Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/_XghUFSldfpeOdyBe2A8hHgEsWI.roa
File: _XghUFSldfpeOdyBe2A8hHgEsWI.roa (raw, json)
Hash identifier: Re6bMpqgaEEPzaGxaVeqLv2kUPLW3GoajI45Ps7GMSw=
Subject key identifier: FD:78:21:50:54:A5:75:FA:5E:39:DC:81:7B:60:3C:84:78:04:B1:62
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 018570C2C5D61B6C612D2CE5CF77D2A83576
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/_XghUFSldfpeOdyBe2A8hHgEsWI.roa
Signing time: Mon 02 Jan 2023 04:34:50 +0000
ROA not before: Mon 02 Jan 2023 04:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211471
IP address blocks: 217.150.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c5:d6:1b:6c:61:2d:2c:e5:cf:77:d2:a8:35:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 2 04:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd78215054a575fa5e39dc817b603c847804b162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f1:e0:d0:b6:45:da:dc:52:90:8b:2a:6a:19:
58:f8:67:e0:7f:e4:da:28:61:0f:a0:ae:b3:2a:5d:
af:3a:21:3f:b2:cf:34:5f:98:02:59:d9:93:ca:20:
06:87:f0:28:b8:12:02:6a:dc:f3:37:2b:e6:40:a8:
3c:3c:25:74:7e:3b:7c:cf:a1:2f:06:3f:6e:de:78:
90:d3:66:4a:0b:b6:76:7a:0b:9a:58:5a:da:01:67:
58:21:fb:1e:5c:2b:e6:34:a2:a7:0f:0e:f5:69:21:
49:08:50:fe:3b:75:3c:b1:30:44:8c:27:02:69:05:
05:55:22:f7:4c:ad:8c:ab:1f:0c:b3:f5:09:3a:74:
0a:eb:46:8d:a1:ba:df:e9:5a:07:3e:24:b4:8e:44:
24:1e:4b:d5:c9:83:5f:db:ac:38:0e:80:76:88:d0:
e0:6c:88:71:5b:08:27:3e:48:a1:09:67:4f:39:fb:
ad:c9:ae:c1:67:72:54:b0:78:f9:ec:8e:eb:88:45:
72:19:f6:58:84:fe:8c:e9:d6:43:70:42:04:f7:40:
b9:91:82:a4:2f:ad:4e:9b:38:7e:5f:77:45:00:ff:
30:23:13:3e:6f:13:c0:a5:51:34:c7:1a:65:c0:f1:
1d:22:f4:3b:a9:df:3e:e3:7f:85:ba:91:9d:15:19:
8d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:78:21:50:54:A5:75:FA:5E:39:DC:81:7B:60:3C:84:78:04:B1:62
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/_XghUFSldfpeOdyBe2A8hHgEsWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.221.0/24
Signature Algorithm: sha256WithRSAEncryption
47:32:8f:f6:72:38:70:b8:0d:fb:c8:69:c6:eb:fd:12:e1:f1:
9b:d3:06:39:3c:3c:c4:99:98:f7:92:86:a7:7d:0d:75:54:ea:
9a:93:bb:d3:ec:82:d0:08:21:44:6e:94:f1:8f:0f:a0:8d:d7:
3b:17:2b:7f:4e:49:ed:cc:7f:5d:dd:a3:a8:f2:fb:3f:5b:aa:
90:fb:b5:48:98:e0:00:73:6c:a2:63:c8:31:33:d5:a9:7b:7c:
36:6b:91:cf:93:0b:c2:00:36:ce:94:0c:23:37:2c:f8:02:d5:
a9:60:21:05:e8:5b:06:ed:7c:6a:c2:e4:bb:4c:30:7b:09:d1:
14:1a:a1:94:e0:b0:20:6a:ee:03:95:63:d9:b4:26:06:94:95:
4d:f7:84:52:ea:3c:4f:f3:dd:2e:d9:7b:5c:54:70:5d:8b:eb:
9f:2e:6d:a9:34:3f:20:de:3d:35:8d:65:d6:da:7b:2f:71:c2:
75:dd:7d:8b:66:78:13:38:fe:a0:2a:79:cd:82:40:9b:c1:7a:
cc:b9:84:46:90:ed:77:71:40:04:38:30:68:86:c0:f8:8b:00:
e4:b1:2a:23:d9:02:fc:b6:08:01:e7:88:52:87:17:24:52:f2:
d3:02:7a:ad:40:9a:6e:da:9f:84:1d:88:31:74:7b:25:62:06:
18:7c:c2:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwsXWG2xhLSzlz3fSqDV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwMTAyMDQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc4MjE1MDU0YTU3NWZhNWUzOWRjODE3YjYwM2M4NDc4MDRiMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPHg0LZF2txSkIsqahlY+Gfgf+Ta
KGEPoK6zKl2vOiE/ss80X5gCWdmTyiAGh/AouBICatzzNyvmQKg8PCV0fjt8z6Ev
Bj9u3niQ02ZKC7Z2eguaWFraAWdYIfseXCvmNKKnDw71aSFJCFD+O3U8sTBEjCcC
aQUFVSL3TK2Mqx8Ms/UJOnQK60aNobrf6VoHPiS0jkQkHkvVyYNf26w4DoB2iNDg
bIhxWwgnPkihCWdPOfutya7BZ3JUsHj57I7riEVyGfZYhP6M6dZDcEIE90C5kYKk
L61Omzh+X3dFAP8wIxM+bxPApVE0xxplwPEdIvQ7qd8+43+FupGdFRmNqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP14IVBUpXX6XjncgXtgPIR4BLFiMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvX1hnaFVGU2xkZnBlT2R5QmUyQThoSGdFc1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZbdMA0G
CSqGSIb3DQEBCwUAA4IBAQBHMo/2cjhwuA37yGnG6/0S4fGb0wY5PDzEmZj3koan
fQ11VOqak7vT7ILQCCFEbpTxjw+gjdc7Fyt/TkntzH9d3aOo8vs/W6qQ+7VImOAA
c2yiY8gxM9Wpe3w2a5HPkwvCADbOlAwjNyz4AtWpYCEF6FsG7XxqwuS7TDB7CdEU
GqGU4LAgau4DlWPZtCYGlJVN94RS6jxP890u2XtcVHBdi+ufLm2pND8g3j01jWXW
2nsvccJ13X2LZngTOP6gKnnNgkCbwXrMuYRGkO13cUAEODBohsD4iwDksSoj2QL8
tggB54hShxckUvLTAnqtQJpu2p+EHYgxdHslYgYYfMIW
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:01 2024 by rpki-client on console-ams.rpki-client.org