Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/Obk4xk5hY2hpTGOHJpcdNCIwLxw.roa
File: Obk4xk5hY2hpTGOHJpcdNCIwLxw.roa (raw, json)
Hash identifier: r14tLjMeyjiAbBiy63lI/ueFRVY4eeA9soHRSxEDJ3o=
Subject key identifier: 39:B9:38:C6:4E:61:63:68:69:4C:63:87:26:97:1D:34:22:30:2F:1C
Certificate issuer: /CN=0bfe2b273837db41666d68a97bc7ac37dcc96f20
Certificate serial: 01921AA75D198B5A0F92AE7B6FBF7CFFA2F9
Authority key identifier: 0B:FE:2B:27:38:37:DB:41:66:6D:68:A9:7B:C7:AC:37:DC:C9:6F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_4rJzg320FmbWipe8esN9zJbyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/Obk4xk5hY2hpTGOHJpcdNCIwLxw.roa
Signing time: Sun 22 Sep 2024 16:53:48 +0000
ROA not before: Sun 22 Sep 2024 16:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210116
IP address blocks: 217.147.2.0/24 maxlen: 24
217.147.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 07:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1a:a7:5d:19:8b:5a:0f:92:ae:7b:6f:bf:7c:ff:a2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bfe2b273837db41666d68a97bc7ac37dcc96f20
Validity
Not Before: Sep 22 16:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39b938c64e616368694c638726971d3422302f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2e:0b:cf:8d:ac:fb:a8:e6:f4:80:f8:87:af:
9d:6a:8f:1a:3b:c1:98:2e:ec:97:8a:22:0a:e5:3c:
c6:e7:e9:c7:a3:e2:85:7d:58:0c:21:1a:53:70:ce:
9b:48:5d:1e:c2:64:a4:1d:11:ab:0f:ee:fb:94:d5:
18:81:4f:64:83:d5:33:2e:d7:87:72:a3:de:b7:6a:
f8:be:53:2c:6b:12:3e:fa:96:76:31:15:86:9b:c1:
96:c4:ed:1d:23:83:c7:78:b9:aa:80:d8:ba:01:33:
f1:39:5c:12:50:be:3f:b3:d0:34:25:cf:f7:1c:d2:
14:28:72:af:0e:58:ad:2a:32:42:10:e9:ed:e1:04:
df:80:0b:49:48:e8:05:db:f0:ac:07:0f:60:2c:f5:
29:aa:9b:19:76:24:0b:8a:67:a8:af:67:01:08:15:
17:51:19:10:da:3e:1b:d5:06:1a:43:d2:12:9d:4e:
c8:a0:c5:5b:b0:43:ae:0f:ce:f8:ad:4a:b9:ff:01:
70:b9:c7:16:b4:a5:3f:80:7d:d2:3e:8a:82:7c:b6:
5a:07:2c:80:2a:d5:5b:99:de:d1:56:08:b7:ae:67:
6f:08:35:7c:e6:62:2e:34:d0:7d:ad:66:13:ec:43:
0c:0e:fd:75:01:b4:8b:31:b9:17:3a:74:a8:01:6b:
f3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B9:38:C6:4E:61:63:68:69:4C:63:87:26:97:1D:34:22:30:2F:1C
X509v3 Authority Key Identifier:
keyid:0B:FE:2B:27:38:37:DB:41:66:6D:68:A9:7B:C7:AC:37:DC:C9:6F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_4rJzg320FmbWipe8esN9zJbyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/Obk4xk5hY2hpTGOHJpcdNCIwLxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/C_4rJzg320FmbWipe8esN9zJbyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.2.0/23
Signature Algorithm: sha256WithRSAEncryption
91:cc:a5:7a:c7:e3:2c:38:34:0e:b2:0f:7f:8a:65:a1:f0:ba:
f0:57:81:65:85:65:47:51:b8:ac:be:6d:f5:9e:97:c2:4d:2d:
39:0b:40:77:b5:14:47:f6:bc:a4:7c:9a:49:13:62:b3:ec:14:
3b:72:df:13:f7:62:ae:b7:80:c2:93:e6:bf:b4:ff:88:68:8c:
0d:1b:1f:2f:c4:df:e8:65:d6:bf:a8:6d:fb:45:61:1e:24:6d:
5b:a2:7e:5e:80:df:6c:1d:81:97:cc:3e:95:23:ad:a4:5c:e9:
d6:ac:c3:27:bf:9d:6e:3c:6d:11:66:56:f0:ff:f4:1f:0d:dc:
7b:8c:3e:d8:a9:1a:3a:85:54:ef:6e:1c:29:92:7c:a7:f3:03:
7e:95:d9:e5:8f:86:75:ed:9b:6a:6e:cf:fc:a5:3c:8b:be:c2:
2b:4f:e0:e4:43:17:10:9b:f7:fd:a5:6a:7f:32:d3:e6:94:5c:
c5:f2:7c:e4:82:e1:a9:94:6b:08:20:6a:d2:a5:15:4f:c6:e1:
a5:ab:2c:61:2e:4b:33:f8:f5:62:2e:e0:c2:03:f1:3a:fe:f3:
00:69:11:95:63:0b:59:08:fe:c9:5a:0a:1b:29:5a:8b:eb:cd:
d8:ba:1e:fb:1d:f8:62:05:ae:39:6b:55:fb:2b:4e:64:c6:0b:
02:f4:76:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIap10Zi1oPkq57b798/6L5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmUyYjI3MzgzN2RiNDE2NjZkNjhhOTdiYzdhYzM3ZGNj
OTZmMjAwHhcNMjQwOTIyMTY1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI5MzhjNjRlNjE2MzY4Njk0YzYzODcyNjk3MWQzNDIyMzAyZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi4Lz42s+6jm9ID4h6+dao8aO8GY
LuyXiiIK5TzG5+nHo+KFfVgMIRpTcM6bSF0ewmSkHRGrD+77lNUYgU9kg9UzLteH
cqPet2r4vlMsaxI++pZ2MRWGm8GWxO0dI4PHeLmqgNi6ATPxOVwSUL4/s9A0Jc/3
HNIUKHKvDlitKjJCEOnt4QTfgAtJSOgF2/CsBw9gLPUpqpsZdiQLimeor2cBCBUX
URkQ2j4b1QYaQ9ISnU7IoMVbsEOuD874rUq5/wFwuccWtKU/gH3SPoqCfLZaByyA
KtVbmd7RVgi3rmdvCDV85mIuNNB9rWYT7EMMDv11AbSLMbkXOnSoAWvzvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDm5OMZOYWNoaUxjhyaXHTQiMC8cMB8GA1UdIwQY
MBaAFAv+Kyc4N9tBZm1oqXvHrDfcyW8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ180ckp6ZzMyMEZtYldpcGU4ZXNOOXpKYnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mZWI5MjctN2E4My00MDNhLWExYzEt
ZWIxZTkxNjQ0ZjJkLzEvT2JrNHhrNWhZMmhwVEdPSEpwY2ROQ0l3THh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mZWI5MjctN2E4My00MDNhLWExYzEtZWIxZTkxNjQ0ZjJk
LzEvQ180ckp6ZzMyMEZtYldpcGU4ZXNOOXpKYnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZMCMA0G
CSqGSIb3DQEBCwUAA4IBAQCRzKV6x+MsODQOsg9/imWh8LrwV4FlhWVHUbisvm31
npfCTS05C0B3tRRH9rykfJpJE2Kz7BQ7ct8T92Kut4DCk+a/tP+IaIwNGx8vxN/o
Zda/qG37RWEeJG1bon5egN9sHYGXzD6VI62kXOnWrMMnv51uPG0RZlbw//QfDdx7
jD7YqRo6hVTvbhwpknyn8wN+ldnlj4Z17Ztqbs/8pTyLvsIrT+DkQxcQm/f9pWp/
MtPmlFzF8nzkguGplGsIIGrSpRVPxuGlqyxhLksz+PViLuDCA/E6/vMAaRGVYwtZ
CP7JWgobKVqL683Yuh77HfhiBa45a1X7K05kxgsC9HaF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:12 2025 by rpki-client