Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1c2f90-26ea-4d59-91a9-4d775622bcb6/1/8qYa-Z-aNUrcKmau5jtgqbT6o4Q.roa
File: 8qYa-Z-aNUrcKmau5jtgqbT6o4Q.roa (raw, json)
Hash identifier: pUEOYuo4PxgrZIuCDsxzOiIzkOwBgBOTMPqvLoOuWFA=
Subject key identifier: F2:A6:1A:F9:9F:9A:35:4A:DC:2A:66:AE:E6:3B:60:A9:B4:FA:A3:84
Certificate issuer: /CN=253358358eba51b534d3fae9a6cb871de637e000
Certificate serial: 018CC9BC57A049AC0F061CA50D05CC2B345E
Authority key identifier: 25:33:58:35:8E:BA:51:B5:34:D3:FA:E9:A6:CB:87:1D:E6:37:E0:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTNYNY66UbU00_rppsuHHeY34AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1c2f90-26ea-4d59-91a9-4d775622bcb6/1/8qYa-Z-aNUrcKmau5jtgqbT6o4Q.roa
Signing time: Tue 02 Jan 2024 10:33:32 +0000
ROA not before: Tue 02 Jan 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209664
IP address blocks: 176.117.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:57:a0:49:ac:0f:06:1c:a5:0d:05:cc:2b:34:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253358358eba51b534d3fae9a6cb871de637e000
Validity
Not Before: Jan 2 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a61af99f9a354adc2a66aee63b60a9b4faa384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:fd:cf:13:c1:ef:e7:f4:e6:ee:8b:d1:6c:
78:a6:04:99:ad:f4:12:15:7d:70:64:0f:40:af:d2:
33:4a:d6:48:44:3b:fe:32:61:d4:55:66:92:81:47:
32:12:ad:b8:16:23:54:1b:54:57:33:b6:bb:a7:de:
52:44:e3:a2:61:3d:54:b0:cc:cc:df:53:b5:81:81:
f0:72:32:48:4a:27:f1:40:e4:0b:35:09:9f:af:40:
bf:95:ea:45:c4:ed:04:fd:3a:bc:10:3f:c2:c1:85:
d0:b1:f4:d8:92:0b:79:8c:e5:76:86:ba:ba:a5:b6:
27:d9:42:9f:91:80:d1:64:35:69:d9:5b:9e:1f:c0:
a8:d2:9c:fd:30:40:54:52:f7:1e:fc:b8:f4:b7:e1:
4e:4a:3e:f9:28:2a:d2:5d:5d:c5:e0:ec:65:65:3f:
89:5a:90:59:f4:33:34:98:48:7b:af:0a:bf:6e:ac:
50:b7:fe:e8:83:15:9b:2a:0e:41:40:2b:7a:d7:0b:
cc:75:0f:73:05:d9:5d:a5:7b:4f:e0:12:72:74:20:
51:ac:03:17:fe:e2:c0:06:04:4b:e5:4a:dd:7e:0e:
f3:f5:37:70:5d:df:cd:41:e6:86:33:fe:d8:a4:3d:
60:9f:a5:61:9c:59:f8:95:58:dd:fa:26:88:e2:4c:
5a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A6:1A:F9:9F:9A:35:4A:DC:2A:66:AE:E6:3B:60:A9:B4:FA:A3:84
X509v3 Authority Key Identifier:
keyid:25:33:58:35:8E:BA:51:B5:34:D3:FA:E9:A6:CB:87:1D:E6:37:E0:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTNYNY66UbU00_rppsuHHeY34AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1c2f90-26ea-4d59-91a9-4d775622bcb6/1/8qYa-Z-aNUrcKmau5jtgqbT6o4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1c2f90-26ea-4d59-91a9-4d775622bcb6/1/JTNYNY66UbU00_rppsuHHeY34AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.70.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:1f:b7:69:1c:56:10:60:50:d2:2e:18:f8:98:a8:89:6f:95:
17:ea:01:6b:da:e5:65:4e:dd:0b:a6:2d:7b:fa:9f:68:ee:87:
1a:6c:9a:6b:42:55:2f:3a:0c:0d:85:ba:90:f6:78:78:ff:a5:
ab:00:59:ec:f8:ee:2c:3c:47:85:ae:e0:62:72:9f:d7:c7:62:
dc:8a:ec:95:0d:c2:d8:a8:8d:bf:8a:4f:f5:35:ce:38:cc:fc:
77:f6:e8:9a:ec:ca:77:06:b1:87:92:a1:9a:e1:d5:25:e8:2a:
ad:3c:af:54:ca:13:f3:28:37:b9:c1:45:63:40:d6:50:5d:a6:
a2:db:c8:23:3c:a7:91:6a:a9:f6:fd:be:e2:54:15:03:c7:fb:
4d:72:d7:3c:f0:e0:c3:21:71:c9:a3:22:33:63:63:bb:5e:fd:
ac:3f:ca:0f:89:d1:a3:a0:b8:9d:0d:08:6c:31:94:f2:4c:9b:
00:e8:07:6a:10:18:cf:3b:42:01:58:e8:df:69:dc:8a:fd:65:
42:d6:90:b2:85:ea:f9:64:2e:3e:53:60:56:34:ca:a0:93:be:
46:f0:dc:a9:c2:8f:90:ce:92:ed:2a:00:09:d7:88:43:9d:1d:
fd:e4:35:85:f8:88:b5:dc:5c:04:24:99:18:9a:39:e1:84:0c:
f6:2e:16:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvFegSawPBhylDQXMKzReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzM1ODM1OGViYTUxYjUzNGQzZmFlOWE2Y2I4NzFkZTYz
N2UwMDAwHhcNMjQwMTAyMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE2MWFmOTlmOWEzNTRhZGMyYTY2YWVlNjNiNjBhOWI0ZmFhMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkD9zxPB7+f05u6L0Wx4pgSZrfQS
FX1wZA9Ar9IzStZIRDv+MmHUVWaSgUcyEq24FiNUG1RXM7a7p95SROOiYT1UsMzM
31O1gYHwcjJISifxQOQLNQmfr0C/lepFxO0E/Tq8ED/CwYXQsfTYkgt5jOV2hrq6
pbYn2UKfkYDRZDVp2VueH8Co0pz9MEBUUvce/Lj0t+FOSj75KCrSXV3F4OxlZT+J
WpBZ9DM0mEh7rwq/bqxQt/7ogxWbKg5BQCt61wvMdQ9zBdldpXtP4BJydCBRrAMX
/uLABgRL5Urdfg7z9TdwXd/NQeaGM/7YpD1gn6VhnFn4lVjd+iaI4kxa9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKmGvmfmjVK3CpmruY7YKm0+qOEMB8GA1UdIwQY
MBaAFCUzWDWOulG1NNP66abLhx3mN+AAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlROWU5ZNjZVYlUwMF9ycHBzdUhIZVkzNEFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYzJmOTAtMjZlYS00ZDU5LTkxYTkt
NGQ3NzU2MjJiY2I2LzEvOHFZYS1aLWFOVXJjS21hdTVqdGdxYlQ2bzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYzJmOTAtMjZlYS00ZDU5LTkxYTktNGQ3NzU2MjJiY2I2
LzEvSlROWU5ZNjZVYlUwMF9ycHBzdUhIZVkzNEFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHVGMA0G
CSqGSIb3DQEBCwUAA4IBAQDZH7dpHFYQYFDSLhj4mKiJb5UX6gFr2uVlTt0Lpi17
+p9o7ocabJprQlUvOgwNhbqQ9nh4/6WrAFns+O4sPEeFruBicp/Xx2LciuyVDcLY
qI2/ik/1Nc44zPx39uia7Mp3BrGHkqGa4dUl6CqtPK9UyhPzKDe5wUVjQNZQXaai
28gjPKeRaqn2/b7iVBUDx/tNctc88ODDIXHJoyIzY2O7Xv2sP8oPidGjoLidDQhs
MZTyTJsA6AdqEBjPO0IBWOjfadyK/WVC1pCyher5ZC4+U2BWNMqgk75G8Nypwo+Q
zpLtKgAJ14hDnR395DWF+Ii13FwEJJkYmjnhhAz2Lha0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:54 2025 by rpki-client