Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d34378-7da4-4233-9522-54eb7c07aac4/1/Ba8ANupTJhKBfLQDPmknm9kK8Vo.roa
File: Ba8ANupTJhKBfLQDPmknm9kK8Vo.roa (raw, json)
Hash identifier: On1sesPxLfbNpEYutec/sR4wu6z4CP6eWAcKVwicoR0=
Subject key identifier: 05:AF:00:36:EA:53:26:12:81:7C:B4:03:3E:69:27:9B:D9:0A:F1:5A
Certificate issuer: /CN=811100ee46bf67a8495e8d356356966a8d2f7e65
Certificate serial: 018570F06D335C08CD26B12FCE4E6B44BD54
Authority key identifier: 81:11:00:EE:46:BF:67:A8:49:5E:8D:35:63:56:96:6A:8D:2F:7E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gREA7ka_Z6hJXo01Y1aWao0vfmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d34378-7da4-4233-9522-54eb7c07aac4/1/Ba8ANupTJhKBfLQDPmknm9kK8Vo.roa
Signing time: Mon 02 Jan 2023 05:24:42 +0000
ROA not before: Mon 02 Jan 2023 05:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 217.114.44.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:6d:33:5c:08:cd:26:b1:2f:ce:4e:6b:44:bd:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=811100ee46bf67a8495e8d356356966a8d2f7e65
Validity
Not Before: Jan 2 05:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05af0036ea532612817cb4033e69279bd90af15a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:61:fe:e2:c7:6a:0a:7a:56:7b:de:52:8e:
d5:87:05:58:44:41:ea:fd:ca:51:da:1c:a7:11:1a:
c9:3d:3b:60:e4:71:97:04:c8:dc:90:f2:86:31:af:
a5:38:e2:99:d0:9a:e8:a0:85:eb:c6:08:17:eb:48:
7b:07:37:d5:65:d4:a1:f2:9a:00:a5:eb:14:7b:1a:
2e:94:c2:41:8c:7d:91:db:e9:b1:42:0f:05:b6:33:
5f:f6:54:80:b2:9c:e0:aa:a8:4e:a1:dc:f6:d0:6f:
25:e8:23:e0:42:c0:a3:ba:26:37:b8:fb:98:ed:cb:
f5:af:c9:8f:bb:64:1d:f4:60:20:d4:46:62:7d:c0:
65:63:05:64:84:fb:8d:fc:24:4d:91:30:c3:10:60:
51:81:81:60:78:38:13:7b:f4:4b:cf:47:eb:4d:df:
9b:0f:b1:7d:0e:2d:6d:65:21:71:13:9e:86:b2:36:
b4:cb:de:3a:83:22:e4:54:5e:ab:39:65:c1:d2:d5:
52:3b:6e:70:f5:56:9a:7e:2b:a6:8b:0e:d1:32:73:
39:2a:9d:ec:7c:40:82:89:c0:db:63:a9:ff:71:eb:
35:50:d9:d9:36:c2:0e:b9:04:99:71:dd:c4:f6:76:
38:01:09:3d:7e:d7:11:1f:49:36:20:79:d3:79:4a:
4a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AF:00:36:EA:53:26:12:81:7C:B4:03:3E:69:27:9B:D9:0A:F1:5A
X509v3 Authority Key Identifier:
keyid:81:11:00:EE:46:BF:67:A8:49:5E:8D:35:63:56:96:6A:8D:2F:7E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gREA7ka_Z6hJXo01Y1aWao0vfmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d34378-7da4-4233-9522-54eb7c07aac4/1/Ba8ANupTJhKBfLQDPmknm9kK8Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d34378-7da4-4233-9522-54eb7c07aac4/1/gREA7ka_Z6hJXo01Y1aWao0vfmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.44.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a4:c2:b3:65:94:07:5b:86:46:0e:6c:14:a8:7b:88:7d:1d:
27:20:ef:43:5a:91:bf:66:9b:3c:75:60:59:dd:b9:a4:09:25:
37:cf:37:77:1c:f8:8b:24:03:81:33:58:e6:a0:e0:79:fc:73:
ae:5c:a6:f1:c6:86:e4:c2:bb:cd:c5:a0:38:3a:6a:0c:89:63:
14:10:bf:c6:89:66:48:db:7e:d0:10:c4:ee:8b:64:47:05:90:
71:a7:4d:14:3d:29:ed:b7:c8:b4:1c:65:5f:cd:77:2f:2a:ed:
e8:86:0d:0f:10:75:08:70:5e:3a:7b:86:d7:08:9b:b6:b9:cc:
64:5d:cb:76:6e:ab:d7:10:65:2b:ad:0f:72:c4:a7:f5:9d:a2:
5a:77:0f:68:b0:a3:a7:64:8e:1e:fa:8a:44:9f:9e:21:f1:c8:
6a:47:f1:de:e5:4f:d2:9e:b5:6a:51:78:44:73:93:e1:22:c0:
9c:e3:89:4a:47:0d:15:c8:a6:6b:fe:b8:a9:f6:db:08:82:e7:
6d:19:b4:2e:52:2a:30:dc:df:86:54:38:4f:66:7d:e2:7b:a8:
84:8d:4c:64:85:f3:ab:62:c1:17:1f:36:ce:81:bf:20:35:99:
93:49:5a:3d:43:35:70:39:5d:a3:4c:a3:c1:bd:50:89:5c:1c:
31:32:39:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8G0zXAjNJrEvzk5rRL1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMTEwMGVlNDZiZjY3YTg0OTVlOGQzNTYzNTY5NjZhOGQy
ZjdlNjUwHhcNMjMwMTAyMDUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFmMDAzNmVhNTMyNjEyODE3Y2I0MDMzZTY5Mjc5YmQ5MGFmMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYlh/uLHagp6VnveUo7VhwVYREHq
/cpR2hynERrJPTtg5HGXBMjckPKGMa+lOOKZ0JrooIXrxggX60h7BzfVZdSh8poA
pesUexoulMJBjH2R2+mxQg8FtjNf9lSAspzgqqhOodz20G8l6CPgQsCjuiY3uPuY
7cv1r8mPu2Qd9GAg1EZifcBlYwVkhPuN/CRNkTDDEGBRgYFgeDgTe/RLz0frTd+b
D7F9Di1tZSFxE56Gsja0y946gyLkVF6rOWXB0tVSO25w9Vaafiumiw7RMnM5Kp3s
fECCicDbY6n/ces1UNnZNsIOuQSZcd3E9nY4AQk9ftcRH0k2IHnTeUpKfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWvADbqUyYSgXy0Az5pJ5vZCvFaMB8GA1UdIwQY
MBaAFIERAO5Gv2eoSV6NNWNWlmqNL35lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1JFQTdrYV9aNmhKWG8wMVkxYVdhbzB2Zm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kMzQzNzgtN2RhNC00MjMzLTk1MjIt
NTRlYjdjMDdhYWM0LzEvQmE4QU51cFRKaEtCZkxRRFBta25tOWtLOFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kMzQzNzgtN2RhNC00MjMzLTk1MjItNTRlYjdjMDdhYWM0
LzEvZ1JFQTdrYV9aNmhKWG8wMVkxYVdhbzB2Zm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIsMA0G
CSqGSIb3DQEBCwUAA4IBAQCMpMKzZZQHW4ZGDmwUqHuIfR0nIO9DWpG/Zps8dWBZ
3bmkCSU3zzd3HPiLJAOBM1jmoOB5/HOuXKbxxobkwrvNxaA4OmoMiWMUEL/GiWZI
237QEMTui2RHBZBxp00UPSntt8i0HGVfzXcvKu3ohg0PEHUIcF46e4bXCJu2ucxk
Xct2bqvXEGUrrQ9yxKf1naJadw9osKOnZI4e+opEn54h8chqR/He5U/SnrVqUXhE
c5PhIsCc44lKRw0VyKZr/rip9tsIgudtGbQuUiow3N+GVDhPZn3ie6iEjUxkhfOr
YsEXHzbOgb8gNZmTSVo9QzVwOV2jTKPBvVCJXBwxMjn+
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:40 2024 by rpki-client on console-fra.rpki-client.org