Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/qdC8W49RXoy-vSAHo0pnGzORp_A.roa
File: qdC8W49RXoy-vSAHo0pnGzORp_A.roa (raw, json)
Hash identifier: 3zDz8APlIKtmuGzNL5DT/Qm/JEw/HNnNxBVpq/DgXks=
Subject key identifier: A9:D0:BC:5B:8F:51:5E:8C:BE:BD:20:07:A3:4A:67:1B:33:91:A7:F0
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0192BFF720AE246A51CFFED05344071AC5E7
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/qdC8W49RXoy-vSAHo0pnGzORp_A.roa
Signing time: Thu 24 Oct 2024 19:18:16 +0000
ROA not before: Thu 24 Oct 2024 19:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216344
IP address blocks: 217.114.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:f7:20:ae:24:6a:51:cf:fe:d0:53:44:07:1a:c5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Oct 24 19:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9d0bc5b8f515e8cbebd2007a34a671b3391a7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:12:91:da:78:a1:0e:db:38:d3:e7:76:b6:6e:
f8:59:bc:b1:fc:ec:d0:ba:8c:4a:bf:33:e9:0e:ff:
5a:ca:62:9c:7c:82:7f:6d:9e:99:75:4b:22:da:28:
ef:8a:75:51:a8:0c:8d:d3:3f:16:5a:84:09:7d:3f:
f3:01:11:be:d9:79:92:aa:bb:4f:c5:cf:8a:b3:ae:
62:bf:75:58:b6:3f:60:a0:d1:7c:39:86:29:e6:9d:
50:30:e3:1c:d2:64:65:2a:8b:30:91:a7:a1:5e:98:
d2:0e:a6:be:21:ed:c2:99:10:20:9c:87:b2:46:f0:
f0:de:85:12:16:80:c6:48:a7:2b:b2:52:f6:20:ac:
d8:85:44:1c:7f:61:e0:ab:cd:d9:70:1b:54:ac:c4:
7c:7c:ce:c7:01:dd:1d:90:b9:b7:4a:e0:1e:4d:53:
b4:bf:04:4a:be:39:3e:83:0f:7f:9c:56:f8:74:62:
a4:c9:ee:56:22:cd:f1:c2:91:bd:0c:48:0f:f4:85:
69:1b:4f:02:93:c8:4a:f2:72:7c:74:1a:53:4e:4d:
0f:b3:95:b0:0b:57:3e:6e:be:dd:15:a4:b7:da:0b:
14:af:a4:32:14:4f:be:97:8c:47:ef:d2:08:d7:5f:
79:4e:ad:65:65:e1:82:9c:c8:62:7d:86:ec:17:a9:
16:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D0:BC:5B:8F:51:5E:8C:BE:BD:20:07:A3:4A:67:1B:33:91:A7:F0
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/qdC8W49RXoy-vSAHo0pnGzORp_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.40.0/24
Signature Algorithm: sha256WithRSAEncryption
48:40:d4:bd:5f:e0:87:b4:a8:c6:56:f7:6a:ea:e6:68:1a:8a:
c1:dc:fd:13:20:00:ff:0c:d4:34:0f:c8:9e:04:7d:b6:9d:e7:
89:54:24:bc:63:b4:72:12:09:b1:66:bd:2f:6c:df:8a:63:95:
53:aa:0f:45:cb:2d:53:de:7c:34:72:17:3a:1f:81:b3:ec:cc:
39:b2:f3:bd:e2:73:86:c1:26:39:07:ce:26:f5:01:a6:27:59:
08:10:95:75:26:8c:0f:69:4a:b7:5e:67:1d:1e:6b:d0:85:f6:
7d:2d:dd:24:03:e4:db:68:30:60:dc:5c:8a:45:8b:85:a7:85:
ed:4d:21:c2:30:d6:44:93:96:a1:dd:08:b5:2b:17:da:b8:a2:
c5:73:40:b9:48:1d:ac:9a:34:8d:7b:1e:0f:2b:b0:dd:90:70:
49:a9:86:0c:ea:a6:04:35:a3:15:6b:62:29:1e:9b:3c:36:fd:
eb:8b:c5:44:aa:13:c2:14:59:30:3d:7e:54:5d:5b:a2:8c:bc:
09:2e:27:17:e0:4c:1c:f5:6e:84:b5:91:9e:31:be:09:cb:a3:
75:9a:c3:2b:84:27:6b:09:1c:d6:e9:e7:90:72:8a:9e:24:e6:
47:a5:59:48:9f:55:71:7f:c1:d2:8d:7d:f4:75:19:28:24:e2:
78:0f:80:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK/9yCuJGpRz/7QU0QHGsXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQxMDI0MTkxODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQwYmM1YjhmNTE1ZThjYmViZDIwMDdhMzRhNjcxYjMzOTFhN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RKR2nihDts40+d2tm74Wbyx/OzQ
uoxKvzPpDv9aymKcfIJ/bZ6ZdUsi2ijvinVRqAyN0z8WWoQJfT/zARG+2XmSqrtP
xc+Ks65iv3VYtj9goNF8OYYp5p1QMOMc0mRlKoswkaehXpjSDqa+Ie3CmRAgnIey
RvDw3oUSFoDGSKcrslL2IKzYhUQcf2Hgq83ZcBtUrMR8fM7HAd0dkLm3SuAeTVO0
vwRKvjk+gw9/nFb4dGKkye5WIs3xwpG9DEgP9IVpG08Ck8hK8nJ8dBpTTk0Ps5Ww
C1c+br7dFaS32gsUr6QyFE++l4xH79II1195Tq1lZeGCnMhifYbsF6kWUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnQvFuPUV6Mvr0gB6NKZxszkafwMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvcWRDOFc0OVJYb3ktdlNBSG8wcG5Hek9ScF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIoMA0G
CSqGSIb3DQEBCwUAA4IBAQBIQNS9X+CHtKjGVvdq6uZoGorB3P0TIAD/DNQ0D8ie
BH22neeJVCS8Y7RyEgmxZr0vbN+KY5VTqg9Fyy1T3nw0chc6H4Gz7Mw5svO94nOG
wSY5B84m9QGmJ1kIEJV1JowPaUq3XmcdHmvQhfZ9Ld0kA+TbaDBg3FyKRYuFp4Xt
TSHCMNZEk5ah3Qi1KxfauKLFc0C5SB2smjSNex4PK7DdkHBJqYYM6qYENaMVa2Ip
Hps8Nv3ri8VEqhPCFFkwPX5UXVuijLwJLicX4Ewc9W6EtZGeMb4Jy6N1msMrhCdr
CRzW6eeQcoqeJOZHpVlIn1Vxf8HSjX30dRkoJOJ4D4C0
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:45:11 2025 by rpki-client