Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/061qEzeXza9AaqEErHbRA-LCeYQ.roa
File: 061qEzeXza9AaqEErHbRA-LCeYQ.roa (raw, json)
Hash identifier: 2zFvoEKpaT09gYTo2KfuEIA+XN5NTi+e2jLx2kkCON0=
Subject key identifier: D3:AD:6A:13:37:97:CD:AF:40:6A:A1:04:AC:76:D1:03:E2:C2:79:84
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018DA796E9EF17B6B8D4516938ECD002208A
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/061qEzeXza9AaqEErHbRA-LCeYQ.roa
Signing time: Wed 14 Feb 2024 12:28:21 +0000
ROA not before: Wed 14 Feb 2024 12:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 217.12.224.0/22 maxlen: 28
217.12.233.0/24 maxlen: 24
217.12.234.0/23 maxlen: 28
Validation: Failed, certificate revoked on Sun 24 Mar 2024 17:18:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:96:e9:ef:17:b6:b8:d4:51:69:38:ec:d0:02:20:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Feb 14 12:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3ad6a133797cdaf406aa104ac76d103e2c27984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:eb:e4:a8:fd:f2:8f:dc:7f:73:d0:c3:57:a4:
af:f6:24:28:7b:dd:6c:fe:98:96:83:24:2b:03:62:
8c:23:f5:9b:57:a8:1c:90:2b:3a:25:45:58:74:d7:
3b:4a:28:47:fe:c9:ed:70:b8:50:af:84:bd:be:64:
a4:f0:22:bb:28:9b:65:53:16:ec:ba:7b:f1:bf:3a:
d8:39:e9:13:30:7e:7e:d6:02:f9:e6:9b:20:9b:a3:
a5:d5:d9:81:84:08:47:6a:e7:69:94:d2:30:68:fe:
3b:3d:5a:b0:a7:87:9f:2e:26:c3:b2:7a:fb:b6:7b:
72:a1:74:b1:2a:80:3b:dd:1b:71:ce:49:96:c6:0b:
d6:8d:1e:2c:ab:c2:e2:3e:6f:83:3e:c7:4c:6c:dc:
51:91:46:3a:08:20:ea:1c:c9:e6:74:f2:cf:f8:1b:
da:e2:69:d1:61:d8:b0:db:40:54:e4:c4:23:16:ce:
1f:df:7e:6e:b0:41:71:d5:39:62:0f:55:87:2c:49:
00:d8:3d:b7:ea:bb:1d:b9:fb:a7:79:f8:00:96:f8:
52:31:d4:bf:b6:d6:9f:83:9e:49:22:48:1b:0d:7c:
37:f2:f6:c5:47:2e:27:21:90:1e:8f:d4:ea:54:55:
b1:95:c3:18:96:b1:e0:57:47:af:62:d5:dc:41:41:
1b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:AD:6A:13:37:97:CD:AF:40:6A:A1:04:AC:76:D1:03:E2:C2:79:84
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/061qEzeXza9AaqEErHbRA-LCeYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
217.12.233.0-217.12.235.255
Signature Algorithm: sha256WithRSAEncryption
b3:92:2d:6e:69:da:39:df:9b:38:76:9e:92:9f:ca:40:5e:77:
c1:3d:f0:63:09:33:aa:f0:90:50:23:14:18:fc:f8:65:c6:14:
b8:04:a4:eb:73:32:0c:96:24:b5:21:81:97:92:6e:b3:04:05:
44:85:dc:b2:45:ce:25:75:b4:2f:be:a1:16:58:8c:c8:0a:88:
db:17:d8:b1:41:2b:f3:78:c1:4a:e8:7c:f9:0b:28:fa:b0:a1:
9e:60:f8:e4:e6:6f:be:83:f6:e0:5b:15:bc:2d:cd:ad:9c:17:
39:7e:b7:be:34:c9:d9:8e:40:ae:e1:5f:7b:ae:05:2c:25:45:
29:7e:d4:60:c1:ef:91:46:47:d2:a9:ac:02:78:f7:23:77:62:
4e:14:41:e5:79:da:51:a0:d7:2b:27:52:a3:6e:e4:4d:87:fe:
54:e2:32:42:25:98:a3:1a:13:32:97:ea:23:ef:b4:94:36:e1:
e9:f0:43:18:d8:59:71:d4:c1:70:fe:51:3c:b3:3f:8a:ef:04:
1f:06:d8:be:eb:21:29:7f:a4:66:14:1c:c6:1b:8a:c3:af:28:
19:39:30:3d:47:7c:aa:4f:42:47:c8:d2:da:c3:08:90:dd:e5:
53:76:2f:18:6e:55:30:9c:9a:72:a7:df:6e:74:c5:0a:a6:4d:
d3:fd:b1:a7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2nlunvF7a41FFpOOzQAiCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjQwMjE0MTIyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2FkNmExMzM3OTdjZGFmNDA2YWExMDRhYzc2ZDEwM2UyYzI3OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwevkqP3yj9x/c9DDV6Sv9iQoe91s
/piWgyQrA2KMI/WbV6gckCs6JUVYdNc7SihH/sntcLhQr4S9vmSk8CK7KJtlUxbs
unvxvzrYOekTMH5+1gL55psgm6Ol1dmBhAhHaudplNIwaP47PVqwp4efLibDsnr7
tntyoXSxKoA73RtxzkmWxgvWjR4sq8LiPm+DPsdMbNxRkUY6CCDqHMnmdPLP+Bva
4mnRYdiw20BU5MQjFs4f335usEFx1TliD1WHLEkA2D236rsdufunefgAlvhSMdS/
ttafg55JIkgbDXw38vbFRy4nIZAej9TqVFWxlcMYlrHgV0evYtXcQUEbywIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNOtahM3l82vQGqhBKx20QPiwnmEMB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvMDYxcUV6ZVh6YTlBYXFFRXJIYlJBLUxDZVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC2QzgMAwD
BADZDOkDBALZDOgwDQYJKoZIhvcNAQELBQADggEBALOSLW5p2jnfmzh2npKfykBe
d8E98GMJM6rwkFAjFBj8+GXGFLgEpOtzMgyWJLUhgZeSbrMEBUSF3LJFziV1tC++
oRZYjMgKiNsX2LFBK/N4wUrofPkLKPqwoZ5g+OTmb76D9uBbFbwtza2cFzl+t740
ydmOQK7hX3uuBSwlRSl+1GDB75FGR9KprAJ49yN3Yk4UQeV52lGg1ysnUqNu5E2H
/lTiMkIlmKMaEzKX6iPvtJQ24enwQxjYWXHUwXD+UTyzP4rvBB8G2L7rISl/pGYU
HMYbisOvKBk5MD1HfKpPQkfI0trDCJDd5VN2LxhuVTCcmnKn3250xQqmTdP9sac=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org