Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/A_xfTouboD3EBcFaYiu_opjK01o.roa
File: A_xfTouboD3EBcFaYiu_opjK01o.roa (raw, json)
Hash identifier: UKlTYcq8W6ht7WMsSBKSTqtBJcsQ+b7T8gFtN1NJEuM=
Subject key identifier: 03:FC:5F:4E:8B:9B:A0:3D:C4:05:C1:5A:62:2B:BF:A2:98:CA:D3:5A
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 01856C9CB8FFD5084E37530FD332DDBD2D2E
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/A_xfTouboD3EBcFaYiu_opjK01o.roa
Signing time: Sun 01 Jan 2023 09:14:48 +0000
ROA not before: Sun 01 Jan 2023 09:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42000
IP address blocks: 217.11.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:b8:ff:d5:08:4e:37:53:0f:d3:32:dd:bd:2d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Jan 1 09:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03fc5f4e8b9ba03dc405c15a622bbfa298cad35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:36:ac:81:51:81:da:7f:d1:ab:e9:c1:2c:
d0:5a:8b:a0:c6:c2:eb:e6:85:c2:c8:22:01:83:22:
28:8e:5f:94:ea:d5:a7:a4:74:18:db:cb:84:5e:f9:
44:9b:7d:bc:03:d2:8a:d3:6c:81:97:5d:3f:5a:13:
0b:ab:de:2c:b9:3a:ff:89:7b:8b:da:35:7f:a0:a3:
d4:af:41:ed:58:2b:1b:71:63:4a:8f:ed:23:03:72:
10:57:a2:6a:c9:fb:f6:4c:cc:51:ae:5b:fb:34:46:
46:53:f7:2c:84:c3:d0:29:9f:c9:c0:78:d5:25:20:
29:3c:0e:95:99:d9:16:c2:47:c9:6d:d4:5d:f8:a4:
b3:be:c3:fd:c7:83:2e:cf:c8:4d:82:42:10:8b:db:
f5:40:ac:9a:b8:9e:58:19:e0:1b:b7:03:b7:bc:3e:
e2:76:a2:40:b2:c8:4d:04:d2:04:b3:8e:e1:a8:99:
63:21:c4:63:3f:e6:b8:c2:f7:98:17:c1:ac:91:d7:
0f:8a:1a:d1:1b:dc:bd:76:83:b5:17:29:1e:4c:84:
58:ed:ff:7a:33:41:a0:10:6b:d2:df:19:b0:fb:d8:
20:13:88:cd:af:50:dd:8c:8a:d1:cd:02:55:cd:82:
d8:53:49:80:56:64:ac:fe:43:86:8d:ce:22:b8:2a:
a2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FC:5F:4E:8B:9B:A0:3D:C4:05:C1:5A:62:2B:BF:A2:98:CA:D3:5A
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/A_xfTouboD3EBcFaYiu_opjK01o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.245.0/24
Signature Algorithm: sha256WithRSAEncryption
53:5c:51:01:65:d9:f4:22:eb:90:d9:8e:e9:65:f1:19:82:06:
d4:1c:5c:43:8c:25:62:bb:8e:d9:d6:a7:f5:7e:b8:a2:8d:1b:
67:26:fa:97:e9:0f:93:0f:b2:c2:a5:91:98:4d:f0:bf:74:2e:
fd:5c:e4:76:d8:da:57:09:9d:d8:ad:d4:be:94:26:3d:6b:bf:
88:b6:4c:3f:c3:14:0c:73:8f:c4:54:97:02:ba:30:ca:fd:88:
e2:88:58:93:ca:46:c5:ae:d2:1a:75:05:71:5f:24:d7:52:7e:
e3:8c:67:ab:95:ac:8b:23:e4:f0:34:5f:6e:4b:2a:56:81:98:
ff:d0:db:77:94:25:fb:9d:7b:0a:9d:a1:2b:88:23:ae:cd:c6:
ca:e9:31:e8:af:bb:65:8b:3f:e9:70:05:f7:78:2f:8a:19:6d:
3d:c1:ac:74:f7:fb:45:41:15:b9:47:c0:4f:9a:f4:df:ab:98:
b6:b3:61:15:83:62:44:06:5e:cb:ef:cf:4b:09:3e:e1:11:c2:
27:34:a4:77:b2:1e:e0:5d:88:a9:82:d0:ae:98:46:55:dd:c4:
34:5c:3c:fb:1a:35:cb:6a:cd:69:e1:77:1b:5d:0a:5a:74:08:
11:db:93:9b:53:78:72:cc:b6:bb:2c:2d:66:0e:30:be:9a:49:
c6:dd:8d:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnLj/1QhON1MP0zLdvS0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjMwMTAxMDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ZjNWY0ZThiOWJhMDNkYzQwNWMxNWE2MjJiYmZhMjk4Y2FkMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqI2rIFRgdp/0avpwSzQWougxsLr
5oXCyCIBgyIojl+U6tWnpHQY28uEXvlEm328A9KK02yBl10/WhMLq94suTr/iXuL
2jV/oKPUr0HtWCsbcWNKj+0jA3IQV6Jqyfv2TMxRrlv7NEZGU/cshMPQKZ/JwHjV
JSApPA6VmdkWwkfJbdRd+KSzvsP9x4Muz8hNgkIQi9v1QKyauJ5YGeAbtwO3vD7i
dqJAsshNBNIEs47hqJljIcRjP+a4wveYF8GskdcPihrRG9y9doO1FykeTIRY7f96
M0GgEGvS3xmw+9ggE4jNr1DdjIrRzQJVzYLYU0mAVmSs/kOGjc4iuCqiBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAP8X06Lm6A9xAXBWmIrv6KYytNaMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvQV94ZlRvdWJvRDNFQmNGYVlpdV9vcGpLMDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Qv1MA0G
CSqGSIb3DQEBCwUAA4IBAQBTXFEBZdn0IuuQ2Y7pZfEZggbUHFxDjCViu47Z1qf1
friijRtnJvqX6Q+TD7LCpZGYTfC/dC79XOR22NpXCZ3YrdS+lCY9a7+Itkw/wxQM
c4/EVJcCujDK/YjiiFiTykbFrtIadQVxXyTXUn7jjGerlayLI+TwNF9uSypWgZj/
0Nt3lCX7nXsKnaEriCOuzcbK6THor7tliz/pcAX3eC+KGW09wax09/tFQRW5R8BP
mvTfq5i2s2EVg2JEBl7L789LCT7hEcInNKR3sh7gXYipgtCumEZV3cQ0XDz7GjXL
as1p4XcbXQpadAgR25ObU3hyzLa7LC1mDjC+mknG3Y22
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:01 2024 by rpki-client on console-fra.rpki-client.org