Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/yW96QKRxeaf9iP6oFxYAhK5ilO0.roa
File: yW96QKRxeaf9iP6oFxYAhK5ilO0.roa (raw, json)
Hash identifier: EzGGS6gsNFVts6a/JB7wy9uP43bfWLfrFdkLks4+cBo=
Subject key identifier: C9:6F:7A:40:A4:71:79:A7:FD:88:FE:A8:17:16:00:84:AE:62:94:ED
Certificate issuer: /CN=0bfe2b273837db41666d68a97bc7ac37dcc96f20
Certificate serial: 0193D39D524C8F80849E5656521C83CA005C
Authority key identifier: 0B:FE:2B:27:38:37:DB:41:66:6D:68:A9:7B:C7:AC:37:DC:C9:6F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_4rJzg320FmbWipe8esN9zJbyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/yW96QKRxeaf9iP6oFxYAhK5ilO0.roa
Signing time: Tue 17 Dec 2024 07:55:22 +0000
ROA not before: Tue 17 Dec 2024 07:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210116
IP address blocks: 217.147.2.0/24 maxlen: 24
217.147.2.0/25 maxlen: 25
217.147.2.128/25 maxlen: 25
217.147.3.0/24 maxlen: 24
2a0e:dcc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:9d:52:4c:8f:80:84:9e:56:56:52:1c:83:ca:00:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bfe2b273837db41666d68a97bc7ac37dcc96f20
Validity
Not Before: Dec 17 07:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c96f7a40a47179a7fd88fea817160084ae6294ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9e:4c:19:47:e4:28:1d:2d:4c:7e:4f:25:98:
cd:f0:ff:0c:d0:69:b2:89:9c:84:f1:12:67:2c:81:
3d:09:b6:6f:44:3c:55:23:ca:26:06:4e:53:89:c5:
26:79:a6:df:c5:a6:50:df:a9:f7:7a:76:2e:58:cb:
7b:47:8a:91:97:2b:13:ec:61:09:58:c7:f6:9b:14:
b7:ff:52:c2:7e:0e:48:15:d6:b6:7f:02:5d:70:32:
da:64:33:95:7e:b9:76:e7:04:48:16:a8:3e:90:fb:
79:73:c6:be:c3:ae:8f:5e:b4:47:cb:c4:4c:d9:7e:
12:32:d8:11:c7:0e:3c:05:9f:8d:c1:d5:25:12:8d:
15:fd:ca:89:4a:e5:41:8f:78:33:2b:4f:91:9f:81:
9d:b3:85:7f:21:a1:90:16:d9:88:70:c8:7e:52:fd:
b1:e4:35:5d:5b:d7:3c:1f:54:2b:9a:9b:cf:b4:64:
ed:55:7d:29:7b:b0:f1:3e:be:e3:ab:7b:df:84:e7:
ff:c8:cb:dd:e0:5e:e7:fd:ef:fc:f9:39:39:81:ac:
32:fc:29:d1:2b:58:80:57:47:cd:e7:57:61:f9:71:
fa:e2:75:0e:11:12:80:0b:0b:f4:62:d9:37:6b:f0:
e2:43:dd:72:08:04:a7:25:31:6f:69:a7:9c:38:cc:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6F:7A:40:A4:71:79:A7:FD:88:FE:A8:17:16:00:84:AE:62:94:ED
X509v3 Authority Key Identifier:
keyid:0B:FE:2B:27:38:37:DB:41:66:6D:68:A9:7B:C7:AC:37:DC:C9:6F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_4rJzg320FmbWipe8esN9zJbyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/yW96QKRxeaf9iP6oFxYAhK5ilO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/feb927-7a83-403a-a1c1-eb1e91644f2d/1/C_4rJzg320FmbWipe8esN9zJbyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.2.0/23
IPv6:
2a0e:dcc0::/29
Signature Algorithm: sha256WithRSAEncryption
07:0e:a5:0b:8d:dc:32:0c:14:3e:a3:ed:69:44:09:9a:7d:ba:
c3:ab:60:50:e3:fa:31:3b:f3:c3:84:1e:aa:02:a0:30:80:6a:
30:b4:e3:d8:31:53:cd:58:3e:4b:61:d9:be:63:bc:10:2a:7c:
1e:1f:cf:05:f6:9d:3b:4f:88:71:73:35:a5:cb:47:d1:ee:cb:
8e:88:d6:55:ef:11:1d:9c:ce:ab:be:b0:a1:f8:89:94:b9:ed:
04:65:68:ac:6f:0f:12:92:f2:dc:fc:cf:ae:55:23:c5:5d:49:
45:e2:ce:b7:f3:36:c3:e8:47:19:85:20:b5:c5:00:2a:3a:84:
d8:32:eb:97:93:d1:a5:91:15:b7:aa:18:28:de:26:16:f2:ac:
3d:ae:4a:eb:14:62:c0:5c:aa:d0:bd:51:9a:2e:9b:25:2e:ad:
ff:57:11:8f:db:f1:38:99:83:ff:97:a8:20:ed:c0:82:c5:e0:
83:9f:52:df:89:82:a9:f9:93:12:d0:b3:ef:ec:57:bd:b0:d3:
d8:8e:51:fe:8e:f3:7b:9b:2f:d2:a7:f5:a0:7e:9f:da:11:be:
06:77:da:5a:15:0a:59:fa:77:53:84:d4:3d:ae:c8:12:1c:72:
92:21:42:c9:3a:7a:f0:30:77:df:1b:06:35:43:8d:97:d0:09:
5c:ca:60:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPTnVJMj4CEnlZWUhyDygBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmUyYjI3MzgzN2RiNDE2NjZkNjhhOTdiYzdhYzM3ZGNj
OTZmMjAwHhcNMjQxMjE3MDc1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZmN2E0MGE0NzE3OWE3ZmQ4OGZlYTgxNzE2MDA4NGFlNjI5NGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz55MGUfkKB0tTH5PJZjN8P8M0Gmy
iZyE8RJnLIE9CbZvRDxVI8omBk5TicUmeabfxaZQ36n3enYuWMt7R4qRlysT7GEJ
WMf2mxS3/1LCfg5IFda2fwJdcDLaZDOVfrl25wRIFqg+kPt5c8a+w66PXrRHy8RM
2X4SMtgRxw48BZ+NwdUlEo0V/cqJSuVBj3gzK0+Rn4Gds4V/IaGQFtmIcMh+Uv2x
5DVdW9c8H1QrmpvPtGTtVX0pe7DxPr7jq3vfhOf/yMvd4F7n/e/8+Tk5gawy/CnR
K1iAV0fN51dh+XH64nUOERKACwv0Ytk3a/DiQ91yCASnJTFvaaecOMwqIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlvekCkcXmn/Yj+qBcWAISuYpTtMB8GA1UdIwQY
MBaAFAv+Kyc4N9tBZm1oqXvHrDfcyW8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ180ckp6ZzMyMEZtYldpcGU4ZXNOOXpKYnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mZWI5MjctN2E4My00MDNhLWExYzEt
ZWIxZTkxNjQ0ZjJkLzEveVc5NlFLUnhlYWY5aVA2b0Z4WUFoSzVpbE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mZWI5MjctN2E4My00MDNhLWExYzEtZWIxZTkxNjQ0ZjJk
LzEvQ180ckp6ZzMyMEZtYldpcGU4ZXNOOXpKYnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB2ZMCMA0E
AgACMAcDBQMqDtzAMA0GCSqGSIb3DQEBCwUAA4IBAQAHDqULjdwyDBQ+o+1pRAma
fbrDq2BQ4/oxO/PDhB6qAqAwgGowtOPYMVPNWD5LYdm+Y7wQKnweH88F9p07T4hx
czWly0fR7suOiNZV7xEdnM6rvrCh+ImUue0EZWisbw8SkvLc/M+uVSPFXUlF4s63
8zbD6EcZhSC1xQAqOoTYMuuXk9GlkRW3qhgo3iYW8qw9rkrrFGLAXKrQvVGaLpsl
Lq3/VxGP2/E4mYP/l6gg7cCCxeCDn1LfiYKp+ZMS0LPv7Fe9sNPYjlH+jvN7my/S
p/Wgfp/aEb4Gd9paFQpZ+ndThNQ9rsgSHHKSIULJOnrwMHffGwY1Q42X0AlcymAE
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:55:40 2025 by rpki-client