Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/aS0Jx4Anmebvx_c9ORh8TZrknxw.roa
File: aS0Jx4Anmebvx_c9ORh8TZrknxw.roa (raw, json)
Hash identifier: oPb1j4Vp+hC2GDjeVpP+AAZWN0/D4HOOcda+VVgG3aw=
Subject key identifier: 69:2D:09:C7:80:27:99:E6:EF:C7:F7:3D:39:18:7C:4D:9A:E4:9F:1C
Certificate issuer: /CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Certificate serial: 01929979D80D00372CED91A39A2630CAC978
Authority key identifier: 4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/aS0Jx4Anmebvx_c9ORh8TZrknxw.roa
Signing time: Thu 17 Oct 2024 07:55:51 +0000
ROA not before: Thu 17 Oct 2024 07:55:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29263
IP address blocks: 217.68.48.0/20 maxlen: 20
217.68.48.0/21 maxlen: 21
217.68.48.0/28 maxlen: 28
217.68.48.124/30 maxlen: 30
217.68.48.128/30 maxlen: 30
217.68.48.144/29 maxlen: 29
217.68.48.160/27 maxlen: 27
217.68.48.252/32 maxlen: 32
217.68.48.253/32 maxlen: 32
217.68.49.65/32 maxlen: 32
217.68.49.75/32 maxlen: 32
217.68.49.85/32 maxlen: 32
217.68.49.93/32 maxlen: 32
217.68.49.208/29 maxlen: 29
217.68.49.216/29 maxlen: 29
217.68.50.0/24 maxlen: 24
217.68.51.0/24 maxlen: 24
217.68.53.0/24 maxlen: 24
217.68.56.0/21 maxlen: 21
217.68.58.0/24 maxlen: 24
217.68.60.0/24 maxlen: 24
217.68.61.0/24 maxlen: 24
2a02:2400::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Nov 2024 12:46:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:79:d8:0d:00:37:2c:ed:91:a3:9a:26:30:ca:c9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Validity
Not Before: Oct 17 07:55:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=692d09c7802799e6efc7f73d39187c4d9ae49f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:37:02:93:08:47:49:b5:1d:f2:60:06:db:10:
20:61:ac:3a:b4:12:16:7f:15:8b:2f:5e:09:c2:84:
56:3c:48:70:12:f9:be:ff:8e:58:7e:93:5d:e6:bb:
48:99:f0:43:7c:d7:26:86:5d:e4:c7:cc:9a:a9:45:
04:a1:eb:1b:b6:06:84:8f:0a:94:8f:91:bc:46:92:
39:07:eb:41:d9:cf:07:31:33:3f:c9:be:93:6d:94:
12:f5:21:58:ac:bf:6d:73:9b:52:1e:95:5a:5d:07:
46:eb:d3:58:42:1d:5b:be:a5:8c:b8:6c:6a:8c:40:
09:8e:53:58:3a:b3:1f:f6:b4:97:8b:ba:fa:29:9a:
69:bb:51:37:8a:b1:e7:8e:e3:2a:87:ae:a7:9b:0c:
09:f0:86:54:c8:16:b5:ce:34:df:40:ce:ff:fe:58:
83:cc:d1:66:11:87:ae:50:d7:e8:72:4d:7a:9c:a8:
90:dd:cd:ee:50:15:b6:65:7c:e8:0f:7c:84:36:60:
fe:3e:37:96:25:0b:b2:57:66:02:42:ec:c2:18:d2:
50:44:13:44:10:f5:b3:4d:71:ab:d2:15:b1:79:4d:
6f:6e:f5:3f:0d:21:b1:34:b5:06:e2:d7:00:a0:70:
45:9a:40:71:14:e8:1a:64:c3:5b:6d:8a:52:f6:86:
eb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2D:09:C7:80:27:99:E6:EF:C7:F7:3D:39:18:7C:4D:9A:E4:9F:1C
X509v3 Authority Key Identifier:
keyid:4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/aS0Jx4Anmebvx_c9ORh8TZrknxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.68.48.0/20
IPv6:
2a02:2400::/32
Signature Algorithm: sha256WithRSAEncryption
47:c3:b5:62:53:fa:42:57:0b:27:4c:f1:f1:71:49:0e:b3:6e:
66:38:f4:75:ba:1d:ca:b2:a9:39:58:8f:95:2a:3d:80:1c:52:
0f:d3:a9:ae:85:4d:e0:13:34:fd:9e:1e:5e:7c:1e:ea:59:88:
1e:28:f7:f0:bd:8f:f9:da:df:db:e7:bf:c0:32:8f:fc:d2:47:
af:cd:c1:3e:b0:40:75:39:77:65:69:96:8e:c6:62:31:09:d8:
44:e6:96:99:67:ea:6c:00:5f:eb:af:4a:be:cb:50:d9:49:af:
ea:74:72:d2:76:48:7f:5e:07:29:9b:c4:2e:1b:01:4f:e9:e6:
bb:87:e2:02:89:29:58:96:0f:b6:5e:ea:d1:bf:a1:15:7a:b6:
a0:5b:59:78:62:66:e3:b4:80:20:d1:48:85:fe:3e:fd:60:fb:
ad:21:59:e5:ce:78:1a:f6:9d:5d:f1:99:61:12:20:97:12:c2:
75:c1:ba:46:b1:a9:77:b6:9a:0c:b5:5f:8b:1b:c3:0a:82:3a:
f5:93:8e:54:65:7f:17:33:40:c0:69:83:7b:cd:53:cc:d4:13:
01:02:2e:b7:d7:1d:04:94:f3:cc:9d:97:9c:50:d7:5e:9e:97:
0c:9e:26:84:c1:84:0e:a9:88:a0:bb:ea:9a:7b:3a:dc:e0:97:
1d:31:b1:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKZedgNADcs7ZGjmiYwysl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzU5NGIwMjE0MjY0ZjA2Njc3NjA5YmI0YWE0Nzc5ZWIx
ZWVjYWQwHhcNMjQxMDE3MDc1NTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTJkMDljNzgwMjc5OWU2ZWZjN2Y3M2QzOTE4N2M0ZDlhZTQ5ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TcCkwhHSbUd8mAG2xAgYaw6tBIW
fxWLL14JwoRWPEhwEvm+/45YfpNd5rtImfBDfNcmhl3kx8yaqUUEoesbtgaEjwqU
j5G8RpI5B+tB2c8HMTM/yb6TbZQS9SFYrL9tc5tSHpVaXQdG69NYQh1bvqWMuGxq
jEAJjlNYOrMf9rSXi7r6KZppu1E3irHnjuMqh66nmwwJ8IZUyBa1zjTfQM7//liD
zNFmEYeuUNfock16nKiQ3c3uUBW2ZXzoD3yENmD+PjeWJQuyV2YCQuzCGNJQRBNE
EPWzTXGr0hWxeU1vbvU/DSGxNLUG4tcAoHBFmkBxFOgaZMNbbYpS9obrQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGktCceAJ5nm78f3PTkYfE2a5J8cMB8GA1UdIwQY
MBaAFEx1lLAhQmTwZndgm7SqR3nrHuytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYt
YjEzMGJmNzZmZTEwLzEvYVMwSng0QW5tZWJ2eF9jOU9SaDhUWnJrbnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYtYjEzMGJmNzZmZTEw
LzEvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UQwMA0E
AgACMAcDBQAqAiQAMA0GCSqGSIb3DQEBCwUAA4IBAQBHw7ViU/pCVwsnTPHxcUkO
s25mOPR1uh3Ksqk5WI+VKj2AHFIP06muhU3gEzT9nh5efB7qWYgeKPfwvY/52t/b
57/AMo/80kevzcE+sEB1OXdlaZaOxmIxCdhE5paZZ+psAF/rr0q+y1DZSa/qdHLS
dkh/Xgcpm8QuGwFP6ea7h+ICiSlYlg+2XurRv6EVeragW1l4YmbjtIAg0UiF/j79
YPutIVnlznga9p1d8ZlhEiCXEsJ1wbpGsal3tpoMtV+LG8MKgjr1k45UZX8XM0DA
aYN7zVPM1BMBAi631x0ElPPMnZecUNdenpcMniaEwYQOqYigu+qaezrc4JcdMbEa
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:52 2024 by rpki-client on console-ams.rpki-client.org