Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/gGh9UJOxSdDi4WdMT9AjSlQadMg.roa
File: gGh9UJOxSdDi4WdMT9AjSlQadMg.roa (raw, json)
Hash identifier: I3yccwaufEQINDCKYhbZFeLedg3Ww2KhUBVA+eZa+ko=
Subject key identifier: 80:68:7D:50:93:B1:49:D0:E2:E1:67:4C:4F:D0:23:4A:54:1A:74:C8
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 018C698CD460F019F20026A76C4E3260F2C2
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/gGh9UJOxSdDi4WdMT9AjSlQadMg.roa
Signing time: Thu 14 Dec 2023 18:18:06 +0000
ROA not before: Thu 14 Dec 2023 18:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210147
IP address blocks: 217.113.22.0/23 maxlen: 24
217.113.31.0/24 maxlen: 24
217.113.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:8c:d4:60:f0:19:f2:00:26:a7:6c:4e:32:60:f2:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Dec 14 18:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80687d5093b149d0e2e1674c4fd0234a541a74c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f0:5e:da:e9:07:44:23:7f:db:8b:0c:52:97:
35:e2:3a:a5:bb:4a:83:7b:ef:ad:12:5b:c4:9b:cc:
2b:33:ac:aa:c0:90:a3:49:dc:68:71:d4:92:0b:5e:
3a:12:33:32:14:2f:06:04:2a:e9:3d:13:8c:91:a8:
5a:2f:a1:0c:c5:1e:38:77:48:5b:2d:c4:c3:9b:4b:
dc:6d:57:69:db:d2:10:7f:e0:dc:3c:0e:29:db:1a:
02:6c:75:39:55:d7:88:4c:07:c9:64:1e:61:5b:05:
99:ca:cc:e8:e3:0f:0e:23:69:50:49:d5:c1:be:b4:
31:7e:a8:0f:38:4e:cf:18:28:6e:3a:c5:b0:e7:56:
ce:b1:c9:e2:10:0b:2c:14:6c:7d:a1:75:c7:52:c9:
c3:78:2f:66:33:93:54:0e:e9:30:73:4d:b6:97:64:
7f:ec:c1:1b:2e:7b:22:fc:18:80:2f:cd:25:42:31:
73:a8:fb:9f:89:f2:c2:3a:a3:90:82:1f:37:0a:b5:
87:00:77:4b:cc:9a:a1:cd:02:3b:e5:cc:e3:06:90:
55:2c:50:d4:33:e7:3d:f3:37:8c:01:69:9e:f2:be:
ec:2e:1d:51:21:d3:48:b7:91:c4:84:b3:e7:02:e5:
88:c5:0a:9b:91:8d:69:26:66:c4:4e:f8:6a:0b:12:
84:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:68:7D:50:93:B1:49:D0:E2:E1:67:4C:4F:D0:23:4A:54:1A:74:C8
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/gGh9UJOxSdDi4WdMT9AjSlQadMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.9.0/24
217.113.22.0/23
217.113.31.0/24
Signature Algorithm: sha256WithRSAEncryption
27:b4:9f:f8:74:ff:cf:7a:cd:70:c6:f6:87:c4:41:1b:98:20:
b6:c1:2f:56:5d:38:eb:f0:c5:d0:4f:e6:fe:5f:f4:48:44:74:
f2:61:7c:4c:63:0c:23:a1:25:00:e2:c9:5d:4a:9e:51:af:7b:
b2:a6:72:eb:4f:5d:c2:c7:38:a5:6d:c2:e5:4b:67:8f:8b:24:
17:07:e2:17:3f:cd:bf:90:f0:aa:91:5d:4c:46:5a:a9:3e:24:
ee:64:ef:55:39:bb:60:00:f3:6e:b1:fe:e0:72:6a:46:49:9f:
01:4c:8a:68:77:af:16:d6:a1:92:bc:e5:da:90:eb:c1:ad:da:
8a:fc:15:28:7d:87:0c:a8:a2:0b:ba:c7:38:d4:22:5d:a1:a6:
95:89:9f:90:8f:4a:f8:fa:fe:e6:86:da:d9:29:90:05:c5:5a:
ab:6e:6d:de:89:5c:72:07:a0:09:a7:86:80:c4:3e:79:f0:7d:
93:7a:78:55:be:c5:ff:78:0b:d9:09:d9:d7:fe:d8:07:3e:8d:
2f:8b:93:4d:93:af:11:41:7e:cf:ed:b5:8a:ef:fc:5c:8f:39:
2a:6d:eb:da:42:e8:f5:cd:52:42:03:39:d3:30:ea:49:83:1c:
f6:ac:94:91:fc:cc:1b:27:e3:ef:4f:5f:fc:a9:b3:00:16:c6:
f4:84:2a:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxpjNRg8BnyACanbE4yYPLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjMxMjE0MTgxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY4N2Q1MDkzYjE0OWQwZTJlMTY3NGM0ZmQwMjM0YTU0MWE3NGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/Be2ukHRCN/24sMUpc14jqlu0qD
e++tElvEm8wrM6yqwJCjSdxocdSSC146EjMyFC8GBCrpPROMkahaL6EMxR44d0hb
LcTDm0vcbVdp29IQf+DcPA4p2xoCbHU5VdeITAfJZB5hWwWZyszo4w8OI2lQSdXB
vrQxfqgPOE7PGChuOsWw51bOscniEAssFGx9oXXHUsnDeC9mM5NUDukwc022l2R/
7MEbLnsi/BiAL80lQjFzqPufifLCOqOQgh83CrWHAHdLzJqhzQI75czjBpBVLFDU
M+c98zeMAWme8r7sLh1RIdNIt5HEhLPnAuWIxQqbkY1pJmbETvhqCxKE8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIBofVCTsUnQ4uFnTE/QI0pUGnTIMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvZ0doOVVKT3hTZERpNFdkTVQ5QWpTbFFhZE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2XEJAwQB
2XEWAwQA2XEfMA0GCSqGSIb3DQEBCwUAA4IBAQAntJ/4dP/Pes1wxvaHxEEbmCC2
wS9WXTjr8MXQT+b+X/RIRHTyYXxMYwwjoSUA4sldSp5Rr3uypnLrT13CxzilbcLl
S2ePiyQXB+IXP82/kPCqkV1MRlqpPiTuZO9VObtgAPNusf7gcmpGSZ8BTIpod68W
1qGSvOXakOvBrdqK/BUofYcMqKILusc41CJdoaaViZ+Qj0r4+v7mhtrZKZAFxVqr
bm3eiVxyB6AJp4aAxD558H2TenhVvsX/eAvZCdnX/tgHPo0vi5NNk68RQX7P7bWK
7/xcjzkqbevaQuj1zVJCAznTMOpJgxz2rJSR/MwbJ+PvT1/8qbMAFsb0hCr9
-----END CERTIFICATE-----
Generated at Wed Dec 20 15:47:47 2023 by rpki-client on console-ams.rpki-client.org