Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/8PcZz94iXk1aLZvA13kMCAQjfwA.roa
File: 8PcZz94iXk1aLZvA13kMCAQjfwA.roa (raw, json)
Hash identifier: bfXIUqbQX+J4nD+kHa4NFcxw7k0uT1DT2WLku6ME0EU=
Subject key identifier: F0:F7:19:CF:DE:22:5E:4D:5A:2D:9B:C0:D7:79:0C:08:04:23:7F:00
Certificate issuer: /CN=0bfe2b273837db41666d68a97bc7ac37dcc96f20
Certificate serial: 0190FAF3433C0014B6AD9C80430E957FAADC
Authority key identifier: 0B:FE:2B:27:38:37:DB:41:66:6D:68:A9:7B:C7:AC:37:DC:C9:6F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_4rJzg320FmbWipe8esN9zJbyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/8PcZz94iXk1aLZvA13kMCAQjfwA.roa
Signing time: Sun 28 Jul 2024 20:06:04 +0000
ROA not before: Sun 28 Jul 2024 20:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42013
IP address blocks: 217.147.0.0/22 maxlen: 22
217.147.0.0/24 maxlen: 24
217.147.1.0/24 maxlen: 24
217.147.2.0/24 maxlen: 24
217.147.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 16:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fa:f3:43:3c:00:14:b6:ad:9c:80:43:0e:95:7f:aa:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bfe2b273837db41666d68a97bc7ac37dcc96f20
Validity
Not Before: Jul 28 20:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0f719cfde225e4d5a2d9bc0d7790c0804237f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:a4:2b:cd:e9:3d:da:a0:90:77:6b:3d:dd:
88:66:4f:1c:dc:a2:b9:38:59:8d:29:a8:8f:8e:18:
72:ba:76:1d:ca:dc:db:28:8e:ef:a9:31:a0:d2:45:
c7:68:33:e8:7f:a7:38:90:ea:e0:60:aa:32:ef:41:
7e:76:dd:e8:94:07:dd:18:18:4d:df:65:4f:93:5e:
a1:2a:32:5f:50:73:65:16:f7:8a:f7:88:9c:d8:d8:
5a:87:ce:1e:05:6e:11:e5:46:84:33:a8:26:93:7a:
c0:42:f3:fb:62:46:f3:63:d9:02:68:0c:44:5e:42:
f2:dc:87:66:33:73:5e:0f:2e:e2:7a:e3:3d:62:74:
cb:28:ad:e4:1c:1c:59:55:96:ba:dd:a6:40:4a:7f:
28:f6:b4:10:79:e9:c4:ab:98:e8:71:d3:1d:60:84:
ca:92:c2:31:4c:46:da:29:d1:28:b7:a0:83:da:30:
89:f9:fd:f7:b2:78:f9:72:79:b9:f5:b8:54:53:22:
a8:53:e7:92:ee:cf:77:8d:51:70:bb:93:b1:1b:94:
48:06:90:36:ce:47:f3:3d:88:6b:92:66:b4:56:ff:
54:74:21:d7:35:67:d7:7e:77:3f:b8:6b:05:36:cd:
19:6d:16:3b:48:9f:36:fc:b0:c8:70:d6:84:77:51:
7a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F7:19:CF:DE:22:5E:4D:5A:2D:9B:C0:D7:79:0C:08:04:23:7F:00
X509v3 Authority Key Identifier:
keyid:0B:FE:2B:27:38:37:DB:41:66:6D:68:A9:7B:C7:AC:37:DC:C9:6F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_4rJzg320FmbWipe8esN9zJbyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/8PcZz94iXk1aLZvA13kMCAQjfwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/C_4rJzg320FmbWipe8esN9zJbyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.0.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:4f:5e:aa:1f:03:6e:37:5e:b6:59:c9:4a:4b:6b:ab:5e:c8:
33:71:1c:51:45:8b:15:15:f7:52:1b:8f:4d:fb:3f:dc:f5:30:
79:61:c6:d7:55:9a:4f:77:ee:85:d0:c8:56:b4:5a:a7:f8:a4:
da:90:aa:b9:60:74:ba:26:83:e4:08:b4:c3:5e:e5:98:f3:02:
2b:99:ef:88:df:6a:bd:7d:32:fd:75:bf:66:e6:f8:2b:bc:81:
aa:43:7f:5b:14:f6:e4:8d:d2:48:9f:c3:29:74:bb:14:85:74:
02:78:29:3c:cd:8d:f3:fa:73:f5:88:6d:bf:f9:1a:bf:7f:a6:
8b:b2:c1:a3:ea:4a:d2:fd:c1:cc:68:db:9b:1b:3b:3b:41:a9:
94:7a:b7:c5:f0:0a:a4:6f:dd:01:4e:f5:53:0d:50:46:49:ec:
c8:c5:69:40:61:fb:93:5e:e1:91:1b:24:48:88:02:83:d5:ec:
55:fa:d3:4c:e6:0d:b6:67:97:a2:b1:62:d6:55:7f:ba:c9:dc:
5d:0b:61:f3:39:b8:20:ab:21:28:90:25:92:41:07:b8:78:18:
e0:df:2b:88:70:86:de:3e:5a:c1:1f:f2:c2:f4:d1:43:80:1c:
16:72:07:9f:b3:00:66:4c:f7:c7:4c:0f:20:3d:db:db:a5:6a:
98:be:cc:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZD680M8ABS2rZyAQw6Vf6rcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmUyYjI3MzgzN2RiNDE2NjZkNjhhOTdiYzdhYzM3ZGNj
OTZmMjAwHhcNMjQwNzI4MjAwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGY3MTljZmRlMjI1ZTRkNWEyZDliYzBkNzc5MGMwODA0MjM3ZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqikK83pPdqgkHdrPd2IZk8c3KK5
OFmNKaiPjhhyunYdytzbKI7vqTGg0kXHaDPof6c4kOrgYKoy70F+dt3olAfdGBhN
32VPk16hKjJfUHNlFveK94ic2Nhah84eBW4R5UaEM6gmk3rAQvP7YkbzY9kCaAxE
XkLy3IdmM3NeDy7ieuM9YnTLKK3kHBxZVZa63aZASn8o9rQQeenEq5jocdMdYITK
ksIxTEbaKdEot6CD2jCJ+f33snj5cnm59bhUUyKoU+eS7s93jVFwu5OxG5RIBpA2
zkfzPYhrkma0Vv9UdCHXNWfXfnc/uGsFNs0ZbRY7SJ82/LDIcNaEd1F63QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPD3Gc/eIl5NWi2bwNd5DAgEI38AMB8GA1UdIwQY
MBaAFAv+Kyc4N9tBZm1oqXvHrDfcyW8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ180ckp6ZzMyMEZtYldpcGU4ZXNOOXpKYnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mZWI5MjctN2E4My00MDNhLWExYzEt
ZWIxZTkxNjQ0ZjJkLzEvOFBjWno5NGlYazFhTFp2QTEza01DQVFqZndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mZWI5MjctN2E4My00MDNhLWExYzEtZWIxZTkxNjQ0ZjJk
LzEvQ180ckp6ZzMyMEZtYldpcGU4ZXNOOXpKYnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZMAMA0G
CSqGSIb3DQEBCwUAA4IBAQBLT16qHwNuN162WclKS2urXsgzcRxRRYsVFfdSG49N
+z/c9TB5YcbXVZpPd+6F0MhWtFqn+KTakKq5YHS6JoPkCLTDXuWY8wIrme+I32q9
fTL9db9m5vgrvIGqQ39bFPbkjdJIn8MpdLsUhXQCeCk8zY3z+nP1iG2/+Rq/f6aL
ssGj6krS/cHMaNubGzs7QamUerfF8Aqkb90BTvVTDVBGSezIxWlAYfuTXuGRGyRI
iAKD1exV+tNM5g22Z5eisWLWVX+6ydxdC2HzObggqyEokCWSQQe4eBjg3yuIcIbe
PlrBH/LC9NFDgBwWcgefswBmTPfHTA8gPdvbpWqYvsy1
-----END CERTIFICATE-----
Generated at Sun Sep 22 19:35:19 2024 by rpki-client on console-fra.rpki-client.org