:99:9d:38:4e:d9:61:59:a1:84:0b:4b:
50:60:54:e4:dd:c6:96:cb:78:65:22:22:77:28:4a:b9:b3:ff:
fb:44:b4:9f:55:6f:db:f6:01:25:6d:b3:aa:de:c2:d1:07:64:
c1:a3:c8:49:d0:b0:ae:cb:cc:66:f5:6f:f1:2e:97:2c:9c:c3:
5c:57:8a:27:88:64:e2:47:9b:19:23:7b:ea:de:03:cd:3c:9b:
9a:38:6f:13:9b:fc:0f:13:83:b6:bf:70:85:6c:15:a8:e7:a3:
8a:00:5b:43:41:a8:47:15:65:d7:93:5d:51:32:03:fd:bb:bc:
80:8d:98:db:c5:27:e9:f6:c0:ef:dd:0b:20:d8:15:66:fd:dd:
8c:ce:1f:51:78:b7:17:80:02:05:c9:84:db:cd:25:2a:15:3d:
99:c7:2d:ba:f9:4f:c4:7a:a8:d3:29:dc:f7:f8:9e:2a:89:ff:
3d:79:e9:ee:e5:6f:96:ae:a9:9c:98:fc:4d:64:4c:37:a7:64:
07:d5:bc:91:4a:df:08:1b:8c:51:cb:9c:7f:5a:12:2a:49:65:
1c:9f:03:eb:e0:4d:9d:4f:16:df:7f:d3:19:55:04:54:b0:b7:
e8:a7:cd:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3NZp9Ivxpn/z9ywZ6ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGVkYTllZjRiMDUwZDgwNmI5MDFmOTY5ZTFkMzI5YzBkODEzMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRNkwWkcNZQX4E4xpGBVSlG88lNC
EuNVnMtLC68glEhQnMXFhwd9EO+uEUI8QF79dz6s/XjckmRGlRgTa75RfhBbneiR
wGVPHZ2RQY3dKzwqgFxUm8qn7Rr8d7Ub6lB2xzz5vsiWOd1aDgngcu3MnUpCSvRb
HDQcbvPmy5lhmSceYzM2mLlltH8MSnYssKZRztgvwwnXqy9Bs11QbssKZjNlDlZM
Lz/fb4y2sbyyo0YzcIu7g/nCVr59RblpyfGhqvKhmpsINKGHUD/St9vLcYPNub2Z
Yl/RR/ODMuU8h644+XdN8ENX/s+B/eFapsI4ea6fj1HFpd5HBMxfWkhK/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3tqe9LBQ2Aa5Aflp4dMpwNgTDJMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvemUycDcwc0ZEWUJya0ItV25oMHluQTJCTU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2aoCMA0G
CSqGSIb3DQEBCwUAA4IBAQB64shy88eFJdSZH1oJAQHFgbW7cdIYbqrwmZ04Ttlh
WaGEC0tQYFTk3caWy3hlIiJ3KEq5s//7RLSfVW/b9gElbbOq3sLRB2TBo8hJ0LCu
y8xm9W/xLpcsnMNcV4oniGTiR5sZI3vq3gPNPJuaOG8Tm/wPE4O2v3CFbBWo56OK
AFtDQahHFWXXk11RMgP9u7yAjZjbxSfp9sDv3Qsg2BVm/d2Mzh9ReLcXgAIFyYTb
zSUqFT2Zxy26+U/EeqjTKdz3+J4qif89eenu5W+WrqmcmPxNZEw3p2QH1byRSt8I
G4xRy5x/WhIqSWUcnwPr4E2dTxbff9MZVQRUsLfop82w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:36 2024 by rpki-client on console-ams.rpki-client.org