Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/yzhqgPSVzdqeFQ1yTY0xTXs17jA.roa
File: yzhqgPSVzdqeFQ1yTY0xTXs17jA.roa (raw, json)
Hash identifier: ap94P/c7WzOQ0tqkDyI8D4cmwCtF4p8evf9miUHr1VE=
Subject key identifier: CB:38:6A:80:F4:95:CD:DA:9E:15:0D:72:4D:8D:31:4D:7B:35:EE:30
Certificate issuer: /CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Certificate serial: 0189B6698DED8B25703F4FBD90BB7393A7DE
Authority key identifier: 67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/yzhqgPSVzdqeFQ1yTY0xTXs17jA.roa
Signing time: Wed 02 Aug 2023 13:21:58 +0000
ROA not before: Wed 02 Aug 2023 13:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 217.30.3.0/24 maxlen: 24
217.30.0.0/23 maxlen: 24
217.30.0.0/22 maxlen: 24
217.30.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:69:8d:ed:8b:25:70:3f:4f:bd:90:bb:73:93:a7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Validity
Not Before: Aug 2 13:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb386a80f495cdda9e150d724d8d314d7b35ee30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:44:bf:9d:b2:59:a1:36:ee:7d:23:5c:fd:3a:
1e:b6:21:e0:d3:f7:85:d3:0d:de:e8:6f:c9:b5:1c:
57:9f:0a:2c:ab:d8:ec:aa:46:8a:73:b4:11:af:f7:
b3:43:eb:77:95:88:cb:dd:7a:f3:b1:ad:a4:40:e3:
c4:a9:0f:d9:15:f3:e2:81:2c:16:de:fc:95:83:f4:
80:60:49:33:e7:c3:99:a9:49:86:f3:a5:63:d7:f1:
06:42:6b:a0:9f:e5:7b:a8:f8:73:68:50:0e:d9:72:
bb:a2:24:87:6a:f4:73:85:cf:22:de:94:4b:18:26:
ac:89:6e:76:21:ee:eb:77:75:de:5f:0f:b8:1a:4d:
8f:bd:fd:5f:fb:1d:5f:4f:ab:11:88:f0:c9:7b:16:
b0:04:1f:b9:96:1d:72:22:f2:73:62:d0:57:ea:e9:
13:76:e3:ce:9c:88:c8:96:b9:3a:23:54:9e:34:e5:
f3:09:f0:c0:c6:26:d3:fc:0b:0a:d5:0c:69:81:16:
5c:ec:96:d4:16:db:1b:4a:43:ac:be:65:77:76:c2:
69:6c:dc:03:7e:3c:fd:fd:31:67:84:88:ee:21:8d:
c6:76:5f:83:d3:7d:53:27:7c:90:ad:6a:bf:4c:26:
c3:93:b2:93:6b:d5:4a:7e:b0:37:c0:73:dc:29:7a:
7d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:38:6A:80:F4:95:CD:DA:9E:15:0D:72:4D:8D:31:4D:7B:35:EE:30
X509v3 Authority Key Identifier:
keyid:67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/yzhqgPSVzdqeFQ1yTY0xTXs17jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/Z6TsOPL_adJQX39i6Uw715i1hVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.30.0.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:a8:ba:aa:95:00:b7:59:29:11:45:4e:93:3e:e2:a1:0b:d1:
55:af:9c:39:39:70:d2:79:1b:42:3e:ff:a1:7f:7a:44:56:36:
89:b1:91:9a:49:f6:c8:59:29:45:30:1a:35:10:b3:3e:52:56:
e2:5f:60:a6:e5:b5:0c:8e:f8:22:c3:96:01:5e:52:c7:a6:05:
25:6e:73:37:e8:cc:c8:7f:fa:08:a6:ba:45:42:c4:79:77:27:
c7:5f:89:b1:40:1e:8a:c4:ee:1a:cc:0d:7d:df:b4:d5:37:b0:
2e:bf:0c:f7:7d:2f:48:9e:9b:19:74:1b:9a:c6:24:a2:a8:85:
a5:f6:c4:c6:38:3d:d8:0a:64:cd:77:1a:83:f1:f3:8f:8d:2a:
86:5e:cc:a5:45:d5:e2:d0:b9:27:7a:5f:9e:45:fc:d5:90:00:
22:9e:62:50:f4:16:15:91:e7:c9:23:54:e6:69:f3:30:55:e0:
89:97:44:87:3b:0c:7c:a4:6c:3b:9e:ba:8b:dd:dd:3e:19:0e:
49:cd:fc:f9:ba:31:73:91:d9:f4:9b:98:d7:59:90:e9:5c:42:
c1:59:d9:6c:fb:4b:b1:7e:43:77:39:17:00:43:07:09:44:b8:
46:78:e4:e2:1a:77:9c:7e:6a:9a:ea:af:55:65:73:d0:fd:55:
dc:a2:e6:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm2aY3tiyVwP0+9kLtzk6feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YTRlYzM4ZjJmZjY5ZDI1MDVmN2Y2MmU5NGMzYmQ3OThi
NTg1NTIwHhcNMjMwODAyMTMyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM4NmE4MGY0OTVjZGRhOWUxNTBkNzI0ZDhkMzE0ZDdiMzVlZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0S/nbJZoTbufSNc/ToetiHg0/eF
0w3e6G/JtRxXnwosq9jsqkaKc7QRr/ezQ+t3lYjL3Xrzsa2kQOPEqQ/ZFfPigSwW
3vyVg/SAYEkz58OZqUmG86Vj1/EGQmugn+V7qPhzaFAO2XK7oiSHavRzhc8i3pRL
GCasiW52Ie7rd3XeXw+4Gk2Pvf1f+x1fT6sRiPDJexawBB+5lh1yIvJzYtBX6ukT
duPOnIjIlrk6I1SeNOXzCfDAxibT/AsK1QxpgRZc7JbUFtsbSkOsvmV3dsJpbNwD
fjz9/TFnhIjuIY3Gdl+D031TJ3yQrWq/TCbDk7KTa9VKfrA3wHPcKXp9HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMs4aoD0lc3anhUNck2NMU17Ne4wMB8GA1UdIwQY
MBaAFGek7Djy/2nSUF9/YulMO9eYtYVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAt
ZDQyZDRlOWM3NjdkLzEveXpocWdQU1Z6ZHFlRlExeVRZMHhUWHMxN2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAtZDQyZDRlOWM3Njdk
LzEvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2R4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAtqLqqlQC3WSkRRU6TPuKhC9FVr5w5OXDSeRtCPv+h
f3pEVjaJsZGaSfbIWSlFMBo1ELM+UlbiX2Cm5bUMjvgiw5YBXlLHpgUlbnM36MzI
f/oIprpFQsR5dyfHX4mxQB6KxO4azA1937TVN7Auvwz3fS9InpsZdBuaxiSiqIWl
9sTGOD3YCmTNdxqD8fOPjSqGXsylRdXi0Lknel+eRfzVkAAinmJQ9BYVkefJI1Tm
afMwVeCJl0SHOwx8pGw7nrqL3d0+GQ5Jzfz5ujFzkdn0m5jXWZDpXELBWdls+0ux
fkN3ORcAQwcJRLhGeOTiGnecfmqa6q9VZXPQ/VXcoua0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org