Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/_bVTI01heSfBMb0LJ6SY5NQGT54.roa
File: _bVTI01heSfBMb0LJ6SY5NQGT54.roa (raw, json)
Hash identifier: ZqCZQJksN33bmEJiOhv7sW7eFA3fsP4dbYw7sif4wE4=
Subject key identifier: FD:B5:53:23:4D:61:79:27:C1:31:BD:0B:27:A4:98:E4:D4:06:4F:9E
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018E218DE15C79F02ACE8BE458699AC175FE
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/_bVTI01heSfBMb0LJ6SY5NQGT54.roa
Signing time: Sat 09 Mar 2024 04:52:10 +0000
ROA not before: Sat 09 Mar 2024 04:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 12:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:21:8d:e1:5c:79:f0:2a:ce:8b:e4:58:69:9a:c1:75:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Mar 9 04:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdb553234d617927c131bd0b27a498e4d4064f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c4:60:89:5a:74:41:c7:f6:34:35:b8:59:5d:
86:d8:01:8a:a7:d8:16:ff:e1:b0:fa:c6:fe:f0:20:
d1:0d:fc:63:46:56:63:d1:22:85:8f:28:78:6f:c5:
a4:38:9b:35:58:d8:76:8e:c7:35:9d:9a:38:c1:c7:
7e:03:03:ed:9d:90:c5:b7:46:26:2b:da:fb:f8:c6:
90:01:ca:fb:3f:2c:8c:73:05:a8:21:7b:c0:22:00:
48:81:70:ea:a0:04:66:95:71:0b:41:14:f8:1f:c7:
3d:e8:26:87:33:10:d4:b8:2a:ff:bb:ef:32:07:82:
24:bf:6d:27:07:ee:d9:4a:a8:97:c0:02:99:ad:34:
cc:fb:4a:7d:9d:cc:ea:6d:2d:da:49:50:1b:70:6a:
56:da:47:49:80:85:3a:0b:f7:62:7f:6f:c2:56:f4:
49:c2:d1:d1:db:ab:5c:c3:50:70:fc:fc:2e:e3:2d:
1f:e6:8a:cd:48:f6:18:e9:32:55:ef:c8:5f:38:2f:
8f:4a:f5:c7:26:8c:07:1d:b1:f5:e2:8e:1d:33:e2:
06:66:a8:a1:39:6e:9e:58:64:f3:ef:76:1a:5d:33:
d4:a8:1c:96:af:e6:39:8d:d7:7f:2a:5c:ff:34:44:
ec:9b:6b:fb:82:57:cf:f0:30:94:0c:45:8e:eb:fc:
4f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B5:53:23:4D:61:79:27:C1:31:BD:0B:27:A4:98:E4:D4:06:4F:9E
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/_bVTI01heSfBMb0LJ6SY5NQGT54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.249.0/24
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:cc:ac:43:df:c5:c2:01:f8:47:55:58:ea:e3:67:63:e6:40:
c2:4a:b5:20:c8:d9:40:75:59:88:67:3b:e4:5e:02:17:79:92:
33:d7:41:82:6b:92:e7:71:3a:98:a2:d3:0f:08:87:6d:b0:3e:
45:84:f6:ae:96:07:fd:df:b2:e5:aa:b3:ef:e3:77:ba:5b:76:
43:73:72:2f:ef:cd:8f:a4:8d:0f:8c:fc:d1:af:d9:32:03:34:
b8:6d:e8:9c:33:68:39:8c:8f:46:64:26:f8:6d:45:70:8e:27:
f8:ff:e7:c8:33:19:90:63:5c:cb:5a:86:51:7e:23:53:68:1f:
39:06:d8:a2:0d:68:45:6f:ef:81:86:92:d4:b6:16:3c:6a:66:
bc:7e:cf:06:da:e8:24:ca:af:8c:2b:5f:a9:69:00:0e:b8:46:
52:a4:3a:41:05:45:60:61:a6:cd:b6:40:be:8c:2a:85:bd:59:
3d:5f:99:6a:04:db:44:51:bb:f5:7b:55:70:6f:ea:33:91:9c:
4f:2f:9c:ee:98:e2:3f:ce:4e:c4:cb:c4:f3:76:d5:c6:2e:4b:
40:b9:56:11:74:cb:55:96:b2:96:3a:d0:8d:89:3a:d2:57:68:
43:4c:ef:bc:cc:15:f8:a0:95:b4:6d:42:13:dc:66:bc:3f:2a:
ed:6f:35:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4hjeFcefAqzovkWGmawXX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMzA5MDQ1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGI1NTMyMzRkNjE3OTI3YzEzMWJkMGIyN2E0OThlNGQ0MDY0ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicRgiVp0Qcf2NDW4WV2G2AGKp9gW
/+Gw+sb+8CDRDfxjRlZj0SKFjyh4b8WkOJs1WNh2jsc1nZo4wcd+AwPtnZDFt0Ym
K9r7+MaQAcr7PyyMcwWoIXvAIgBIgXDqoARmlXELQRT4H8c96CaHMxDUuCr/u+8y
B4Ikv20nB+7ZSqiXwAKZrTTM+0p9nczqbS3aSVAbcGpW2kdJgIU6C/dif2/CVvRJ
wtHR26tcw1Bw/Pwu4y0f5orNSPYY6TJV78hfOC+PSvXHJowHHbH14o4dM+IGZqih
OW6eWGTz73YaXTPUqByWr+Y5jdd/Klz/NETsm2v7glfP8DCUDEWO6/xPZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP21UyNNYXknwTG9CyekmOTUBk+eMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvX2JWVEkwMWhlU2ZCTWIwTEo2U1k1TlFHVDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2Tz5AwQA
2Tz8MA0GCSqGSIb3DQEBCwUAA4IBAQC5zKxD38XCAfhHVVjq42dj5kDCSrUgyNlA
dVmIZzvkXgIXeZIz10GCa5LncTqYotMPCIdtsD5FhPaulgf937LlqrPv43e6W3ZD
c3Iv782PpI0PjPzRr9kyAzS4beicM2g5jI9GZCb4bUVwjif4/+fIMxmQY1zLWoZR
fiNTaB85BtiiDWhFb++BhpLUthY8ama8fs8G2ugkyq+MK1+paQAOuEZSpDpBBUVg
YabNtkC+jCqFvVk9X5lqBNtEUbv1e1Vwb+ozkZxPL5zumOI/zk7Ey8TzdtXGLktA
uVYRdMtVlrKWOtCNiTrSV2hDTO+8zBX4oJW0bUIT3Ga8PyrtbzXa
-----END CERTIFICATE-----
Generated at Tue Mar 12 17:24:40 2024 by rpki-client on console-fra.rpki-client.org