Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/_GFKcoqBjPa3PF3D2FptBOTQhDw.roa
File: _GFKcoqBjPa3PF3D2FptBOTQhDw.roa (raw, json)
Hash identifier: rQpGwNLzUFaA+OAQzwoeX0gBp08Hnkfwjq6tqK+kglw=
Subject key identifier: FC:61:4A:72:8A:81:8C:F6:B7:3C:5D:C3:D8:5A:6D:04:E4:D0:84:3C
Certificate issuer: /CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Certificate serial: 018CC56ECCD9B7CC958486905941556897BA
Authority key identifier: 30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/_GFKcoqBjPa3PF3D2FptBOTQhDw.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21234
IP address blocks: 217.25.128.0/20 maxlen: 20
2a07:fbc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:cc:d9:b7:cc:95:84:86:90:59:41:55:68:97:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc614a728a818cf6b73c5dc3d85a6d04e4d0843c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:11:7e:9c:06:f6:2b:aa:a7:a4:38:16:61:67:
83:aa:85:51:f8:7d:3c:db:e3:8f:6d:ce:03:25:7d:
b4:73:df:9b:5d:be:a6:3c:f7:e3:3b:e7:24:bd:15:
7f:a1:c2:63:9b:bf:9f:34:5b:95:f7:b7:19:f3:6e:
bc:4d:56:c4:dd:52:7e:75:47:52:f0:8f:35:1c:e1:
f3:e2:11:bc:eb:31:fa:1b:54:7e:8b:0a:e6:80:ab:
f9:4f:58:66:26:84:2c:bb:b9:cf:02:4c:4c:08:36:
f8:88:1d:c2:42:f1:c8:80:17:a2:de:8d:98:dd:80:
54:d9:13:2f:6a:23:b7:43:85:4f:d6:65:a8:c1:22:
85:ba:70:75:b9:b9:0b:7e:e7:0e:ab:12:6d:1d:a2:
87:24:c7:bd:59:cb:75:07:c5:bf:cd:ea:fb:ef:cc:
26:ec:ca:78:8f:65:14:a9:23:f5:62:e9:53:34:2a:
b4:37:36:4c:08:c0:03:76:01:48:39:9e:55:6b:83:
6c:4e:55:2f:2d:86:ba:39:20:4d:06:60:27:96:1a:
a4:70:dc:3e:e2:25:75:6a:ee:4f:f6:d3:15:d1:cb:
27:d6:43:87:5b:97:19:a7:f4:83:e3:ce:66:98:c1:
2b:ae:a0:16:77:a5:16:81:02:6d:11:f6:b7:f9:4c:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:61:4A:72:8A:81:8C:F6:B7:3C:5D:C3:D8:5A:6D:04:E4:D0:84:3C
X509v3 Authority Key Identifier:
keyid:30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/_GFKcoqBjPa3PF3D2FptBOTQhDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/MC8J8mXpsnj4Bz1pgv8XVxOloPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.128.0/20
IPv6:
2a07:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
bf:74:b0:40:50:b7:c9:79:60:91:7d:24:76:ee:03:02:a5:a5:
a0:c1:58:ac:3c:66:4c:d3:e0:89:40:42:05:eb:07:f3:5f:07:
c3:c5:86:fb:d8:70:9a:77:11:da:cc:76:6e:ab:80:ea:8c:5a:
29:4e:7d:c0:2f:14:ca:2c:d6:45:2f:d4:22:ea:eb:29:77:a4:
fe:91:d1:5b:1e:35:71:1f:2a:b2:66:a3:2a:af:0b:90:8f:bb:
b9:50:c4:4a:ab:bd:01:ae:26:0b:cf:55:b5:05:a0:c6:fb:4d:
f7:ef:d0:18:70:19:b8:34:7b:70:85:b6:fc:60:95:ba:a1:4e:
28:75:d4:00:b4:97:aa:69:78:6e:c9:e7:5a:64:27:be:3c:f6:
d9:2b:ab:c5:7f:14:4b:c4:47:d8:6a:93:b7:f7:64:c4:fd:bd:
ab:f6:61:27:64:05:3d:f7:0b:8a:9e:a6:e5:0c:cf:72:b1:c0:
28:71:59:cc:cf:6e:d7:a3:90:a0:ea:2a:b2:86:a7:0b:cd:23:
66:67:5e:f2:34:a9:b9:69:4b:ce:47:fb:1e:0e:65:2f:3c:30:
59:26:c0:92:2c:6f:f6:2b:1e:cf:0d:75:7a:f0:ce:7e:5e:1a:
ef:0f:d2:7a:65:00:0d:ab:56:d9:c0:bc:95:e1:7a:e3:b7:c6:
16:72:fb:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbszZt8yVhIaQWUFVaJe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMmYwOWYyNjVlOWIyNzhmODA3M2Q2OTgyZmYxNzU3MTNh
NWEwZmEwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzYxNGE3MjhhODE4Y2Y2YjczYzVkYzNkODVhNmQwNGU0ZDA4NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRF+nAb2K6qnpDgWYWeDqoVR+H08
2+OPbc4DJX20c9+bXb6mPPfjO+ckvRV/ocJjm7+fNFuV97cZ8268TVbE3VJ+dUdS
8I81HOHz4hG86zH6G1R+iwrmgKv5T1hmJoQsu7nPAkxMCDb4iB3CQvHIgBei3o2Y
3YBU2RMvaiO3Q4VP1mWowSKFunB1ubkLfucOqxJtHaKHJMe9Wct1B8W/zer778wm
7Mp4j2UUqSP1YulTNCq0NzZMCMADdgFIOZ5Va4NsTlUvLYa6OSBNBmAnlhqkcNw+
4iV1au5P9tMV0csn1kOHW5cZp/SD485mmMErrqAWd6UWgQJtEfa3+UzNzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPxhSnKKgYz2tzxdw9habQTk0IQ8MB8GA1UdIwQY
MBaAFDAvCfJl6bJ4+Ac9aYL/F1cTpaD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODct
M2I1NWYyMzI3YjM0LzEvX0dGS2NvcUJqUGEzUEYzRDJGcHRCT1RRaER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODctM2I1NWYyMzI3YjM0
LzEvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RmAMA0E
AgACMAcDBQAqB/vAMA0GCSqGSIb3DQEBCwUAA4IBAQC/dLBAULfJeWCRfSR27gMC
paWgwVisPGZM0+CJQEIF6wfzXwfDxYb72HCadxHazHZuq4DqjFopTn3ALxTKLNZF
L9Qi6uspd6T+kdFbHjVxHyqyZqMqrwuQj7u5UMRKq70BriYLz1W1BaDG+03379AY
cBm4NHtwhbb8YJW6oU4oddQAtJeqaXhuyedaZCe+PPbZK6vFfxRLxEfYapO392TE
/b2r9mEnZAU99wuKnqblDM9yscAocVnMz27Xo5Cg6iqyhqcLzSNmZ17yNKm5aUvO
R/seDmUvPDBZJsCSLG/2Kx7PDXV68M5+XhrvD9J6ZQANq1bZwLyV4Xrjt8YWcvuz
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:05 2025 by rpki-client