Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/dID4sjn7-9KMlBCVJDcoFEGg9mY.roa
File: dID4sjn7-9KMlBCVJDcoFEGg9mY.roa (raw, json)
Hash identifier: DiIPGfmCZ4VQ/iUYqOibt83PuheOYKY4buhzj/mr4Ac=
Subject key identifier: 74:80:F8:B2:39:FB:FB:D2:8C:94:10:95:24:37:28:14:41:A0:F6:66
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 018570C2C5644252A0DFEDC9CDEF01C8C675
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/dID4sjn7-9KMlBCVJDcoFEGg9mY.roa
Signing time: Mon 02 Jan 2023 04:34:50 +0000
ROA not before: Mon 02 Jan 2023 04:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208528
IP address blocks: 217.150.217.0/24 maxlen: 24
217.150.216.0/24 maxlen: 24
217.150.215.0/24 maxlen: 24
217.150.214.0/24 maxlen: 24
217.150.219.0/24 maxlen: 24
217.150.218.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c5:64:42:52:a0:df:ed:c9:cd:ef:01:c8:c6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 2 04:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7480f8b239fbfbd28c9410952437281441a0f666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:df:1b:a3:75:0b:34:fc:3e:ab:7e:a8:8c:82:
f8:06:ac:85:07:c3:df:9a:50:08:98:33:cc:78:0f:
e3:6e:c9:5b:47:a2:92:fa:35:48:43:7a:93:a3:a1:
df:a0:bb:24:0f:88:ca:ce:f9:6a:db:6f:f1:93:e9:
bc:a2:4d:44:ec:34:af:fc:01:22:60:85:11:40:14:
20:10:50:28:ff:d5:73:f6:3b:8b:4a:51:f1:58:24:
c1:e6:b4:ad:ab:f1:e0:1b:93:9b:5e:71:65:fb:df:
8c:eb:01:9b:9d:c5:32:e2:5d:dc:be:32:6d:3b:a7:
24:8a:04:33:01:ca:16:48:c5:93:a6:ae:73:e0:00:
b4:b2:47:98:4f:79:02:23:2a:d5:c2:47:b9:fd:df:
46:19:ab:3a:2f:bc:20:a1:6c:51:bd:85:7b:9b:a0:
4e:83:93:c3:f5:28:ae:de:ab:7d:f4:44:b4:05:79:
bd:fd:6d:66:d6:e0:0c:ae:3b:f9:71:07:07:81:89:
5f:59:8f:ec:00:57:62:84:13:32:1b:f5:73:2e:27:
84:77:cc:77:e7:48:5a:f2:a2:e7:b0:b5:73:c3:27:
65:11:36:ca:fe:2b:07:4d:06:34:40:bd:64:ae:4c:
94:c8:7a:b3:e9:4f:25:31:c1:0b:87:33:e2:8b:b3:
8a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:80:F8:B2:39:FB:FB:D2:8C:94:10:95:24:37:28:14:41:A0:F6:66
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/dID4sjn7-9KMlBCVJDcoFEGg9mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.214.0-217.150.219.255
217.150.223.0/24
Signature Algorithm: sha256WithRSAEncryption
76:42:ed:98:45:2d:e4:02:0d:4b:f2:b3:08:85:43:3e:25:00:
69:9c:6b:a8:b2:67:14:ef:cd:c7:64:e4:d9:25:82:c7:bf:e5:
bf:2c:f3:91:ee:33:86:91:80:e6:91:cb:cd:3b:12:cd:bc:72:
6a:24:92:0e:65:19:b1:df:65:d8:34:74:0a:d4:24:1a:fc:97:
03:85:82:3d:9d:04:02:ce:f9:c0:70:d5:03:6d:4a:60:db:09:
fa:f3:34:26:ad:87:cf:20:eb:97:39:eb:9e:69:9d:87:b2:6d:
2f:f1:cd:15:ab:73:8c:a1:65:e5:de:45:73:63:ef:3c:08:cb:
38:7f:41:5d:2e:84:dd:81:d8:de:3c:69:da:97:db:9f:b3:bf:
f6:95:77:cf:0a:4b:36:10:66:68:13:7b:38:d7:38:a4:06:08:
f8:7b:ff:a7:92:37:e0:c7:97:d8:3f:63:d2:d5:bc:1d:33:0d:
14:38:c1:68:f6:fe:35:b0:bc:b9:f3:79:13:c2:10:53:8e:e8:
00:93:54:42:b4:2f:78:57:37:19:ec:58:6e:d7:c8:7d:d1:c2:
51:09:10:a3:02:f7:33:3a:3b:36:c8:69:2c:e2:01:c1:99:b2:
a8:bf:61:98:a7:45:c3:a7:e5:3a:25:c0:48:28:7b:85:30:2e:
2d:c8:77:09
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwwsVkQlKg3+3Jze8ByMZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwMTAyMDQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDgwZjhiMjM5ZmJmYmQyOGM5NDEwOTUyNDM3MjgxNDQxYTBmNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN8bo3ULNPw+q36ojIL4BqyFB8Pf
mlAImDPMeA/jbslbR6KS+jVIQ3qTo6HfoLskD4jKzvlq22/xk+m8ok1E7DSv/AEi
YIURQBQgEFAo/9Vz9juLSlHxWCTB5rStq/HgG5ObXnFl+9+M6wGbncUy4l3cvjJt
O6ckigQzAcoWSMWTpq5z4AC0skeYT3kCIyrVwke5/d9GGas6L7wgoWxRvYV7m6BO
g5PD9Siu3qt99ES0BXm9/W1m1uAMrjv5cQcHgYlfWY/sAFdihBMyG/VzLieEd8x3
50ha8qLnsLVzwydlETbK/isHTQY0QL1krkyUyHqz6U8lMcELhzPii7OKuwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHSA+LI5+/vSjJQQlSQ3KBRBoPZmMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvZElENHNqbjctOUtNbEJDVkpEY29GRUdnOW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAHZltYD
BALZltgDBADZlt8wDQYJKoZIhvcNAQELBQADggEBAHZC7ZhFLeQCDUvyswiFQz4l
AGmca6iyZxTvzcdk5Nklgse/5b8s85HuM4aRgOaRy807Es28cmokkg5lGbHfZdg0
dArUJBr8lwOFgj2dBALO+cBw1QNtSmDbCfrzNCath88g65c5655pnYeybS/xzRWr
c4yhZeXeRXNj7zwIyzh/QV0uhN2B2N48adqX25+zv/aVd88KSzYQZmgTezjXOKQG
CPh7/6eSN+DHl9g/Y9LVvB0zDRQ4wWj2/jWwvLnzeRPCEFOO6ACTVEK0L3hXNxns
WG7XyH3RwlEJEKMC9zM6OzbIaSziAcGZsqi/YZinRcOn5TolwEgoe4UwLi3Idwk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:07 2023 by rpki-client on console-fra.rpki-client.org