Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/jTj_rkzSE4e_rhgNcCh9ayWv8Wo.roa
File: jTj_rkzSE4e_rhgNcCh9ayWv8Wo.roa (raw, json)
Hash identifier: 10+kiGWicLNL+zBCAMKBsw+HifZAMbB2pankFkZAPRs=
Subject key identifier: 8D:38:FF:AE:4C:D2:13:87:BF:AE:18:0D:70:28:7D:6B:25:AF:F1:6A
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018DA798EDD6556A39A06CD87A2BB6C17E59
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/jTj_rkzSE4e_rhgNcCh9ayWv8Wo.roa
Signing time: Wed 14 Feb 2024 12:30:33 +0000
ROA not before: Wed 14 Feb 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48932
IP address blocks: 217.12.224.0/24 maxlen: 24
217.12.225.0/24 maxlen: 24
217.12.226.0/24 maxlen: 24
217.12.227.0/24 maxlen: 24
217.12.233.0/24 maxlen: 24
217.12.234.0/23 maxlen: 23
217.12.234.0/24 maxlen: 24
217.12.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 11:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:98:ed:d6:55:6a:39:a0:6c:d8:7a:2b:b6:c1:7e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Feb 14 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d38ffae4cd21387bfae180d70287d6b25aff16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:bc:b4:43:54:c7:81:9f:ee:ba:24:e5:8a:ed:
5c:9c:ee:c3:c8:70:a1:34:93:e7:e3:38:83:f3:af:
9e:70:5c:00:52:7e:70:7c:82:69:cd:22:a5:92:9f:
95:39:9f:3f:bf:04:c5:8d:60:fc:92:f1:8c:de:28:
6b:91:cb:2a:a1:d8:c2:ac:fd:5f:aa:35:2e:3a:c1:
2a:40:89:2c:cc:e4:45:53:d0:e7:a3:92:82:f0:b1:
d0:e2:eb:7b:4d:92:0c:c2:48:c9:9c:1a:f5:9b:84:
92:29:3d:d8:7b:71:d4:5c:58:b5:54:11:72:c4:90:
ba:6f:5d:7e:92:02:23:0c:5c:f4:30:5e:74:3f:63:
1e:40:24:74:b7:de:10:93:27:43:fb:6d:31:dc:ae:
7d:56:50:83:86:fb:c5:80:59:00:51:ab:c4:ff:08:
68:de:b7:b8:d9:5f:06:a3:da:e5:cc:ef:56:af:ff:
78:d2:e4:31:55:33:e6:59:3f:ba:d1:d7:eb:74:61:
71:db:d2:47:9a:77:1f:5e:fc:8b:6f:4f:47:99:9d:
42:a8:5e:d9:55:88:c3:6a:55:d5:85:af:fd:cc:16:
29:8f:63:19:d1:b4:0c:3a:3e:13:11:49:96:17:41:
36:c5:59:6d:73:a2:54:3e:8e:e4:a2:aa:ec:f5:e1:
6b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:38:FF:AE:4C:D2:13:87:BF:AE:18:0D:70:28:7D:6B:25:AF:F1:6A
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/jTj_rkzSE4e_rhgNcCh9ayWv8Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
217.12.233.0-217.12.235.255
Signature Algorithm: sha256WithRSAEncryption
10:69:09:69:83:72:a2:2c:ff:79:1e:f1:bd:52:c7:74:3f:8c:
05:31:3a:57:02:dd:01:6d:96:28:88:52:47:1e:19:3c:a3:e1:
e4:9c:27:16:45:c7:21:51:65:c7:41:ea:1c:05:f6:a5:71:b0:
7e:01:86:28:9f:b6:7e:c5:52:d2:17:87:94:42:58:69:f2:7d:
cb:3f:92:60:76:8b:47:78:df:35:93:c1:91:4b:2b:62:7d:26:
5d:42:71:10:37:0e:a9:e0:78:d2:40:e6:d8:0e:90:f5:5f:3f:
2c:37:27:fa:01:0d:ec:21:86:dd:43:54:bc:4e:d0:ae:e8:0a:
a3:fb:36:a2:ea:c4:5e:87:ee:3c:99:91:65:7c:f9:c6:46:ed:
0d:57:e5:bd:95:69:e5:9c:a4:27:32:04:ec:33:b6:30:47:e3:
51:3f:17:ee:16:0d:e4:9f:3b:f0:76:ae:95:5a:2d:f3:a7:a1:
4b:49:31:b8:b0:97:a5:60:7a:fb:b2:86:e4:98:5a:d1:be:b6:
64:d6:ae:73:f0:86:2c:1c:95:a8:d2:87:1e:36:11:ae:5f:34:
cc:a1:40:9f:dd:25:b8:ea:36:a0:7e:db:4f:89:18:00:c0:2e:
bd:13:36:0a:08:49:a4:d6:4b:07:29:56:c8:6a:8b:b9:48:df:
85:14:bd:1d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2nmO3WVWo5oGzYeiu2wX5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjQwMjE0MTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM4ZmZhZTRjZDIxMzg3YmZhZTE4MGQ3MDI4N2Q2YjI1YWZmMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ly0Q1THgZ/uuiTliu1cnO7DyHCh
NJPn4ziD86+ecFwAUn5wfIJpzSKlkp+VOZ8/vwTFjWD8kvGM3ihrkcsqodjCrP1f
qjUuOsEqQIkszORFU9Dno5KC8LHQ4ut7TZIMwkjJnBr1m4SSKT3Ye3HUXFi1VBFy
xJC6b11+kgIjDFz0MF50P2MeQCR0t94QkydD+20x3K59VlCDhvvFgFkAUavE/who
3re42V8Go9rlzO9Wr/940uQxVTPmWT+60dfrdGFx29JHmncfXvyLb09HmZ1CqF7Z
VYjDalXVha/9zBYpj2MZ0bQMOj4TEUmWF0E2xVltc6JUPo7koqrs9eFr3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI04/65M0hOHv64YDXAofWslr/FqMB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvalRqX3JrelNFNGVfcmhnTmNDaDlheVd2OFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC2QzgMAwD
BADZDOkDBALZDOgwDQYJKoZIhvcNAQELBQADggEBABBpCWmDcqIs/3ke8b1Sx3Q/
jAUxOlcC3QFtliiIUkceGTyj4eScJxZFxyFRZcdB6hwF9qVxsH4Bhiiftn7FUtIX
h5RCWGnyfcs/kmB2i0d43zWTwZFLK2J9Jl1CcRA3DqngeNJA5tgOkPVfPyw3J/oB
Dewhht1DVLxO0K7oCqP7NqLqxF6H7jyZkWV8+cZG7Q1X5b2VaeWcpCcyBOwztjBH
41E/F+4WDeSfO/B2rpVaLfOnoUtJMbiwl6VgevuyhuSYWtG+tmTWrnPwhiwclajS
hx42Ea5fNMyhQJ/dJbjqNqB+20+JGADALr0TNgoISaTWSwcpVshqi7lI34UUvR0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org