Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/JSvJRt0ssqrQVy9lh47RUkNL8y4.roa
File: JSvJRt0ssqrQVy9lh47RUkNL8y4.roa (raw, json)
Hash identifier: 8FVoFMdNfgVpu6ae1bdBfU4lSj4VyXFXxndM9XR74Zo=
Subject key identifier: 25:2B:C9:46:DD:2C:B2:AA:D0:57:2F:65:87:8E:D1:52:43:4B:F3:2E
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 018570C2C3BA95FBC91C8259892DD1F0D871
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/JSvJRt0ssqrQVy9lh47RUkNL8y4.roa
Signing time: Mon 02 Jan 2023 04:34:50 +0000
ROA not before: Mon 02 Jan 2023 04:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39263
IP address blocks: 217.150.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c3:ba:95:fb:c9:1c:82:59:89:2d:d1:f0:d8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 2 04:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=252bc946dd2cb2aad0572f65878ed152434bf32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3b:93:e7:8a:d3:ed:28:f2:e4:93:38:b8:91:
3a:22:e2:79:7f:21:ac:83:2b:04:42:01:f0:a4:99:
cb:b4:ad:e3:65:d8:ab:10:c3:8e:00:b8:ab:e8:c4:
bf:91:c3:a5:6d:5e:bb:aa:82:46:3b:eb:09:29:6d:
9f:df:36:19:ea:ce:bb:2e:12:96:f3:be:23:6e:39:
f7:43:68:54:0c:01:b0:93:ea:9a:73:44:70:9c:c2:
45:4f:40:90:6c:cd:b2:4a:37:10:0f:17:57:2e:b4:
82:25:8e:dd:4f:a5:bd:3d:91:1f:d2:55:b2:04:df:
0d:b5:02:d9:fd:e9:6b:4a:3b:0b:08:44:fc:78:7e:
39:e4:18:e3:6c:2d:72:65:62:4a:c2:0a:1b:4b:3b:
c3:34:bf:65:0a:9a:6c:66:73:aa:0a:c7:c0:f5:8f:
08:d2:02:67:49:93:61:30:b3:60:ea:66:3d:69:e8:
2c:4f:56:77:7d:c2:41:3a:68:6b:66:71:67:22:0f:
be:31:6c:2a:77:4c:74:d5:03:e4:16:db:a4:8a:7b:
c5:dc:fc:e9:b1:e9:74:12:f7:fb:17:45:27:5a:d3:
d3:33:c8:61:44:48:e8:35:69:31:49:ff:67:7b:61:
86:5b:42:14:c1:f6:d1:64:cc:ca:be:f7:34:d3:fc:
6b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2B:C9:46:DD:2C:B2:AA:D0:57:2F:65:87:8E:D1:52:43:4B:F3:2E
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/JSvJRt0ssqrQVy9lh47RUkNL8y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.209.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:10:ca:47:6b:3c:4a:a0:e7:e8:86:80:5f:6e:ae:ad:98:4b:
83:ca:ac:ea:25:ed:bd:3e:5e:83:2d:75:af:fb:ea:7d:6e:40:
f0:2c:f8:00:76:fd:d5:33:81:76:81:e0:cc:2b:93:1f:20:e9:
55:a7:e6:80:85:83:78:45:eb:20:1b:1a:de:ac:5f:c9:05:dc:
34:ff:2a:74:e9:8c:3a:28:83:5d:6f:fe:f4:e4:6d:51:26:6d:
4d:27:10:f0:4b:cb:3b:1b:3c:00:2d:7d:57:dc:43:1a:79:2a:
56:93:14:56:fa:aa:32:99:1b:bd:7d:a6:05:35:ed:a3:43:94:
0d:6a:a3:0a:e9:55:93:d5:2f:21:8f:df:1d:14:32:3c:5c:9c:
19:14:fe:f3:5d:58:e0:63:f0:7c:d0:fe:6d:35:3f:48:77:63:
5c:9e:74:33:79:9d:fd:13:be:6c:0a:57:f2:ff:4e:20:33:18:
85:6d:d9:08:fa:30:f4:4a:14:2a:0e:08:89:91:03:c3:e5:70:
9e:1e:9e:9d:5f:cb:fc:24:f4:3b:a1:38:4d:db:b0:47:0a:51:
cc:57:c8:58:33:8e:94:e8:ef:b6:21:ab:04:e2:92:5c:8f:aa:
c4:ee:92:83:e8:0e:21:7a:dc:ac:3d:15:19:9d:05:db:04:b6:
da:30:37:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwsO6lfvJHIJZiS3R8NhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwMTAyMDQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJiYzk0NmRkMmNiMmFhZDA1NzJmNjU4NzhlZDE1MjQzNGJmMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzuT54rT7Sjy5JM4uJE6IuJ5fyGs
gysEQgHwpJnLtK3jZdirEMOOALir6MS/kcOlbV67qoJGO+sJKW2f3zYZ6s67LhKW
874jbjn3Q2hUDAGwk+qac0RwnMJFT0CQbM2ySjcQDxdXLrSCJY7dT6W9PZEf0lWy
BN8NtQLZ/elrSjsLCET8eH455BjjbC1yZWJKwgobSzvDNL9lCppsZnOqCsfA9Y8I
0gJnSZNhMLNg6mY9aegsT1Z3fcJBOmhrZnFnIg++MWwqd0x01QPkFtukinvF3Pzp
sel0Evf7F0UnWtPTM8hhREjoNWkxSf9ne2GGW0IUwfbRZMzKvvc00/xrtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUryUbdLLKq0FcvZYeO0VJDS/MuMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvSlN2SlJ0MHNzcXJRVnk5bGg0N1JVa05MOHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZbRMA0G
CSqGSIb3DQEBCwUAA4IBAQBdEMpHazxKoOfohoBfbq6tmEuDyqzqJe29Pl6DLXWv
++p9bkDwLPgAdv3VM4F2geDMK5MfIOlVp+aAhYN4ResgGxrerF/JBdw0/yp06Yw6
KINdb/705G1RJm1NJxDwS8s7GzwALX1X3EMaeSpWkxRW+qoymRu9faYFNe2jQ5QN
aqMK6VWT1S8hj98dFDI8XJwZFP7zXVjgY/B80P5tNT9Id2NcnnQzeZ39E75sClfy
/04gMxiFbdkI+jD0ShQqDgiJkQPD5XCeHp6dX8v8JPQ7oThN27BHClHMV8hYM46U
6O+2IasE4pJcj6rE7pKD6A4hetysPRUZnQXbBLbaMDcx
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:25 2024 by rpki-client on console-fra.rpki-client.org