Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/geocDZCukOU73xI12pna_5-kIvI.roa
File: geocDZCukOU73xI12pna_5-kIvI.roa (raw, json)
Hash identifier: smV3Hdf7T8ZLmpHlbux+dUwSR3aZ5tSct+9Dv2bscGY=
Subject key identifier: 81:EA:1C:0D:90:AE:90:E5:3B:DF:12:35:DA:99:DA:FF:9F:A4:22:F2
Certificate issuer: /CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Certificate serial: 018ECC340C5D799791433CB159F344492EE3
Authority key identifier: 30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/geocDZCukOU73xI12pna_5-kIvI.roa
Signing time: Thu 11 Apr 2024 08:09:06 +0000
ROA not before: Thu 11 Apr 2024 08:09:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21234
IP address blocks: 217.25.128.0/20 maxlen: 24
217.25.138.0/24 maxlen: 24
2a07:fbc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 10:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:34:0c:5d:79:97:91:43:3c:b1:59:f3:44:49:2e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Validity
Not Before: Apr 11 08:09:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ea1c0d90ae90e53bdf1235da99daff9fa422f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:13:e7:07:5a:0c:5f:7a:86:51:f0:14:12:
bc:27:5e:a4:d1:73:f4:62:45:f8:ae:d5:cc:ce:06:
91:3c:aa:05:9f:60:3c:56:62:94:ca:3d:12:2c:08:
05:95:ce:9b:35:21:6a:55:d0:63:b9:21:67:63:00:
e6:1d:17:bc:b0:ad:b6:51:76:55:e5:89:55:e5:4e:
c9:ed:83:31:45:24:51:ab:8f:05:7f:49:7e:84:ad:
dc:ba:49:e8:5e:bc:67:6f:d5:96:a6:3f:6c:26:f5:
cc:dc:e1:99:51:d8:c3:de:65:4d:97:a4:30:92:7b:
b5:6e:93:3f:88:45:e3:6c:02:24:68:e5:93:ac:d1:
a9:b3:80:b9:43:d2:13:11:69:51:31:5a:02:2c:db:
9b:9e:95:92:bb:09:fe:ed:4e:db:1c:e1:79:62:4e:
18:ed:ca:4f:03:1e:7d:ff:ca:70:fe:f2:7d:ec:6a:
28:c4:cc:b4:ea:ac:41:c1:b4:46:74:5b:c5:60:ef:
28:8f:43:1d:83:75:c3:6d:79:2e:c5:19:24:17:28:
e2:52:57:1d:9e:c0:f6:e7:9e:21:74:25:cb:a4:d6:
e9:4c:53:e8:6f:fa:1e:3d:eb:f5:ef:46:df:d2:4e:
10:9d:be:1a:c9:e1:31:1f:bf:10:79:98:c6:ee:6c:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EA:1C:0D:90:AE:90:E5:3B:DF:12:35:DA:99:DA:FF:9F:A4:22:F2
X509v3 Authority Key Identifier:
keyid:30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/geocDZCukOU73xI12pna_5-kIvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/MC8J8mXpsnj4Bz1pgv8XVxOloPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.128.0/20
IPv6:
2a07:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
85:7c:57:45:90:5f:ef:1e:eb:b0:bf:60:06:e2:80:37:3c:44:
02:74:85:d3:9d:f2:ee:8f:da:9b:51:24:fb:57:ad:55:1f:ed:
61:37:c9:3c:35:6a:49:c6:4d:44:1e:95:bf:d7:5b:f3:47:a4:
23:80:1e:ab:e7:c9:3c:31:25:5c:0a:ad:de:8f:cc:1d:a5:07:
5c:df:4c:e1:a3:af:5e:18:7e:0b:35:72:a4:7a:0d:84:2d:c2:
0c:fd:28:b0:0e:33:7a:95:a4:d1:82:21:f7:f8:12:71:4e:61:
70:e1:52:cb:e6:d3:64:d3:45:5f:b9:32:b0:b4:bf:44:11:3c:
78:ce:89:8d:95:6f:4a:93:ff:f8:8d:80:3f:3d:83:46:6a:6a:
6e:6d:a2:85:2e:2d:c4:2b:95:52:6c:0b:d6:6c:7a:5f:2e:c0:
d7:b6:7e:2c:69:1e:75:2a:15:45:d4:f0:f8:d8:01:c3:c5:ff:
59:94:a9:4d:5e:c1:32:b2:77:5a:80:51:d0:35:5d:1a:64:0c:
71:6e:90:3c:ba:e1:4a:73:b9:36:19:04:0a:ba:2c:dc:bd:93:
69:d9:0e:2f:ed:e4:34:ad:e4:65:43:d0:15:56:75:72:d3:f8:
41:c4:4e:fa:38:63:2c:58:77:48:dd:dd:d3:30:d2:ee:0d:cf:
ed:90:23:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7MNAxdeZeRQzyxWfNESS7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMmYwOWYyNjVlOWIyNzhmODA3M2Q2OTgyZmYxNzU3MTNh
NWEwZmEwHhcNMjQwNDExMDgwOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVhMWMwZDkwYWU5MGU1M2JkZjEyMzVkYTk5ZGFmZjlmYTQyMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFoT5wdaDF96hlHwFBK8J16k0XP0
YkX4rtXMzgaRPKoFn2A8VmKUyj0SLAgFlc6bNSFqVdBjuSFnYwDmHRe8sK22UXZV
5YlV5U7J7YMxRSRRq48Ff0l+hK3cuknoXrxnb9WWpj9sJvXM3OGZUdjD3mVNl6Qw
knu1bpM/iEXjbAIkaOWTrNGps4C5Q9ITEWlRMVoCLNubnpWSuwn+7U7bHOF5Yk4Y
7cpPAx59/8pw/vJ97GooxMy06qxBwbRGdFvFYO8oj0Mdg3XDbXkuxRkkFyjiUlcd
nsD2554hdCXLpNbpTFPob/oePev170bf0k4Qnb4ayeExH78QeZjG7mzpCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIHqHA2QrpDlO98SNdqZ2v+fpCLyMB8GA1UdIwQY
MBaAFDAvCfJl6bJ4+Ac9aYL/F1cTpaD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODct
M2I1NWYyMzI3YjM0LzEvZ2VvY0RaQ3VrT1U3M3hJMTJwbmFfNS1rSXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODctM2I1NWYyMzI3YjM0
LzEvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RmAMA0E
AgACMAcDBQAqB/vAMA0GCSqGSIb3DQEBCwUAA4IBAQCFfFdFkF/vHuuwv2AG4oA3
PEQCdIXTnfLuj9qbUST7V61VH+1hN8k8NWpJxk1EHpW/11vzR6QjgB6r58k8MSVc
Cq3ej8wdpQdc30zho69eGH4LNXKkeg2ELcIM/SiwDjN6laTRgiH3+BJxTmFw4VLL
5tNk00VfuTKwtL9EETx4zomNlW9Kk//4jYA/PYNGampubaKFLi3EK5VSbAvWbHpf
LsDXtn4saR51KhVF1PD42AHDxf9ZlKlNXsEysndagFHQNV0aZAxxbpA8uuFKc7k2
GQQKuizcvZNp2Q4v7eQ0reRlQ9AVVnVy0/hBxE76OGMsWHdI3d3TMNLuDc/tkCO6
-----END CERTIFICATE-----
Generated at Thu Apr 18 13:30:09 2024 by rpki-client on console-fra.rpki-client.org