Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/a8NGQDu55qjSUuUo7hqAJ6GDqr0.roa
File: a8NGQDu55qjSUuUo7hqAJ6GDqr0.roa (raw, json)
Hash identifier: kcX4jur2rBeOSDA0teaWyMWlXHF/jTqZ3UcSQWLdzJM=
Subject key identifier: 6B:C3:46:40:3B:B9:E6:A8:D2:52:E5:28:EE:1A:80:27:A1:83:AA:BD
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 019424B3CDD3968C19DD76014D8094F11612
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/a8NGQDu55qjSUuUo7hqAJ6GDqr0.roa
Signing time: Thu 02 Jan 2025 01:49:10 +0000
ROA not before: Thu 02 Jan 2025 01:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210147
IP address blocks: 217.113.22.0/23 maxlen: 24
217.113.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 06:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cd:d3:96:8c:19:dd:76:01:4d:80:94:f1:16:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bc346403bb9e6a8d252e528ee1a8027a183aabd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:54:e1:2a:7c:fd:1c:2a:2d:7d:0e:2a:22:e1:
9d:9c:33:14:9f:17:c8:64:d5:dd:df:e4:cd:77:ac:
58:c3:db:47:73:6d:a1:55:39:fb:9d:54:b0:dc:ff:
9d:54:7a:c5:8a:99:a4:79:d8:58:eb:ff:1e:87:c2:
7e:db:8a:5e:8f:89:2c:f0:d6:9d:8c:3c:c7:74:3d:
0b:61:5f:95:ed:7e:f4:0c:ba:fe:0f:ab:98:ea:50:
34:be:eb:71:b2:95:0f:c0:49:11:91:b0:6d:69:a4:
59:5a:51:ac:64:a4:0e:e9:e2:9e:40:0b:3c:38:f9:
ea:ea:69:ca:87:b5:2e:b0:b6:f8:2d:64:bd:4d:c4:
45:45:b7:25:68:5a:40:2e:94:20:50:1e:a1:79:70:
16:87:16:63:de:5d:03:68:25:60:c2:f6:bc:fa:2d:
43:e4:9b:55:ca:c4:01:10:b5:a1:f8:ca:29:ef:10:
2e:f9:68:dc:da:18:c0:37:39:a8:81:93:3a:b3:2f:
59:d4:54:af:71:b2:11:63:0f:f3:fe:4c:42:58:29:
16:62:8d:98:73:c3:e2:7b:7b:4f:9c:df:0a:2b:62:
a0:b0:7b:f1:d4:89:60:7c:8a:79:41:54:1a:d2:a0:
4e:d0:fe:37:3e:72:5e:23:c0:2b:60:a4:2e:14:56:
a0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C3:46:40:3B:B9:E6:A8:D2:52:E5:28:EE:1A:80:27:A1:83:AA:BD
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/a8NGQDu55qjSUuUo7hqAJ6GDqr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.22.0/23
217.113.31.0/24
Signature Algorithm: sha256WithRSAEncryption
01:a4:42:56:2c:86:29:ad:ab:04:23:80:f0:b6:5d:f8:28:bd:
46:83:ab:13:f5:7a:e3:06:ac:a9:86:d9:fe:fc:04:e1:43:fa:
bc:45:85:c0:69:87:bb:6f:7f:6f:d6:90:9d:2f:d3:9b:4f:9a:
8e:01:a2:d2:6d:57:30:19:ec:f3:42:91:83:5e:8e:a1:ea:f5:
26:59:5a:94:36:c8:7e:9b:a0:d3:b1:94:85:fc:5f:fb:98:34:
a8:15:1a:5a:e5:28:34:6c:7a:a3:93:72:d3:30:98:c3:6b:c7:
b9:1a:7d:56:0f:ed:da:c9:cc:cc:9b:ff:e7:41:05:eb:13:2a:
0b:ac:dd:89:c2:fe:c9:f6:45:93:be:d6:d9:ea:6c:35:33:58:
42:61:a0:9d:c1:8e:a0:49:db:58:b6:27:8b:a6:c6:45:e0:b7:
ce:7a:48:4b:62:d9:15:93:4d:d9:75:e6:ed:2b:e3:03:f7:25:
15:59:8b:e8:fe:55:1c:09:d1:64:73:e8:7f:53:a2:14:74:6a:
8a:ff:60:bb:51:89:1f:db:7d:4f:c6:2a:fb:42:18:f1:2e:26:
e0:79:3b:66:a9:b1:ce:90:9e:ae:41:5b:80:69:7b:f1:91:01:
84:bb:b8:0e:eb:e5:7a:ef:69:6a:46:d3:b2:01:bb:88:a4:79:
61:b3:90:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks83TlowZ3XYBTYCU8RYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmMzNDY0MDNiYjllNmE4ZDI1MmU1MjhlZTFhODAyN2ExODNhYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VThKnz9HCotfQ4qIuGdnDMUnxfI
ZNXd3+TNd6xYw9tHc22hVTn7nVSw3P+dVHrFipmkedhY6/8eh8J+24pej4ks8Nad
jDzHdD0LYV+V7X70DLr+D6uY6lA0vutxspUPwEkRkbBtaaRZWlGsZKQO6eKeQAs8
OPnq6mnKh7UusLb4LWS9TcRFRbclaFpALpQgUB6heXAWhxZj3l0DaCVgwva8+i1D
5JtVysQBELWh+Mop7xAu+Wjc2hjANzmogZM6sy9Z1FSvcbIRYw/z/kxCWCkWYo2Y
c8Pie3tPnN8KK2KgsHvx1IlgfIp5QVQa0qBO0P43PnJeI8ArYKQuFFagSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvDRkA7ueao0lLlKO4agCehg6q9MB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvYThOR1FEdTU1cWpTVXVVbzdocUFKNkdEcXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB2XEWAwQA
2XEfMA0GCSqGSIb3DQEBCwUAA4IBAQABpEJWLIYprasEI4Dwtl34KL1Gg6sT9Xrj
Bqyphtn+/AThQ/q8RYXAaYe7b39v1pCdL9ObT5qOAaLSbVcwGezzQpGDXo6h6vUm
WVqUNsh+m6DTsZSF/F/7mDSoFRpa5Sg0bHqjk3LTMJjDa8e5Gn1WD+3ayczMm//n
QQXrEyoLrN2Jwv7J9kWTvtbZ6mw1M1hCYaCdwY6gSdtYtieLpsZF4LfOekhLYtkV
k03ZdebtK+MD9yUVWYvo/lUcCdFkc+h/U6IUdGqK/2C7UYkf231Pxir7QhjxLibg
eTtmqbHOkJ6uQVuAaXvxkQGEu7gO6+V672lqRtOyAbuIpHlhs5A/
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:18:17 2025 by rpki-client