Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/RG5ExuxEx_tOLs2Y6ZI8FuJWDgo.roa
File: RG5ExuxEx_tOLs2Y6ZI8FuJWDgo.roa (raw, json)
Hash identifier: FRnmqq/jUkLdKdJneUJA81f0dQxUZXC/tMsEfBXr1I4=
Subject key identifier: 44:6E:44:C6:EC:44:C7:FB:4E:2E:CD:98:E9:92:3C:16:E2:56:0E:0A
Certificate issuer: /CN=8110149fd12130b3cdcf35862b0dcdb98a9471c9
Certificate serial: 018CC5DBFA592D2AA386CAAAE0B2A1A84E0C
Authority key identifier: 81:10:14:9F:D1:21:30:B3:CD:CF:35:86:2B:0D:CD:B9:8A:94:71:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gRAUn9EhMLPNzzWGKw3NuYqUcck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/RG5ExuxEx_tOLs2Y6ZI8FuJWDgo.roa
Signing time: Mon 01 Jan 2024 16:29:37 +0000
ROA not before: Mon 01 Jan 2024 16:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8560
IP address blocks: 217.73.68.0/24 maxlen: 24
217.73.70.0/24 maxlen: 24
217.73.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 12:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fa:59:2d:2a:a3:86:ca:aa:e0:b2:a1:a8:4e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8110149fd12130b3cdcf35862b0dcdb98a9471c9
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=446e44c6ec44c7fb4e2ecd98e9923c16e2560e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:fa:83:01:ad:dd:1a:43:09:2f:2d:a9:8b:
50:b1:1f:0a:87:b2:f6:51:2e:ca:a5:6c:52:a8:56:
94:ec:6b:83:6b:61:14:86:7f:95:08:b7:24:36:92:
f6:cb:13:68:80:42:20:65:20:f4:ef:ed:aa:19:93:
4a:20:2a:ca:af:59:b9:02:38:98:f8:2c:ac:93:cc:
cd:76:a4:a0:2c:60:52:99:7f:22:ff:40:0b:92:52:
36:cf:80:c4:4a:49:1b:a7:38:88:44:d9:c3:82:ef:
2a:83:10:89:b2:c4:1c:b9:12:87:27:db:f1:5d:4d:
e4:a5:50:77:b0:51:62:92:36:d1:4e:79:3d:27:96:
c9:fb:f5:90:c8:0c:20:df:54:33:65:0b:a8:35:bb:
5c:ef:dd:19:d0:69:87:d6:d0:3a:19:ff:42:fa:72:
22:96:ab:a4:04:66:58:43:71:76:fc:41:66:7b:f4:
f8:75:9d:f6:ee:0b:4d:c5:8d:fd:8c:25:0f:75:cf:
a4:bd:88:c7:4a:74:d5:19:fe:eb:0a:62:87:44:03:
43:70:a5:49:60:38:86:39:18:5b:4d:ee:58:9d:5a:
f0:fd:11:cd:00:96:59:ed:2a:53:1e:9c:d2:cc:2e:
40:b0:b1:19:8c:41:38:35:46:16:4c:61:95:92:2f:
ca:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:6E:44:C6:EC:44:C7:FB:4E:2E:CD:98:E9:92:3C:16:E2:56:0E:0A
X509v3 Authority Key Identifier:
keyid:81:10:14:9F:D1:21:30:B3:CD:CF:35:86:2B:0D:CD:B9:8A:94:71:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gRAUn9EhMLPNzzWGKw3NuYqUcck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/RG5ExuxEx_tOLs2Y6ZI8FuJWDgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/gRAUn9EhMLPNzzWGKw3NuYqUcck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.73.68.0-217.73.70.255
Signature Algorithm: sha256WithRSAEncryption
64:9d:33:31:21:fb:1d:d4:d7:b0:ff:f4:83:07:d1:90:fe:6a:
c2:4b:90:e2:1b:6a:c7:42:10:97:a1:0d:8f:c6:d4:94:c6:cd:
a4:aa:c4:d7:8e:4f:86:05:66:94:7c:5b:2e:a2:df:6f:e1:1d:
e3:93:87:e7:49:e8:ff:c4:4b:10:47:65:04:14:f9:41:89:e6:
5e:8e:46:26:73:80:c6:13:45:7e:91:de:40:bf:69:eb:1d:23:
44:02:41:66:21:03:dd:be:d3:5c:6c:19:7f:6a:f4:aa:8b:dd:
58:a8:e5:cb:11:a5:b1:a6:55:78:81:a4:19:e7:42:9f:af:c4:
cc:34:e4:55:9a:3f:5e:c4:62:e7:28:a5:1c:99:84:dc:f1:f7:
f6:15:c0:2f:0e:d5:02:10:23:5c:81:00:a5:b2:5d:18:02:88:
35:04:19:0c:71:b0:b1:ca:88:e3:35:14:9b:d2:49:58:71:09:
18:8e:2b:68:8f:f4:fd:ac:60:35:1f:2f:7a:35:e5:7a:93:dd:
40:3c:a1:22:57:11:91:6d:d0:f7:34:f6:01:74:a8:78:9f:3f:
67:4b:0c:b8:7f:e3:b0:43:9a:a6:28:e9:3e:1f:e9:9f:9e:42:
e3:0c:8a:6b:86:c2:86:e7:eb:75:20:2e:15:c0:29:37:ce:fe:
90:11:f7:d4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzF2/pZLSqjhsqq4LKhqE4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMTAxNDlmZDEyMTMwYjNjZGNmMzU4NjJiMGRjZGI5OGE5
NDcxYzkwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDZlNDRjNmVjNDRjN2ZiNGUyZWNkOThlOTkyM2MxNmUyNTYwZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsf6gwGt3RpDCS8tqYtQsR8Kh7L2
US7KpWxSqFaU7GuDa2EUhn+VCLckNpL2yxNogEIgZSD07+2qGZNKICrKr1m5AjiY
+Cysk8zNdqSgLGBSmX8i/0ALklI2z4DESkkbpziIRNnDgu8qgxCJssQcuRKHJ9vx
XU3kpVB3sFFikjbRTnk9J5bJ+/WQyAwg31QzZQuoNbtc790Z0GmH1tA6Gf9C+nIi
lqukBGZYQ3F2/EFme/T4dZ327gtNxY39jCUPdc+kvYjHSnTVGf7rCmKHRANDcKVJ
YDiGORhbTe5YnVrw/RHNAJZZ7SpTHpzSzC5AsLEZjEE4NUYWTGGVki/KRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFERuRMbsRMf7Ti7NmOmSPBbiVg4KMB8GA1UdIwQY
MBaAFIEQFJ/RITCzzc81hisNzbmKlHHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1JBVW45RWhNTFBOenpXR0t3M051WXFVY2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80OGRiMTAtM2JhOC00ZTgwLWIzZGMt
YWIzMWVhY2JmZmNhLzEvUkc1RXh1eEV4X3RPTHMyWTZaSThGdUpXRGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80OGRiMTAtM2JhOC00ZTgwLWIzZGMtYWIzMWVhY2JmZmNh
LzEvZ1JBVW45RWhNTFBOenpXR0t3M051WXFVY2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALZSUQD
BADZSUYwDQYJKoZIhvcNAQELBQADggEBAGSdMzEh+x3U17D/9IMH0ZD+asJLkOIb
asdCEJehDY/G1JTGzaSqxNeOT4YFZpR8Wy6i32/hHeOTh+dJ6P/ESxBHZQQU+UGJ
5l6ORiZzgMYTRX6R3kC/aesdI0QCQWYhA92+01xsGX9q9KqL3Vio5csRpbGmVXiB
pBnnQp+vxMw05FWaP17EYucopRyZhNzx9/YVwC8O1QIQI1yBAKWyXRgCiDUEGQxx
sLHKiOM1FJvSSVhxCRiOK2iP9P2sYDUfL3o15XqT3UA8oSJXEZFt0Pc09gF0qHif
P2dLDLh/47BDmqYo6T4f6Z+eQuMMimuGwobn63UgLhXAKTfO/pAR99Q=
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:11:53 2025 by rpki-client