Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/0aWftGVkfgh44Wd7MrSJYpOlmqI.roa
File: 0aWftGVkfgh44Wd7MrSJYpOlmqI.roa (raw, json)
Hash identifier: 61q7wfVp5aMHffD6yWJC+0Dm1GGn/R2GlC6wbF5DZn8=
Subject key identifier: D1:A5:9F:B4:65:64:7E:08:78:E1:67:7B:32:B4:89:62:93:A5:9A:A2
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 0189990D86CFB78B9154D0F362AFA77C25DF
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/0aWftGVkfgh44Wd7MrSJYpOlmqI.roa
Signing time: Thu 27 Jul 2023 20:32:27 +0000
ROA not before: Thu 27 Jul 2023 20:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212849
IP address blocks: 217.150.215.0/24 maxlen: 24
217.150.216.0/22 maxlen: 24
217.150.217.0/24 maxlen: 24
217.150.218.0/24 maxlen: 24
217.150.219.0/24 maxlen: 24
217.150.220.0/24 maxlen: 24
217.150.222.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:99:0d:86:cf:b7:8b:91:54:d0:f3:62:af:a7:7c:25:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jul 27 20:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1a59fb465647e0878e1677b32b4896293a59aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b5:e2:54:e6:8c:cb:1d:f8:8f:3c:64:b5:1e:
72:a1:50:14:05:ad:9c:35:7d:00:f1:65:1b:6f:10:
ee:81:0e:ec:3d:25:b2:d9:10:6f:ef:93:36:2d:6c:
a1:ef:8b:44:87:21:1e:35:2b:ae:22:f4:33:4b:49:
e7:33:68:4c:df:81:46:e1:ef:c0:ba:4a:41:f9:73:
40:da:ee:c0:8c:9b:01:4d:72:cf:32:59:8e:98:18:
2f:58:8b:1d:ce:42:62:87:7d:81:f2:8b:50:b0:e4:
45:f3:95:2b:24:64:38:9b:d2:8a:20:0f:a0:99:38:
4a:2e:a4:e7:97:79:b4:77:75:41:32:ca:e2:22:67:
fc:34:c6:27:c6:46:db:7d:53:6b:9f:ab:06:cf:28:
8b:a6:e3:45:0d:09:88:7c:48:59:81:fa:03:3a:2a:
5c:b3:63:ab:f2:4a:5a:fa:6e:8c:24:bf:56:5d:d9:
8b:be:63:1d:28:65:eb:8b:54:31:49:64:35:06:20:
de:3a:d3:fc:ce:4a:12:03:b6:f8:ac:9b:86:34:ba:
ae:04:9a:34:cf:f1:3a:8f:bc:a1:05:92:e3:8a:cb:
89:05:bf:4e:6f:48:12:60:9e:67:21:3e:96:fa:d1:
bc:5c:49:3e:b3:7f:3c:58:b8:a1:83:20:25:78:13:
e8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A5:9F:B4:65:64:7E:08:78:E1:67:7B:32:B4:89:62:93:A5:9A:A2
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/0aWftGVkfgh44Wd7MrSJYpOlmqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.215.0-217.150.220.255
217.150.222.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:44:b7:3f:cd:ac:83:52:80:c4:83:9e:93:2c:39:81:5b:fb:
3d:d3:39:5d:66:4a:b1:65:a2:2c:c2:c9:af:ac:db:4c:7f:60:
c8:03:67:7e:ce:e6:d3:9b:f5:74:13:e2:0d:07:50:4e:16:ad:
c8:74:49:86:72:9f:a0:94:60:20:be:72:b9:b5:29:e6:d2:dc:
c1:e4:85:12:57:8d:06:99:59:fe:36:56:d4:46:0a:69:70:b0:
e0:b1:23:16:a8:e8:b0:db:4d:a1:fb:07:b1:21:46:15:f9:70:
21:53:b6:ed:21:62:ba:25:14:e1:aa:96:ab:fe:49:31:3d:f7:
cb:2a:a9:1d:3c:b8:fa:84:e0:2f:1c:c4:d2:e0:d1:01:0f:e7:
40:d1:b9:c8:e5:9f:bb:e3:c6:87:fc:f5:b0:d0:bd:2b:7d:c2:
1c:4d:3a:b8:81:68:90:89:b7:b2:0f:4d:3c:c4:4a:58:2f:ac:
e8:c9:92:6b:b1:da:b7:42:17:63:6d:a3:1a:64:d7:81:37:a3:
2f:c7:2a:14:ff:86:4e:9e:1e:4b:6d:7d:c9:2e:7f:84:d9:a6:
a7:b8:3f:12:b9:18:7b:3e:53:6e:cc:ef:8b:f7:1d:1c:67:a0:
61:85:30:87:f9:d8:45:4a:e9:03:35:06:35:ca:9a:97:48:f4:
2b:49:e4:77
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYmZDYbPt4uRVNDzYq+nfCXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwNzI3MjAzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE1OWZiNDY1NjQ3ZTA4NzhlMTY3N2IzMmI0ODk2MjkzYTU5YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrXiVOaMyx34jzxktR5yoVAUBa2c
NX0A8WUbbxDugQ7sPSWy2RBv75M2LWyh74tEhyEeNSuuIvQzS0nnM2hM34FG4e/A
ukpB+XNA2u7AjJsBTXLPMlmOmBgvWIsdzkJih32B8otQsORF85UrJGQ4m9KKIA+g
mThKLqTnl3m0d3VBMsriImf8NMYnxkbbfVNrn6sGzyiLpuNFDQmIfEhZgfoDOipc
s2Or8kpa+m6MJL9WXdmLvmMdKGXri1QxSWQ1BiDeOtP8zkoSA7b4rJuGNLquBJo0
z/E6j7yhBZLjisuJBb9Ob0gSYJ5nIT6W+tG8XEk+s388WLihgyAleBPo4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNGln7RlZH4IeOFnezK0iWKTpZqiMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvMGFXZnRHVmtmZ2g0NFdkN01yU0pZcE9sbXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADZltcD
BADZltwDBAHZlt4wDQYJKoZIhvcNAQELBQADggEBAAtEtz/NrINSgMSDnpMsOYFb
+z3TOV1mSrFloizCya+s20x/YMgDZ37O5tOb9XQT4g0HUE4Wrch0SYZyn6CUYCC+
crm1KebS3MHkhRJXjQaZWf42VtRGCmlwsOCxIxao6LDbTaH7B7EhRhX5cCFTtu0h
YrolFOGqlqv+STE998sqqR08uPqE4C8cxNLg0QEP50DRucjln7vjxof89bDQvSt9
whxNOriBaJCJt7IPTTzESlgvrOjJkmux2rdCF2Ntoxpk14E3oy/HKhT/hk6eHktt
fckuf4TZpqe4PxK5GHs+U27M74v3HRxnoGGFMIf52EVK6QM1BjXKmpdI9CtJ5Hc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:01 2024 by rpki-client on console-ams.rpki-client.org