Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/fvBFp2WcxZBbLWev2ZNyxpxWcC8.roa
File: fvBFp2WcxZBbLWev2ZNyxpxWcC8.roa (raw, json)
Hash identifier: zI3697ODRGslB43WZZLXPM+IrmHvwZ7rfKwYeo6o0Fg=
Subject key identifier: 7E:F0:45:A7:65:9C:C5:90:5B:2D:67:AF:D9:93:72:C6:9C:56:70:2F
Certificate issuer: /CN=59c3cc99899373c85974f01c9cd7aa057ab97fab
Certificate serial: 018CCA2B42A695EDC87358FB2CEDF198B15E
Authority key identifier: 59:C3:CC:99:89:93:73:C8:59:74:F0:1C:9C:D7:AA:05:7A:B9:7F:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WcPMmYmTc8hZdPAcnNeqBXq5f6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/fvBFp2WcxZBbLWev2ZNyxpxWcC8.roa
Signing time: Tue 02 Jan 2024 12:34:41 +0000
ROA not before: Tue 02 Jan 2024 12:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29503
IP address blocks: 217.146.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:42:a6:95:ed:c8:73:58:fb:2c:ed:f1:98:b1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59c3cc99899373c85974f01c9cd7aa057ab97fab
Validity
Not Before: Jan 2 12:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ef045a7659cc5905b2d67afd99372c69c56702f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8c:8d:e5:0e:46:a8:52:c8:9e:37:ce:21:a1:
5d:27:6c:24:11:41:ab:11:e3:e5:67:09:7f:19:b8:
83:d4:2f:eb:f7:92:ff:72:9d:2f:f7:64:62:19:d7:
df:cc:a0:a7:db:27:f4:30:1d:cc:7f:b4:d5:b0:fe:
83:b7:38:4c:23:a3:8c:49:bb:90:89:03:ad:56:56:
0e:67:4b:9e:99:52:56:07:ab:4d:89:5d:3d:06:84:
da:cf:5d:0b:7f:e9:2b:02:c1:9d:19:18:f5:97:84:
02:81:10:22:66:b6:d5:8d:2e:b5:0e:20:61:40:7d:
d5:29:8d:83:fb:1f:5a:34:6f:1d:f7:2d:90:4b:be:
7a:f6:05:96:b7:b8:55:16:0e:8e:64:aa:ae:63:e8:
81:62:60:fa:5e:5f:27:eb:29:b2:37:0f:0c:fb:74:
ec:7a:d4:25:eb:fe:83:bf:79:29:d5:8d:dd:98:08:
0b:e1:f5:d1:6b:7d:44:4b:17:c0:a5:34:38:7e:6b:
11:03:12:5e:78:c2:80:f0:d8:03:5e:3d:91:f4:64:
38:9c:8d:15:de:1f:83:f2:c8:39:65:dd:3c:a4:8d:
1c:20:f4:3f:a7:fb:ad:17:fb:c7:90:a3:d8:7a:57:
39:98:c4:c8:ab:06:98:01:59:66:05:0f:d1:11:12:
b3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F0:45:A7:65:9C:C5:90:5B:2D:67:AF:D9:93:72:C6:9C:56:70:2F
X509v3 Authority Key Identifier:
keyid:59:C3:CC:99:89:93:73:C8:59:74:F0:1C:9C:D7:AA:05:7A:B9:7F:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WcPMmYmTc8hZdPAcnNeqBXq5f6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/fvBFp2WcxZBbLWev2ZNyxpxWcC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/WcPMmYmTc8hZdPAcnNeqBXq5f6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.146.32.0/22
Signature Algorithm: sha256WithRSAEncryption
05:7c:6b:60:8c:85:c7:9b:c5:18:0a:09:b3:2c:d9:b5:23:3c:
1f:84:d4:79:a4:05:95:24:81:79:73:4b:aa:e0:fe:c4:f7:f6:
af:0a:c0:d5:07:bb:e0:d6:d2:6e:13:58:d4:12:13:f3:b2:b3:
93:f7:8d:ea:8b:98:f3:9e:14:64:22:8a:1b:54:e1:dc:ee:b8:
e1:21:69:55:d4:6c:be:64:2d:85:24:ed:f9:91:21:06:75:54:
85:58:e9:94:4f:89:24:46:24:45:5a:43:12:5a:51:f5:de:24:
82:12:f2:cf:e2:a8:59:eb:d5:f4:d8:47:6e:6d:99:26:72:55:
09:31:c6:16:64:cc:87:2a:c9:27:ad:cb:3d:b0:6d:56:94:aa:
de:c2:12:79:6b:d1:b4:d3:a3:f1:68:c2:09:85:82:54:73:7f:
ad:86:5c:38:db:77:cf:1e:5a:41:36:4d:de:70:da:75:d4:03:
69:9b:2d:25:21:8f:16:d8:67:43:e1:8c:bf:d3:7d:1c:31:41:
08:49:a9:3e:bd:51:bd:1b:ce:ce:40:73:49:14:2e:34:43:e2:
09:e9:71:1c:66:8d:0c:95:4a:ae:99:08:da:ef:2d:60:a2:18:
31:2a:6e:15:70:5c:29:0f:62:7c:c9:eb:36:15:cf:a3:59:29:
08:95:80:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK0Kmle3Ic1j7LO3xmLFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YzNjYzk5ODk5MzczYzg1OTc0ZjAxYzljZDdhYTA1N2Fi
OTdmYWIwHhcNMjQwMTAyMTIzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWYwNDVhNzY1OWNjNTkwNWIyZDY3YWZkOTkzNzJjNjljNTY3MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYyN5Q5GqFLInjfOIaFdJ2wkEUGr
EePlZwl/GbiD1C/r95L/cp0v92RiGdffzKCn2yf0MB3Mf7TVsP6DtzhMI6OMSbuQ
iQOtVlYOZ0uemVJWB6tNiV09BoTaz10Lf+krAsGdGRj1l4QCgRAiZrbVjS61DiBh
QH3VKY2D+x9aNG8d9y2QS7569gWWt7hVFg6OZKquY+iBYmD6Xl8n6ymyNw8M+3Ts
etQl6/6Dv3kp1Y3dmAgL4fXRa31ESxfApTQ4fmsRAxJeeMKA8NgDXj2R9GQ4nI0V
3h+D8sg5Zd08pI0cIPQ/p/utF/vHkKPYelc5mMTIqwaYAVlmBQ/RERKzNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH7wRadlnMWQWy1nr9mTcsacVnAvMB8GA1UdIwQY
MBaAFFnDzJmJk3PIWXTwHJzXqgV6uX+rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2NQTW1ZbVRjOGhaZFBBY25OZXFCWHE1ZjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NWYwNTEtNWUxZC00ZDM2LWE1OTMt
MWE1ZWI1MDg4NWFlLzEvZnZCRnAyV2N4WkJiTFdldjJaTnl4cHhXY0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NWYwNTEtNWUxZC00ZDM2LWE1OTMtMWE1ZWI1MDg4NWFl
LzEvV2NQTW1ZbVRjOGhaZFBBY25OZXFCWHE1ZjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZIgMA0G
CSqGSIb3DQEBCwUAA4IBAQAFfGtgjIXHm8UYCgmzLNm1IzwfhNR5pAWVJIF5c0uq
4P7E9/avCsDVB7vg1tJuE1jUEhPzsrOT943qi5jznhRkIoobVOHc7rjhIWlV1Gy+
ZC2FJO35kSEGdVSFWOmUT4kkRiRFWkMSWlH13iSCEvLP4qhZ69X02EdubZkmclUJ
McYWZMyHKsknrcs9sG1WlKrewhJ5a9G006PxaMIJhYJUc3+thlw423fPHlpBNk3e
cNp11ANpmy0lIY8W2GdD4Yy/030cMUEISak+vVG9G87OQHNJFC40Q+IJ6XEcZo0M
lUqumQja7y1gohgxKm4VcFwpD2J8yes2Fc+jWSkIlYAV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:16 2025 by rpki-client