Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/PWd8XE_R3NSRkzlGmGXJ9WeSP8w.roa
File: PWd8XE_R3NSRkzlGmGXJ9WeSP8w.roa (raw, json)
Hash identifier: Lmtp3+Vr0E2Sk7jJLfayCXu7amlg0Er+VoIZdxe0kuM=
Subject key identifier: 3D:67:7C:5C:4F:D1:DC:D4:91:93:39:46:98:65:C9:F5:67:92:3F:CC
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018CC348EAD8E61DA1059083E7A0F67DC825
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/PWd8XE_R3NSRkzlGmGXJ9WeSP8w.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48932
IP address blocks: 217.12.226.0/24 maxlen: 24
217.12.224.0/24 maxlen: 24
217.12.225.0/24 maxlen: 24
217.12.227.0/24 maxlen: 24
217.12.234.0/24 maxlen: 24
217.12.234.0/23 maxlen: 23
217.12.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ea:d8:e6:1d:a1:05:90:83:e7:a0:f6:7d:c8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d677c5c4fd1dcd4919339469865c9f567923fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b7:8c:68:7c:2b:72:c2:17:0a:16:00:69:80:
4c:6f:8a:e3:e7:6d:c6:58:87:9c:d3:44:b6:08:1d:
bc:f6:26:e7:de:a2:51:cd:8c:56:22:20:6a:2d:4e:
ea:4d:b7:79:2b:59:c7:4d:97:50:c0:e6:cf:4f:e5:
82:d3:21:94:58:78:d7:3f:49:7e:a9:35:9f:08:bf:
af:aa:fb:bf:f8:16:db:94:8b:3c:7a:f4:91:54:11:
a2:06:58:1b:de:55:52:d1:a1:49:ba:85:38:00:a4:
d6:ab:37:b3:15:c9:cf:57:f5:5b:cb:75:5f:40:c8:
23:71:9c:5b:47:49:67:38:c4:55:77:2e:f2:19:49:
2f:e9:d4:1d:e2:06:59:28:0e:da:9a:6a:30:11:4d:
59:19:7d:eb:ff:8c:f9:ae:23:4b:19:23:48:17:a7:
81:8e:c2:0a:ce:f3:8e:70:50:b6:d8:4f:a2:a7:05:
75:e8:0d:56:ce:1f:f5:9c:ed:4e:b2:b4:02:34:ad:
37:b9:93:4e:c6:ea:83:d9:91:f3:e1:5f:03:91:5d:
2a:c2:7c:19:7d:9b:bb:ef:79:55:1e:11:3b:0d:63:
5c:c9:a9:6e:6f:37:9c:3b:2f:37:b6:f5:00:18:77:
3d:0a:ff:49:83:be:f7:04:70:4a:14:a4:3f:55:aa:
a5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:67:7C:5C:4F:D1:DC:D4:91:93:39:46:98:65:C9:F5:67:92:3F:CC
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/PWd8XE_R3NSRkzlGmGXJ9WeSP8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
217.12.234.0/23
Signature Algorithm: sha256WithRSAEncryption
64:b6:93:bf:ae:3f:2d:e7:c7:d5:0d:de:a4:95:be:d8:67:17:
8d:4f:f1:27:08:6d:12:da:12:16:0b:f0:95:74:36:3f:9b:81:
47:ea:fc:90:d2:ee:de:8f:27:10:55:da:da:27:9f:c9:d9:1e:
ab:19:f1:7c:e3:c4:8d:27:4c:55:9b:dd:46:d5:eb:01:35:e1:
0b:b0:5a:81:18:a2:3d:a7:7e:19:a4:c3:50:06:00:ff:99:a3:
9a:98:2a:c2:ff:b9:06:46:40:4b:46:60:6f:04:c4:4c:07:88:
6a:2d:b4:8d:56:94:12:f4:ac:ce:3c:70:d0:6d:b1:dd:f3:c1:
c9:ab:39:40:39:f3:7e:03:1a:b7:7b:64:a3:5b:23:f0:65:fa:
74:80:d9:d6:c3:d3:1c:27:1e:30:3e:31:fe:36:04:97:53:59:
8d:8f:59:79:cc:40:cd:43:49:9b:91:7c:fe:28:6b:de:33:6e:
85:da:b5:75:04:74:9d:1e:12:7e:28:34:6b:31:92:42:53:4c:
dc:6e:e1:3f:0f:de:14:6c:a8:e2:71:ac:c7:b8:a0:42:9d:85:
22:1b:9f:05:72:28:4b:9a:ee:fa:3d:25:fc:cf:5c:00:34:07:
77:97:1b:67:cd:0b:d2:19:44:ef:6e:89:29:d4:6f:c5:15:a1:
36:2e:d4:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSOrY5h2hBZCD56D2fcglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY3N2M1YzRmZDFkY2Q0OTE5MzM5NDY5ODY1YzlmNTY3OTIzZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLeMaHwrcsIXChYAaYBMb4rj523G
WIec00S2CB289ibn3qJRzYxWIiBqLU7qTbd5K1nHTZdQwObPT+WC0yGUWHjXP0l+
qTWfCL+vqvu/+BbblIs8evSRVBGiBlgb3lVS0aFJuoU4AKTWqzezFcnPV/Vby3Vf
QMgjcZxbR0lnOMRVdy7yGUkv6dQd4gZZKA7ammowEU1ZGX3r/4z5riNLGSNIF6eB
jsIKzvOOcFC22E+ipwV16A1Wzh/1nO1OsrQCNK03uZNOxuqD2ZHz4V8DkV0qwnwZ
fZu773lVHhE7DWNcyalubzecOy83tvUAGHc9Cv9Jg773BHBKFKQ/Vaql5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1nfFxP0dzUkZM5RphlyfVnkj/MMB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvUFdkOFhFX1IzTlNSa3psR21HWEo5V2VTUDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2QzgAwQB
2QzqMA0GCSqGSIb3DQEBCwUAA4IBAQBktpO/rj8t58fVDd6klb7YZxeNT/EnCG0S
2hIWC/CVdDY/m4FH6vyQ0u7ejycQVdraJ5/J2R6rGfF848SNJ0xVm91G1esBNeEL
sFqBGKI9p34ZpMNQBgD/maOamCrC/7kGRkBLRmBvBMRMB4hqLbSNVpQS9KzOPHDQ
bbHd88HJqzlAOfN+Axq3e2SjWyPwZfp0gNnWw9McJx4wPjH+NgSXU1mNj1l5zEDN
Q0mbkXz+KGveM26F2rV1BHSdHhJ+KDRrMZJCU0zcbuE/D94UbKjicazHuKBCnYUi
G58FcihLmu76PSX8z1wANAd3lxtnzQvSGUTvbokp1G/FFaE2LtRq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org