Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/tux3wrUajS7lsVtUnUNwg-VRjnk.roa
File: tux3wrUajS7lsVtUnUNwg-VRjnk.roa (raw, json)
Hash identifier: iem3+pWahhwy62V1Xi1WRT2O8aKhl63xryyeE13fUzA=
Subject key identifier: B6:EC:77:C2:B5:1A:8D:2E:E5:B1:5B:54:9D:43:70:83:E5:51:8E:79
Certificate issuer: /CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Certificate serial: 018699B0CA7F2DDCD50C21CCD1FF25B8DE63
Authority key identifier: 5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/tux3wrUajS7lsVtUnUNwg-VRjnk.roa
Signing time: Tue 28 Feb 2023 20:22:25 +0000
ROA not before: Tue 28 Feb 2023 20:22:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15807
IP address blocks: 217.18.0.0/20 maxlen: 20
217.18.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:b0:ca:7f:2d:dc:d5:0c:21:cc:d1:ff:25:b8:de:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Validity
Not Before: Feb 28 20:22:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6ec77c2b51a8d2ee5b15b549d437083e5518e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c0:89:47:c7:be:8e:79:9c:45:40:1c:e6:16:
c6:17:33:d9:23:07:cb:aa:70:8d:28:0d:93:35:3d:
43:58:cf:0d:e2:60:65:4e:2e:8b:b3:b9:53:3b:cb:
66:30:b2:fe:43:7c:d7:71:6e:fa:08:da:04:3e:1c:
f2:82:af:9c:9f:9c:30:33:b2:bf:09:b7:f9:f8:3f:
c0:29:96:51:e1:cb:03:22:e7:1d:30:80:ab:f5:0a:
c1:20:c4:2b:ce:28:97:56:5d:68:a8:cc:59:bf:d1:
0c:7c:9f:e3:87:f8:a8:cc:c9:71:b5:4d:78:d8:ab:
5c:52:fe:bb:80:50:4e:a0:fc:ed:98:bf:35:8f:df:
55:4d:61:02:d8:4b:13:77:d8:ba:9b:48:f0:d7:0a:
de:f3:52:a5:fc:27:39:36:7b:8b:66:e6:99:e3:d8:
09:88:61:a7:e2:fc:f9:02:78:d1:f2:66:a4:93:c0:
06:21:a9:5e:3e:42:6a:5c:d9:19:8a:cf:e2:84:b8:
85:b5:97:27:ee:27:c8:f8:94:a9:d4:18:1d:5d:fd:
e2:d2:63:14:25:d5:ed:52:c6:9a:a8:cf:f1:ff:d8:
0e:32:ce:48:13:9b:d0:b3:32:e5:99:93:40:62:e2:
19:7d:9d:82:b7:1b:19:a5:30:52:c5:81:a3:8b:33:
7b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EC:77:C2:B5:1A:8D:2E:E5:B1:5B:54:9D:43:70:83:E5:51:8E:79
X509v3 Authority Key Identifier:
keyid:5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/tux3wrUajS7lsVtUnUNwg-VRjnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.0.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:3f:cc:ad:58:84:41:85:27:a1:e9:dc:39:d8:ff:67:09:05:
57:62:54:00:17:16:37:d2:93:55:5d:33:49:ad:0d:93:fb:4f:
10:58:c1:9d:91:53:2e:81:b1:27:4f:d4:bf:f0:6d:7a:cf:d4:
0e:58:c3:92:a2:86:c8:4d:b5:32:8c:98:52:64:ed:3a:8a:5e:
54:e4:a8:4e:7f:89:bb:20:53:e4:03:69:5f:26:cf:0f:2f:86:
42:b0:d0:77:16:0c:29:c6:de:5c:a4:83:75:fe:8d:43:97:87:
d3:fa:75:aa:2f:14:1b:ea:f5:dc:f6:6a:7d:3f:ff:16:f1:df:
d9:86:1f:4e:85:9d:15:3c:2e:43:69:f8:1d:da:19:72:44:f3:
28:c1:06:4c:27:f1:0c:de:b7:2d:42:10:32:a0:5f:5f:dd:63:
47:53:3e:1c:6a:02:db:c4:dd:cf:50:ec:46:10:92:ec:1e:0d:
12:b9:cb:d0:21:87:e7:10:51:79:b3:79:e4:cd:aa:3a:8f:07:
c9:77:78:64:7f:52:68:27:c7:36:2a:3e:33:f8:e9:29:f6:77:
b3:bb:84:b1:33:58:ba:61:c5:3e:ac:53:c9:f0:c4:e6:43:d0:
1b:f0:43:0c:cf:57:7d:8c:34:2e:4e:f4:63:85:74:18:6a:98:
49:22:07:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaZsMp/LdzVDCHM0f8luN5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTlmNzVkY2EyY2QzYjM5MzUzZTAzMDBiMzBiYTViNjI5
NzZhMmIwHhcNMjMwMjI4MjAyMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmVjNzdjMmI1MWE4ZDJlZTViMTViNTQ5ZDQzNzA4M2U1NTE4ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8CJR8e+jnmcRUAc5hbGFzPZIwfL
qnCNKA2TNT1DWM8N4mBlTi6Ls7lTO8tmMLL+Q3zXcW76CNoEPhzygq+cn5wwM7K/
Cbf5+D/AKZZR4csDIucdMICr9QrBIMQrziiXVl1oqMxZv9EMfJ/jh/iozMlxtU14
2KtcUv67gFBOoPztmL81j99VTWEC2EsTd9i6m0jw1wre81Kl/Cc5NnuLZuaZ49gJ
iGGn4vz5AnjR8makk8AGIalePkJqXNkZis/ihLiFtZcn7ifI+JSp1BgdXf3i0mMU
JdXtUsaaqM/x/9gOMs5IE5vQszLlmZNAYuIZfZ2CtxsZpTBSxYGjizN7TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbsd8K1Go0u5bFbVJ1DcIPlUY55MB8GA1UdIwQY
MBaAFFyp913KLNOzk1PgMAswultil2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQt
MWQ1MWM0NjhkNTU2LzEvdHV4M3dyVWFqUzdsc1Z0VW5VTndnLVZSam5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQtMWQ1MWM0NjhkNTU2
LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RIAMA0G
CSqGSIb3DQEBCwUAA4IBAQAaP8ytWIRBhSeh6dw52P9nCQVXYlQAFxY30pNVXTNJ
rQ2T+08QWMGdkVMugbEnT9S/8G16z9QOWMOSoobITbUyjJhSZO06il5U5KhOf4m7
IFPkA2lfJs8PL4ZCsNB3Fgwpxt5cpIN1/o1Dl4fT+nWqLxQb6vXc9mp9P/8W8d/Z
hh9OhZ0VPC5Dafgd2hlyRPMowQZMJ/EM3rctQhAyoF9f3WNHUz4cagLbxN3PUOxG
EJLsHg0SucvQIYfnEFF5s3nkzao6jwfJd3hkf1JoJ8c2Kj4z+Okp9nezu4SxM1i6
YcU+rFPJ8MTmQ9Ab8EMMz1d9jDQuTvRjhXQYaphJIgd1
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:55 2024 by rpki-client on console-ams.rpki-client.org