Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/d7zP9TXfrYF8qpX4UXTcUvueTHE.roa
File: d7zP9TXfrYF8qpX4UXTcUvueTHE.roa (raw, json)
Hash identifier: GnYMOHRGczz6/viIUbQSMhrcurPwvtFIAB5OI91eVOA=
Subject key identifier: 77:BC:CF:F5:35:DF:AD:81:7C:AA:95:F8:51:74:DC:52:FB:9E:4C:71
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E0BAC850E8819E27C246D1DA03BE6
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/d7zP9TXfrYF8qpX4UXTcUvueTHE.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27717
IP address blocks: 217.26.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0b:ac:85:0e:88:19:e2:7c:24:6d:1d:a0:3b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77bccff535dfad817caa95f85174dc52fb9e4c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a6:67:7f:45:6a:4d:c6:5c:a3:f4:cd:42:4c:
5f:cc:5a:35:8e:12:72:1a:dd:65:05:0d:c5:58:00:
11:b7:36:28:31:dd:1a:b7:4f:ca:16:9a:51:1d:00:
ec:38:e8:24:b4:43:1a:2c:75:86:c7:18:11:7f:7e:
96:2c:04:d2:f0:05:69:89:69:c4:dc:c5:db:5e:85:
71:19:f5:75:26:bf:eb:a8:76:6d:23:71:f7:cc:f4:
ca:e0:bc:6f:01:f9:c5:e3:39:61:49:35:5b:c9:11:
b6:b5:90:55:eb:2a:c7:a4:f5:a6:a5:54:97:ef:08:
7c:23:69:57:1b:fc:a9:45:15:d1:c7:1a:43:29:36:
dd:97:06:7c:bc:5c:2b:f5:18:84:00:e2:b6:46:c4:
50:8a:33:d8:67:7e:77:c8:df:2f:25:e2:9f:01:b6:
03:0b:2b:83:a8:1d:cf:bd:b8:04:bf:ae:c2:b0:cf:
be:59:de:d5:78:17:37:80:b8:3d:94:54:f4:63:6b:
02:c6:5c:df:c6:51:d4:07:be:a9:8d:6f:9f:07:79:
9b:63:f6:77:19:a2:47:20:e3:fa:85:7b:e4:60:b8:
83:6e:16:08:b1:54:e4:fa:15:cc:0a:3b:c0:29:6d:
19:68:85:ac:42:5a:84:d2:2c:76:f0:10:f8:b9:ea:
0d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BC:CF:F5:35:DF:AD:81:7C:AA:95:F8:51:74:DC:52:FB:9E:4C:71
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/d7zP9TXfrYF8qpX4UXTcUvueTHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:58:ef:89:4e:65:9b:be:e4:e7:2f:ac:aa:e1:8c:0b:4c:0a:
bd:60:7a:2b:5d:17:8a:11:72:a8:ca:b6:ba:ac:82:67:80:d7:
1a:fb:8b:02:c5:1b:ee:81:67:ff:b8:ff:f3:b6:f1:9f:da:2d:
36:4a:2f:e4:96:fa:79:8a:45:0f:81:52:39:08:11:e5:75:63:
df:ef:6d:f8:aa:e1:1f:dd:12:cb:a1:bd:0b:30:81:aa:6f:c5:
4b:99:a6:7a:0d:5d:dc:4f:1e:90:6a:b6:76:5a:a1:f6:6c:9b:
34:46:60:78:ce:b5:d7:1b:2c:a2:38:0f:67:48:69:6a:79:9e:
7e:e4:e5:a6:1b:85:9e:f6:43:28:78:98:ee:94:01:b1:82:ea:
f9:27:fb:08:8c:32:b5:2e:75:aa:db:43:3e:75:c1:10:07:06:
3f:61:2d:38:0a:54:67:82:9d:0c:99:c7:65:d0:b1:17:0d:f3:
ca:79:da:45:a6:33:50:a7:16:5e:69:3a:b8:73:2e:bd:80:05:
d4:b4:8f:f0:b6:ec:62:02:4f:18:70:7e:2d:93:83:56:85:5c:
b1:a5:d1:af:31:bb:20:3c:a7:f1:ef:9c:ae:fd:a2:6f:03:5a:
85:46:26:62:41:85:6d:d5:2c:92:94:2e:5b:1e:ff:74:57:fd:
9e:ff:0a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbgushQ6IGeJ8JG0doDvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JjY2ZmNTM1ZGZhZDgxN2NhYTk1Zjg1MTc0ZGM1MmZiOWU0YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqZnf0VqTcZco/TNQkxfzFo1jhJy
Gt1lBQ3FWAARtzYoMd0at0/KFppRHQDsOOgktEMaLHWGxxgRf36WLATS8AVpiWnE
3MXbXoVxGfV1Jr/rqHZtI3H3zPTK4LxvAfnF4zlhSTVbyRG2tZBV6yrHpPWmpVSX
7wh8I2lXG/ypRRXRxxpDKTbdlwZ8vFwr9RiEAOK2RsRQijPYZ353yN8vJeKfAbYD
CyuDqB3PvbgEv67CsM++Wd7VeBc3gLg9lFT0Y2sCxlzfxlHUB76pjW+fB3mbY/Z3
GaJHIOP6hXvkYLiDbhYIsVTk+hXMCjvAKW0ZaIWsQlqE0ix28BD4ueoNtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHe8z/U1362BfKqV+FF03FL7nkxxMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZDd6UDlUWGZyWUY4cXBYNFVYVGNVdnVlVEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Rq/MA0G
CSqGSIb3DQEBCwUAA4IBAQAPWO+JTmWbvuTnL6yq4YwLTAq9YHorXReKEXKoyra6
rIJngNca+4sCxRvugWf/uP/ztvGf2i02Si/klvp5ikUPgVI5CBHldWPf7234quEf
3RLLob0LMIGqb8VLmaZ6DV3cTx6QarZ2WqH2bJs0RmB4zrXXGyyiOA9nSGlqeZ5+
5OWmG4We9kMoeJjulAGxgur5J/sIjDK1LnWq20M+dcEQBwY/YS04ClRngp0Mmcdl
0LEXDfPKedpFpjNQpxZeaTq4cy69gAXUtI/wtuxiAk8YcH4tk4NWhVyxpdGvMbsg
PKfx75yu/aJvA1qFRiZiQYVt1SySlC5bHv90V/2e/wqN
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:24:08 2025 by rpki-client