Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/0mxk_8f8VJDKHho4tPgum9xosnQ.roa
File: 0mxk_8f8VJDKHho4tPgum9xosnQ.roa (raw, json)
Hash identifier: RVHFKHsbaSZQtvGNgajwWxyQWE+zn0SYubRIhDkP/WQ=
Subject key identifier: D2:6C:64:FF:C7:FC:54:90:CA:1E:1A:38:B4:F8:2E:9B:DC:68:B2:74
Certificate issuer: /CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Certificate serial: 018CC8DEA17470EC68F3B5337A18D9CB9AB1
Authority key identifier: 67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/0mxk_8f8VJDKHho4tPgum9xosnQ.roa
Signing time: Tue 02 Jan 2024 06:31:22 +0000
ROA not before: Tue 02 Jan 2024 06:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39657
IP address blocks: 217.30.3.0/24 maxlen: 24
217.30.0.0/23 maxlen: 24
217.30.0.0/22 maxlen: 24
217.30.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a1:74:70:ec:68:f3:b5:33:7a:18:d9:cb:9a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Validity
Not Before: Jan 2 06:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d26c64ffc7fc5490ca1e1a38b4f82e9bdc68b274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:e0:73:97:a4:7f:4b:d3:97:4b:41:09:6b:
80:a4:9e:53:37:f3:74:c8:eb:e3:29:12:f3:7e:0d:
f6:15:2a:c3:e5:ee:de:d8:a2:c0:bc:73:79:91:f4:
31:57:b7:28:3f:d3:6a:48:30:c9:0b:2e:f9:51:fc:
72:ea:68:80:b9:30:a2:27:6c:bf:3d:d7:fe:81:49:
5f:3f:5e:19:bc:a9:3a:20:b0:2d:bc:a8:c7:be:b6:
54:58:4a:ae:8d:18:29:3f:f8:96:3b:15:11:9a:0b:
f8:02:78:fe:3d:26:9e:d7:f8:ad:b9:1f:87:dc:79:
db:7e:e1:cd:9c:a7:a3:7a:90:14:0e:54:79:88:2e:
48:c6:bb:9c:83:d2:fb:99:e3:4d:f8:88:9f:cb:5f:
8f:b5:d5:fa:15:4d:dc:d1:f0:5d:f9:05:60:93:2c:
69:91:e8:97:2a:90:83:b0:f6:65:06:04:2f:21:a4:
59:19:32:21:ec:79:0c:26:4d:aa:24:24:e8:65:b4:
c5:88:f4:f6:e9:ff:b4:19:2d:52:86:40:58:e8:87:
43:dc:a6:26:c5:95:bc:18:be:02:7b:10:dd:e6:9b:
5a:55:3a:f4:62:b8:8f:71:54:a1:22:3c:05:ed:70:
95:1e:4f:67:73:1b:c3:16:56:f5:4d:5a:24:7c:c1:
fa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6C:64:FF:C7:FC:54:90:CA:1E:1A:38:B4:F8:2E:9B:DC:68:B2:74
X509v3 Authority Key Identifier:
keyid:67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/0mxk_8f8VJDKHho4tPgum9xosnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/Z6TsOPL_adJQX39i6Uw715i1hVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.30.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:9e:ea:6b:f8:31:2f:3a:b3:8b:63:95:88:5e:b3:9f:83:87:
07:6c:af:58:dd:fc:b7:4c:a4:4c:4c:69:d9:4b:ad:d3:81:56:
65:06:24:ad:a1:de:f0:cf:b6:94:49:d5:94:e5:37:96:7e:fe:
94:3f:10:a1:de:67:3e:ae:93:da:0d:c6:31:12:09:6b:fb:d4:
12:0c:22:b9:6b:9d:e5:f7:8f:49:45:b9:17:dd:df:1e:ea:e2:
1a:5d:72:3c:b6:00:1f:c5:3f:29:d5:97:d1:42:55:a1:8a:03:
28:b0:db:27:c4:3a:e6:a9:a3:56:76:17:7c:ec:8a:57:cf:bd:
8d:7d:d4:ad:92:e4:6c:15:f3:e7:5a:d4:9e:99:10:25:21:17:
3c:b4:42:74:5e:ba:69:21:46:42:f8:e2:e9:e7:f7:89:db:9d:
b9:41:28:34:9e:f1:08:16:e4:f0:bb:35:64:a4:0e:f3:43:82:
4c:d9:b4:87:47:8f:fa:53:53:60:07:e3:bd:ec:f8:56:93:1f:
84:64:cd:cb:70:39:bd:ce:eb:83:5f:20:69:8e:5d:d5:1c:13:
fd:e6:91:74:b6:83:4c:42:93:b1:9e:4a:ce:d0:6a:d6:76:94:
53:bf:79:8d:79:95:cd:b5:81:d2:d6:fe:53:82:91:34:da:40:
14:49:bd:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3qF0cOxo87UzehjZy5qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YTRlYzM4ZjJmZjY5ZDI1MDVmN2Y2MmU5NGMzYmQ3OThi
NTg1NTIwHhcNMjQwMTAyMDYzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZjNjRmZmM3ZmM1NDkwY2ExZTFhMzhiNGY4MmU5YmRjNjhiMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSbgc5ekf0vTl0tBCWuApJ5TN/N0
yOvjKRLzfg32FSrD5e7e2KLAvHN5kfQxV7coP9NqSDDJCy75Ufxy6miAuTCiJ2y/
Pdf+gUlfP14ZvKk6ILAtvKjHvrZUWEqujRgpP/iWOxURmgv4Anj+PSae1/ituR+H
3HnbfuHNnKejepAUDlR5iC5Ixrucg9L7meNN+Iify1+PtdX6FU3c0fBd+QVgkyxp
keiXKpCDsPZlBgQvIaRZGTIh7HkMJk2qJCToZbTFiPT26f+0GS1ShkBY6IdD3KYm
xZW8GL4CexDd5ptaVTr0YriPcVShIjwF7XCVHk9ncxvDFlb1TVokfMH6uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJsZP/H/FSQyh4aOLT4LpvcaLJ0MB8GA1UdIwQY
MBaAFGek7Djy/2nSUF9/YulMO9eYtYVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAt
ZDQyZDRlOWM3NjdkLzEvMG14a184ZjhWSkRLSGhvNHRQZ3VtOXhvc25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAtZDQyZDRlOWM3Njdk
LzEvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2R4AMA0G
CSqGSIb3DQEBCwUAA4IBAQB7nupr+DEvOrOLY5WIXrOfg4cHbK9Y3fy3TKRMTGnZ
S63TgVZlBiStod7wz7aUSdWU5TeWfv6UPxCh3mc+rpPaDcYxEglr+9QSDCK5a53l
949JRbkX3d8e6uIaXXI8tgAfxT8p1ZfRQlWhigMosNsnxDrmqaNWdhd87IpXz72N
fdStkuRsFfPnWtSemRAlIRc8tEJ0XrppIUZC+OLp5/eJ2525QSg0nvEIFuTwuzVk
pA7zQ4JM2bSHR4/6U1NgB+O97PhWkx+EZM3LcDm9zuuDXyBpjl3VHBP95pF0toNM
QpOxnkrO0GrWdpRTv3mNeZXNtYHS1v5TgpE02kAUSb1o
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:23 2025 by rpki-client