Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/1-NrqRyIFrrJMmBynY6fu092JtKI.roa
File: 1-NrqRyIFrrJMmBynY6fu092JtKI.roa (raw, json)
Hash identifier: HSdSDSpP4iDnFbZOQkJVRuEIsA65v/LFhLIfWipaq5I=
Subject key identifier: F8:DA:EA:47:22:05:AE:B2:4C:98:1C:A7:63:A7:EE:D3:DD:89:B4:A2
Certificate issuer: /CN=da34216b3bd921b6c66187a8c86a4a4bb0ee523f
Certificate serial: 018570B0905E1252012AC2B1417D7AFE0100
Authority key identifier: DA:34:21:6B:3B:D9:21:B6:C6:61:87:A8:C8:6A:4A:4B:B0:EE:52:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/1-NrqRyIFrrJMmBynY6fu092JtKI.roa
Signing time: Mon 02 Jan 2023 04:14:57 +0000
ROA not before: Mon 02 Jan 2023 04:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50331
IP address blocks: 178.217.192.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:90:5e:12:52:01:2a:c2:b1:41:7d:7a:fe:01:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da34216b3bd921b6c66187a8c86a4a4bb0ee523f
Validity
Not Before: Jan 2 04:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8daea472205aeb24c981ca763a7eed3dd89b4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3b:23:e1:64:15:ec:f4:f6:35:34:79:55:05:
59:8e:c2:17:6b:7e:64:1a:c9:2b:ea:a9:2a:74:40:
a2:66:12:df:0d:f0:e0:66:fd:72:9d:bf:41:2b:f2:
d5:4f:34:4e:e7:77:98:92:ef:f1:9b:13:a9:b9:d6:
35:02:df:08:b1:42:8a:3c:77:8b:c8:2e:df:17:3c:
1a:0a:32:3b:87:eb:7a:89:27:f9:42:24:3f:e2:11:
6c:fa:79:a6:ca:b7:7a:a0:8c:3e:7f:f4:a8:74:78:
19:c8:a9:b0:b2:32:05:8d:d8:03:ac:65:fc:01:50:
af:2e:b8:e2:9d:ca:94:96:7c:be:5f:b6:58:d4:07:
35:d6:ba:74:d9:5f:53:1d:83:fc:7a:1b:04:7e:00:
0a:eb:bc:63:ea:ff:6d:c1:ce:3a:fc:20:37:4c:2e:
81:77:62:42:28:4b:91:1e:9f:d4:1c:d5:d6:1d:bd:
84:78:a1:2a:dd:c0:30:a1:73:6f:b1:5a:b1:dd:6e:
0d:45:95:6a:0a:d9:a0:c5:68:94:8f:c7:3a:bf:64:
23:1e:9f:38:b3:67:46:78:2e:cb:a7:35:fe:98:e1:
f8:3b:95:55:62:10:7c:93:71:44:d3:81:b7:df:71:
6d:78:0a:4e:b0:9d:47:2e:2b:74:17:12:3a:4b:b6:
19:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DA:EA:47:22:05:AE:B2:4C:98:1C:A7:63:A7:EE:D3:DD:89:B4:A2
X509v3 Authority Key Identifier:
keyid:DA:34:21:6B:3B:D9:21:B6:C6:61:87:A8:C8:6A:4A:4B:B0:EE:52:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/1-NrqRyIFrrJMmBynY6fu092JtKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/2jQhazvZIbbGYYeoyGpKS7DuUj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.192.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:13:84:b0:01:63:de:ae:84:ef:a8:5f:c3:7e:44:23:e3:e6:
57:31:80:6b:fa:90:e6:1c:b1:1c:fe:a5:82:a8:eb:16:98:fb:
b1:96:f8:14:41:31:77:46:28:52:b2:ab:12:d8:04:8e:f3:f7:
5d:96:57:5b:e5:2d:8a:7e:f0:73:46:9e:88:96:78:2e:d6:c3:
d5:61:ee:4c:9c:7d:dc:70:99:5f:ca:b8:89:18:d5:48:fd:46:
de:4d:99:99:08:c3:b9:5a:36:22:bd:a8:b1:4c:cf:28:cb:0d:
4e:b4:19:7f:2f:c2:78:e9:c4:6e:25:a1:b6:83:6f:84:5f:04:
aa:26:80:66:fc:50:43:db:9d:56:f3:2a:3d:a4:14:9f:95:c2:
19:e4:43:2c:33:14:e9:dc:f0:a0:f8:66:80:cc:98:b0:0e:27:
9e:5b:7a:28:09:3d:5b:14:5d:c8:07:fb:4d:95:38:bb:cb:c1:
37:84:ff:14:42:0a:f9:c9:98:21:2c:93:44:73:66:03:7e:94:
72:47:bf:35:23:52:24:37:e7:f9:5c:af:f7:65:c2:2f:85:56:
d7:b4:ff:04:fe:aa:e2:0c:f3:58:2b:07:c8:7c:a7:99:22:d8:
e3:de:40:40:7c:e2:6e:9c:62:f2:dc:93:0a:7a:af:35:92:99:
9e:cb:b3:d2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwsJBeElIBKsKxQX16/gEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMzQyMTZiM2JkOTIxYjZjNjYxODdhOGM4NmE0YTRiYjBl
ZTUyM2YwHhcNMjMwMTAyMDQxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRhZWE0NzIyMDVhZWIyNGM5ODFjYTc2M2E3ZWVkM2RkODliNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjsj4WQV7PT2NTR5VQVZjsIXa35k
Gskr6qkqdECiZhLfDfDgZv1ynb9BK/LVTzRO53eYku/xmxOpudY1At8IsUKKPHeL
yC7fFzwaCjI7h+t6iSf5QiQ/4hFs+nmmyrd6oIw+f/SodHgZyKmwsjIFjdgDrGX8
AVCvLrjincqUlny+X7ZY1Ac11rp02V9THYP8ehsEfgAK67xj6v9twc46/CA3TC6B
d2JCKEuRHp/UHNXWHb2EeKEq3cAwoXNvsVqx3W4NRZVqCtmgxWiUj8c6v2QjHp84
s2dGeC7LpzX+mOH4O5VVYhB8k3FE04G333FteApOsJ1HLit0FxI6S7YZvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPja6kciBa6yTJgcp2On7tPdibSiMB8GA1UdIwQY
MBaAFNo0IWs72SG2xmGHqMhqSkuw7lI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmpRaGF6dlpJYmJHWVllb3lHcEtTN0R1VWo4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MWVlN2MtM2MwNC00YTljLTlkZjct
MGJmNTkwNWIzNWVmLzEvMS1OcnFSeUlGcnJKTW1CeW5ZNmZ1MDkySnRLSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDgvNzFlZTdjLTNjMDQtNGE5Yy05ZGY3LTBiZjU5MDViMzVl
Zi8xLzJqUWhhenZaSWJiR1lZZW95R3BLUzdEdVVqOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7LZwDAN
BgkqhkiG9w0BAQsFAAOCAQEApxOEsAFj3q6E76hfw35EI+PmVzGAa/qQ5hyxHP6l
gqjrFpj7sZb4FEExd0YoUrKrEtgEjvP3XZZXW+Utin7wc0aeiJZ4LtbD1WHuTJx9
3HCZX8q4iRjVSP1G3k2ZmQjDuVo2Ir2osUzPKMsNTrQZfy/CeOnEbiWhtoNvhF8E
qiaAZvxQQ9udVvMqPaQUn5XCGeRDLDMU6dzwoPhmgMyYsA4nnlt6KAk9WxRdyAf7
TZU4u8vBN4T/FEIK+cmYISyTRHNmA36Ucke/NSNSJDfn+Vyv92XCL4VW17T/BP6q
4gzzWCsHyHynmSLY495AQHzibpxi8tyTCnqvNZKZnsuz0g==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:48 2024 by rpki-client on console-ams.rpki-client.org