Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/oZHJorjiQOmS7NsEeRMOI3ku_o8.roa
File: oZHJorjiQOmS7NsEeRMOI3ku_o8.roa (raw, json)
Hash identifier: JQJFdzwL1N5hY9znb797dQ4U36D5+RB+DudIRF5ztBA=
Subject key identifier: A1:91:C9:A2:B8:E2:40:E9:92:EC:DB:04:79:13:0E:23:79:2E:FE:8F
Certificate issuer: /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial: 018B6176C6E69AF0F3718F9F2C541EB227B8
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/oZHJorjiQOmS7NsEeRMOI3ku_o8.roa
Signing time: Tue 24 Oct 2023 11:34:15 +0000
ROA not before: Tue 24 Oct 2023 11:34:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212830
IP address blocks: 217.67.164.0/24 maxlen: 24
217.67.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:76:c6:e6:9a:f0:f3:71:8f:9f:2c:54:1e:b2:27:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Validity
Not Before: Oct 24 11:34:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a191c9a2b8e240e992ecdb0479130e23792efe8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e1:88:9c:b4:a6:d0:88:a7:73:35:17:20:93:
ac:b4:d3:e2:92:e4:3c:29:55:52:33:13:4c:55:c2:
78:1e:a6:1b:76:9f:36:fd:07:ff:ef:f1:ad:77:2d:
53:25:92:e1:6b:7a:8e:6f:05:9b:f5:93:7b:ec:a3:
ab:6d:c4:99:49:91:ef:aa:30:51:2f:91:f9:9b:bd:
6e:81:26:00:66:12:b4:d0:96:95:e6:af:7d:eb:64:
45:3d:49:4e:68:18:8b:74:8d:66:f3:37:6e:76:59:
5e:b2:13:c1:11:39:bf:03:76:2d:a1:99:c1:c9:36:
c5:d0:2b:de:4b:1a:fc:7c:88:01:e6:d7:bd:df:b3:
76:d6:27:b6:4f:22:58:2d:ce:d2:fd:54:56:02:bd:
24:3d:26:12:71:6d:e3:b6:7d:77:c9:7f:b6:13:3d:
95:b4:8b:4c:db:e8:ae:04:62:1e:86:0b:f8:d6:13:
5f:e0:eb:cb:ac:86:61:06:bf:d1:9e:04:9f:55:be:
1c:9c:a9:59:49:ec:33:c6:3b:ab:32:ec:4f:63:84:
24:95:60:3c:ee:dd:a7:9b:f9:af:29:ed:01:02:2e:
3c:a1:11:28:c2:b2:ff:e9:a8:e5:6c:e2:96:1e:77:
37:15:d1:01:3c:bf:ec:89:cd:d6:cb:e2:69:66:7f:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:91:C9:A2:B8:E2:40:E9:92:EC:DB:04:79:13:0E:23:79:2E:FE:8F
X509v3 Authority Key Identifier:
keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/oZHJorjiQOmS7NsEeRMOI3ku_o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.164.0/24
217.67.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:95:b0:33:8a:c4:7c:14:7e:51:ff:1f:73:92:91:4f:91:0c:
bf:23:f1:1c:87:06:0c:d1:f6:a2:7f:31:b4:da:12:9b:29:0f:
39:6d:d6:73:d9:03:cb:90:f0:65:2f:c9:22:64:57:e9:ab:d1:
6a:04:7c:15:3f:22:9b:37:90:94:8b:52:4b:2d:4f:b7:27:70:
06:95:ea:99:5a:9b:c9:80:12:43:8c:8b:a7:be:03:5e:0a:c2:
d0:73:98:e3:22:f4:43:ef:45:93:8d:57:77:2a:e4:e5:5f:56:
9b:19:82:eb:1f:51:61:f8:62:7a:d7:c7:27:08:d6:91:91:97:
fd:49:f5:a4:a6:bb:66:d4:38:7b:84:dd:6b:af:59:4e:c4:ea:
ef:22:07:b6:92:46:f4:21:2d:a0:e6:2b:54:51:0c:3a:10:a7:
54:04:e2:26:0a:30:6c:57:6e:36:7a:75:ce:4f:47:59:04:14:
67:45:5f:40:89:e4:a3:48:44:a8:d6:d5:7e:d1:42:a1:2a:1d:
e9:98:19:bd:04:af:e4:0b:cc:b2:05:ce:41:26:df:15:24:c5:
b3:c3:fa:99:f6:32:a9:bc:3c:39:52:6c:92:45:a0:0c:3a:69:
96:f6:f6:4e:16:65:d9:50:a7:11:ef:8c:fd:33:ad:26:99:59:
ca:24:8f:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYthdsbmmvDzcY+fLFQesie4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjMxMDI0MTEzNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTkxYzlhMmI4ZTI0MGU5OTJlY2RiMDQ3OTEzMGUyMzc5MmVmZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOGInLSm0IinczUXIJOstNPikuQ8
KVVSMxNMVcJ4HqYbdp82/Qf/7/Gtdy1TJZLha3qObwWb9ZN77KOrbcSZSZHvqjBR
L5H5m71ugSYAZhK00JaV5q9962RFPUlOaBiLdI1m8zdudlleshPBETm/A3YtoZnB
yTbF0CveSxr8fIgB5te937N21ie2TyJYLc7S/VRWAr0kPSYScW3jtn13yX+2Ez2V
tItM2+iuBGIehgv41hNf4OvLrIZhBr/RngSfVb4cnKlZSewzxjurMuxPY4QklWA8
7t2nm/mvKe0BAi48oREowrL/6ajlbOKWHnc3FdEBPL/sic3Wy+JpZn/oFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGRyaK44kDpkuzbBHkTDiN5Lv6PMB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvb1pISm9yamlRT21TN05zRWVSTU9JM2t1X284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2UOkAwQC
2UOsMA0GCSqGSIb3DQEBCwUAA4IBAQAdlbAzisR8FH5R/x9zkpFPkQy/I/EchwYM
0faifzG02hKbKQ85bdZz2QPLkPBlL8kiZFfpq9FqBHwVPyKbN5CUi1JLLU+3J3AG
leqZWpvJgBJDjIunvgNeCsLQc5jjIvRD70WTjVd3KuTlX1abGYLrH1Fh+GJ618cn
CNaRkZf9SfWkprtm1Dh7hN1rr1lOxOrvIge2kkb0IS2g5itUUQw6EKdUBOImCjBs
V242enXOT0dZBBRnRV9AieSjSESo1tV+0UKhKh3pmBm9BK/kC8yyBc5BJt8VJMWz
w/qZ9jKpvDw5UmySRaAMOmmW9vZOFmXZUKcR74z9M60mmVnKJI8+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:04 2024 by rpki-client on console-ams.rpki-client.org