Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/d46001-1609-4487-9150-bf78bb85a69e/1/0bXknAVkqBWPCJwBpWHC6uuOaIQ.roa
File: 0bXknAVkqBWPCJwBpWHC6uuOaIQ.roa (raw, json)
Hash identifier: 73DkdpPkOLcFgpvouOlEoviXwSc48340ZTxuEUQ5BYE=
Subject key identifier: D1:B5:E4:9C:05:64:A8:15:8F:08:9C:01:A5:61:C2:EA:EB:8E:68:84
Certificate issuer: /CN=41bfad97a58cb50cbfc84ec865af3d71c8b185af
Certificate serial: 01856F1D93F6963ABE543A207B7872DDB729
Authority key identifier: 41:BF:AD:97:A5:8C:B5:0C:BF:C8:4E:C8:65:AF:3D:71:C8:B1:85:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qb-tl6WMtQy_yE7IZa89ccixha8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/d46001-1609-4487-9150-bf78bb85a69e/1/0bXknAVkqBWPCJwBpWHC6uuOaIQ.roa
Signing time: Sun 01 Jan 2023 20:54:47 +0000
ROA not before: Sun 01 Jan 2023 20:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20794
IP address blocks: 217.12.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:93:f6:96:3a:be:54:3a:20:7b:78:72:dd:b7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41bfad97a58cb50cbfc84ec865af3d71c8b185af
Validity
Not Before: Jan 1 20:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1b5e49c0564a8158f089c01a561c2eaeb8e6884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f0:2a:18:6b:17:7d:3f:b5:81:1a:0a:31:27:
02:e2:c3:2c:ed:72:35:b8:a1:39:88:35:78:70:65:
9e:ca:b0:b5:3c:63:2c:90:1a:0d:c2:5c:79:ed:cd:
a2:a4:6c:93:41:08:c6:59:5d:57:c1:54:70:57:db:
07:12:bf:19:68:00:b5:34:67:08:c4:14:b4:91:48:
58:cc:85:46:8e:63:bc:7e:ac:8e:5f:93:c7:b7:b9:
9b:b0:32:82:2c:81:09:75:1a:22:5d:79:0d:cf:5f:
22:b8:46:8c:6e:78:21:3f:ce:15:29:21:7b:24:ba:
8d:b7:e2:07:08:7c:5b:63:25:63:f2:c5:e5:ea:34:
64:29:22:17:c1:79:ff:d1:43:89:3b:79:62:26:79:
bb:d7:00:7a:78:db:4e:97:08:75:03:f2:ed:42:18:
fb:6c:07:48:f3:9e:a4:b8:2a:84:d5:9d:7d:a2:3e:
d9:b7:50:d2:0c:50:f0:f3:67:fc:eb:85:2c:2c:d5:
59:e7:b4:73:2e:11:ff:ed:0e:15:e0:8f:d7:c2:eb:
06:67:aa:b8:6d:eb:be:97:00:91:ea:39:2f:66:84:
8f:8f:60:56:84:0f:ab:fc:be:9c:93:91:9d:3d:c5:
c0:52:6a:a6:ec:97:dc:57:c5:a3:38:7c:ff:76:d7:
c2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B5:E4:9C:05:64:A8:15:8F:08:9C:01:A5:61:C2:EA:EB:8E:68:84
X509v3 Authority Key Identifier:
keyid:41:BF:AD:97:A5:8C:B5:0C:BF:C8:4E:C8:65:AF:3D:71:C8:B1:85:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qb-tl6WMtQy_yE7IZa89ccixha8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d46001-1609-4487-9150-bf78bb85a69e/1/0bXknAVkqBWPCJwBpWHC6uuOaIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d46001-1609-4487-9150-bf78bb85a69e/1/Qb-tl6WMtQy_yE7IZa89ccixha8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.160.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e2:4e:af:72:bb:fe:fd:ad:96:3e:df:ce:73:51:8e:23:56:
4a:1e:8c:b4:52:a5:20:58:2a:ae:c2:44:af:01:34:9f:ab:13:
cc:c5:4a:6c:70:73:1f:27:74:b8:0d:99:d2:e6:5e:b2:ff:e4:
9f:a8:96:c9:72:c9:9e:e0:3b:e6:0b:d8:31:ea:f4:92:ca:2c:
04:bf:1b:63:54:a0:66:76:fb:d2:27:d9:40:a8:b7:b8:8e:5b:
c0:40:67:13:8c:77:3e:b4:18:b0:b0:f5:3c:95:45:ec:b1:ac:
02:80:5b:16:f4:01:45:17:98:ed:cb:6d:8f:7b:84:9c:29:06:
bd:62:53:ce:e0:98:7e:4f:52:b2:91:4d:c5:08:8a:40:d9:0d:
d3:f2:46:83:f0:2d:79:b9:d1:4c:1c:6e:b2:64:03:72:b9:33:
50:b6:f9:75:26:27:f4:8f:2f:57:20:17:ae:f1:f4:51:f1:34:
12:0b:91:71:38:b9:7b:2a:2f:3f:d3:32:f4:ff:22:f2:71:98:
0f:7b:98:5f:c3:c1:ef:74:59:0a:77:f3:c8:5f:af:15:50:3c:
b2:7b:7b:11:27:1e:07:96:14:47:5b:cb:46:a0:0e:1f:d4:64:
98:15:fb:b0:1d:26:f1:cf:36:a4:89:b1:44:ed:d1:df:c8:ef:
16:47:43:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZP2ljq+VDoge3hy3bcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYmZhZDk3YTU4Y2I1MGNiZmM4NGVjODY1YWYzZDcxYzhi
MTg1YWYwHhcNMjMwMTAxMjA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI1ZTQ5YzA1NjRhODE1OGYwODljMDFhNTYxYzJlYWViOGU2ODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/AqGGsXfT+1gRoKMScC4sMs7XI1
uKE5iDV4cGWeyrC1PGMskBoNwlx57c2ipGyTQQjGWV1XwVRwV9sHEr8ZaAC1NGcI
xBS0kUhYzIVGjmO8fqyOX5PHt7mbsDKCLIEJdRoiXXkNz18iuEaMbnghP84VKSF7
JLqNt+IHCHxbYyVj8sXl6jRkKSIXwXn/0UOJO3liJnm71wB6eNtOlwh1A/LtQhj7
bAdI856kuCqE1Z19oj7Zt1DSDFDw82f864UsLNVZ57RzLhH/7Q4V4I/XwusGZ6q4
beu+lwCR6jkvZoSPj2BWhA+r/L6ck5GdPcXAUmqm7JfcV8WjOHz/dtfCbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG15JwFZKgVjwicAaVhwurrjmiEMB8GA1UdIwQY
MBaAFEG/rZeljLUMv8hOyGWvPXHIsYWvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWItdGw2V010UXlfeUU3SVphODljY2l4aGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kNDYwMDEtMTYwOS00NDg3LTkxNTAt
YmY3OGJiODVhNjllLzEvMGJYa25BVmtxQldQQ0p3QnBXSEM2dXVPYUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kNDYwMDEtMTYwOS00NDg3LTkxNTAtYmY3OGJiODVhNjll
LzEvUWItdGw2V010UXlfeUU3SVphODljY2l4aGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QygMA0G
CSqGSIb3DQEBCwUAA4IBAQAC4k6vcrv+/a2WPt/Oc1GOI1ZKHoy0UqUgWCquwkSv
ATSfqxPMxUpscHMfJ3S4DZnS5l6y/+SfqJbJcsme4DvmC9gx6vSSyiwEvxtjVKBm
dvvSJ9lAqLe4jlvAQGcTjHc+tBiwsPU8lUXssawCgFsW9AFFF5jty22Pe4ScKQa9
YlPO4Jh+T1KykU3FCIpA2Q3T8kaD8C15udFMHG6yZANyuTNQtvl1Jif0jy9XIBeu
8fRR8TQSC5FxOLl7Ki8/0zL0/yLycZgPe5hfw8HvdFkKd/PIX68VUDyye3sRJx4H
lhRHW8tGoA4f1GSYFfuwHSbxzzakibFE7dHfyO8WR0Mr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:40 2024 by rpki-client on console-fra.rpki-client.org