Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/q3wH2o-193jBG3h1elPZog5ZimA.roa
File: q3wH2o-193jBG3h1elPZog5ZimA.roa (raw, json)
Hash identifier: vZGTL8TqiFCPRjq/WqAQUWSd2JE7mrxNrtDfMtglBz0=
Subject key identifier: AB:7C:07:DA:8F:B5:F7:78:C1:1B:78:75:7A:53:D9:A2:0E:59:8A:60
Certificate issuer: /CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Certificate serial: 0189B646C668333783D7049B27A9E3EADB30
Authority key identifier: 67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/q3wH2o-193jBG3h1elPZog5ZimA.roa
Signing time: Wed 02 Aug 2023 12:43:58 +0000
ROA not before: Wed 02 Aug 2023 12:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 217.30.3.0/24 maxlen: 24
217.30.0.0/22 maxlen: 24
217.30.0.0/23 maxlen: 23
217.30.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Aug 2023 13:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:46:c6:68:33:37:83:d7:04:9b:27:a9:e3:ea:db:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Validity
Not Before: Aug 2 12:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab7c07da8fb5f778c11b78757a53d9a20e598a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:f0:e2:e2:17:83:21:13:ef:8d:49:c6:ee:
d3:50:46:fe:ac:30:ff:1e:60:1f:ab:5e:0a:67:16:
7e:fc:bf:93:60:59:e3:67:ea:a9:3a:df:0e:cf:bc:
e1:3d:80:33:29:e1:3a:96:f9:f1:3d:19:1c:7e:5f:
7e:df:07:7f:fd:cf:db:3a:ee:48:5d:98:76:90:a0:
d3:06:00:b3:f1:7a:41:3a:eb:b4:7a:94:41:b9:29:
09:8f:59:3f:0e:a9:f6:fe:e6:f9:e4:10:f2:4d:71:
bd:06:be:dd:47:f4:95:40:4b:34:5d:92:43:50:d4:
75:69:32:9c:f7:89:12:e6:c1:91:8f:ba:8c:04:0d:
ab:d4:20:c9:6e:f6:9f:b5:94:ed:e4:4e:56:29:61:
b0:76:8c:7f:4d:f3:82:62:19:41:91:82:68:bf:05:
c9:06:9e:65:16:92:7a:24:20:c6:37:b0:fd:8c:4b:
2b:58:41:75:77:7e:41:e5:fa:f6:58:49:52:80:98:
f5:76:94:1b:1c:e7:66:f1:0f:81:b0:83:62:cf:01:
d4:91:11:bc:6f:7c:1b:65:6e:e0:91:f3:f7:f7:75:
b1:2a:94:d0:92:19:9c:dc:54:f0:55:3e:6a:22:42:
ec:25:cb:19:de:c6:60:97:f0:b5:a6:6c:69:5f:70:
77:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7C:07:DA:8F:B5:F7:78:C1:1B:78:75:7A:53:D9:A2:0E:59:8A:60
X509v3 Authority Key Identifier:
keyid:67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/q3wH2o-193jBG3h1elPZog5ZimA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/Z6TsOPL_adJQX39i6Uw715i1hVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.30.0.0/22
Signature Algorithm: sha256WithRSAEncryption
23:1b:75:51:41:f4:41:f7:a3:62:aa:63:cd:32:53:35:af:f9:
23:90:73:e2:ab:84:3a:99:4d:d7:0f:4b:cf:21:dd:7c:1a:e3:
c4:52:d5:7b:50:8a:3b:76:b3:cc:b3:3e:79:74:ec:4a:9a:1a:
12:e4:42:64:4c:07:d0:c3:24:75:f1:1e:bc:7c:9c:20:e9:a4:
e5:1d:2d:9c:83:68:08:8f:99:59:1f:90:3e:f5:8c:f3:93:22:
c4:cd:02:a1:cd:97:ff:58:88:ad:8d:55:db:3a:09:d3:e6:f7:
d5:b8:ee:97:a0:0b:66:01:44:d8:29:7d:d7:07:1e:e8:09:b5:
09:e9:1b:a3:90:9a:b6:bc:7c:37:28:a6:04:fe:16:10:3b:e8:
a3:ca:33:37:26:4e:24:c5:91:1c:5c:aa:b7:eb:d3:48:cb:a7:
d5:f7:6c:fd:33:8d:b7:8f:25:97:ab:61:06:86:3a:eb:12:3e:
8e:fe:87:69:b7:0a:bc:19:1c:f6:66:89:b1:0f:dc:01:43:a8:
d1:8e:d3:68:17:3a:53:9d:7f:38:0e:2f:49:42:e9:69:75:a9:
10:46:d6:d0:06:6c:11:3f:09:7a:c5:f6:06:86:45:a9:97:38:
47:4a:96:f3:96:04:10:43:37:a9:a7:88:ea:a1:e3:5a:96:a9:
39:22:f8:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm2RsZoMzeD1wSbJ6nj6tswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YTRlYzM4ZjJmZjY5ZDI1MDVmN2Y2MmU5NGMzYmQ3OThi
NTg1NTIwHhcNMjMwODAyMTI0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdjMDdkYThmYjVmNzc4YzExYjc4NzU3YTUzZDlhMjBlNTk4YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhfw4uIXgyET741Jxu7TUEb+rDD/
HmAfq14KZxZ+/L+TYFnjZ+qpOt8Oz7zhPYAzKeE6lvnxPRkcfl9+3wd//c/bOu5I
XZh2kKDTBgCz8XpBOuu0epRBuSkJj1k/Dqn2/ub55BDyTXG9Br7dR/SVQEs0XZJD
UNR1aTKc94kS5sGRj7qMBA2r1CDJbvaftZTt5E5WKWGwdox/TfOCYhlBkYJovwXJ
Bp5lFpJ6JCDGN7D9jEsrWEF1d35B5fr2WElSgJj1dpQbHOdm8Q+BsINizwHUkRG8
b3wbZW7gkfP393WxKpTQkhmc3FTwVT5qIkLsJcsZ3sZgl/C1pmxpX3B30wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKt8B9qPtfd4wRt4dXpT2aIOWYpgMB8GA1UdIwQY
MBaAFGek7Djy/2nSUF9/YulMO9eYtYVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAt
ZDQyZDRlOWM3NjdkLzEvcTN3SDJvLTE5M2pCRzNoMWVsUFpvZzVaaW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAtZDQyZDRlOWM3Njdk
LzEvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2R4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAjG3VRQfRB96NiqmPNMlM1r/kjkHPiq4Q6mU3XD0vP
Id18GuPEUtV7UIo7drPMsz55dOxKmhoS5EJkTAfQwyR18R68fJwg6aTlHS2cg2gI
j5lZH5A+9YzzkyLEzQKhzZf/WIitjVXbOgnT5vfVuO6XoAtmAUTYKX3XBx7oCbUJ
6RujkJq2vHw3KKYE/hYQO+ijyjM3Jk4kxZEcXKq369NIy6fV92z9M423jyWXq2EG
hjrrEj6O/odptwq8GRz2ZomxD9wBQ6jRjtNoFzpTnX84Di9JQulpdakQRtbQBmwR
Pwl6xfYGhkWplzhHSpbzlgQQQzepp4jqoeNalqk5Ivh3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:54 2024 by rpki-client on console-fra.rpki-client.org