Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/F8drHGFGtqXU2vd9SIwtqRrAtmQ.roa
File: F8drHGFGtqXU2vd9SIwtqRrAtmQ.roa (raw, json)
Hash identifier: kCdSU6sWuQnpizexk0Dr67wSNIWJpHC7vBwgAqxXNj0=
Subject key identifier: 17:C7:6B:1C:61:46:B6:A5:D4:DA:F7:7D:48:8C:2D:A9:1A:C0:B6:64
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193D3CC036960346328C98F260D6D258F80
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/F8drHGFGtqXU2vd9SIwtqRrAtmQ.roa
Signing time: Tue 17 Dec 2024 08:46:22 +0000
ROA not before: Tue 17 Dec 2024 08:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12390
IP address blocks: 217.177.34.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
217.180.21.0/24 maxlen: 24
217.180.44.0/24 maxlen: 24
217.180.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:cc:03:69:60:34:63:28:c9:8f:26:0d:6d:25:8f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 17 08:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17c76b1c6146b6a5d4daf77d488c2da91ac0b664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cd:f8:5d:e9:8d:0d:ee:01:6b:c9:36:dc:47:
2c:d1:0b:63:a6:47:6c:37:55:2d:d0:b8:fc:64:7e:
b9:1b:32:fa:8f:1a:ee:69:22:84:99:e6:73:03:29:
65:cf:71:2f:2a:44:b2:d3:e7:ac:3f:57:46:3a:35:
51:59:94:14:ef:db:8e:0e:2f:d7:13:61:54:4b:66:
9c:37:ba:45:da:14:d8:0f:5c:3d:96:cc:29:1f:85:
94:cf:f6:d3:a9:18:67:fa:b5:b1:a4:38:96:66:9a:
01:1d:c2:83:8b:a0:c3:1c:ca:de:b4:aa:12:bc:9f:
55:02:17:d5:e5:48:36:83:1a:e7:7e:f1:55:9c:e4:
00:07:01:56:78:8f:fb:52:fe:c6:66:4c:43:6a:7a:
25:fc:30:c2:4f:69:b1:2c:4f:2b:00:a7:db:d0:c9:
86:73:b3:ef:3f:2c:86:00:bd:a6:66:f4:9f:73:7d:
7f:70:20:41:3c:69:b5:6d:83:16:b8:a3:92:e8:f0:
4b:eb:5c:37:9b:25:53:71:ea:40:07:e9:32:dc:71:
8f:ed:a6:38:5d:6c:e3:cd:32:f3:a0:51:ae:6b:c1:
9a:b8:d0:17:6e:0f:c9:6d:e9:87:a2:ec:0d:f1:01:
25:3e:dc:11:bb:2b:7c:1f:09:8f:86:cf:07:f3:3d:
6b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C7:6B:1C:61:46:B6:A5:D4:DA:F7:7D:48:8C:2D:A9:1A:C0:B6:64
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/F8drHGFGtqXU2vd9SIwtqRrAtmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.34.0/24
217.177.72.0/24
217.180.21.0/24
217.180.44.0/24
217.180.47.0/24
Signature Algorithm: sha256WithRSAEncryption
71:cf:c1:fe:43:68:67:41:4d:b8:71:50:f0:38:94:ab:9e:10:
f8:f3:4d:14:7e:d9:a2:36:e0:61:e0:de:a1:de:5c:31:bd:22:
ef:92:cb:fa:76:21:a6:ff:ca:a2:51:07:16:8f:04:63:b2:97:
05:39:89:dc:08:a7:28:06:39:9b:46:21:8e:42:5d:76:17:3a:
13:25:d8:6d:fe:88:d9:40:3b:18:2a:dd:32:61:2b:4c:83:b1:
d4:8d:94:64:35:22:da:74:09:04:1d:c2:ab:5f:53:db:12:dd:
c8:cf:81:bb:0e:d2:b5:2a:cb:97:7f:e6:36:92:7f:34:1c:b7:
ce:44:49:26:91:76:5f:6c:9a:c0:35:ed:ad:48:92:63:4f:97:
3d:37:eb:2e:f3:2c:64:73:cc:62:34:85:db:16:a9:7b:02:42:
46:26:55:65:8e:0d:6a:51:b7:ab:4c:07:84:85:59:4c:b3:b3:
a4:b2:39:b2:bc:3b:8f:6e:2e:9c:fc:8b:a8:3c:c4:b4:13:df:
94:36:42:06:a2:0e:3f:45:ba:98:c0:2f:69:8c:15:7e:b0:dc:
a9:b6:cc:d0:a5:28:c4:5d:f0:97:9e:ca:ff:b3:ea:0a:0a:79:
60:00:cd:21:e8:18:50:ef:c1:c5:f6:7d:91:37:e4:f5:b7:5a:
19:6e:68:d7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPTzANpYDRjKMmPJg1tJY+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjE3MDg0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M3NmIxYzYxNDZiNmE1ZDRkYWY3N2Q0ODhjMmRhOTFhYzBiNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1834XemNDe4Ba8k23Ecs0Qtjpkds
N1Ut0Lj8ZH65GzL6jxruaSKEmeZzAyllz3EvKkSy0+esP1dGOjVRWZQU79uODi/X
E2FUS2acN7pF2hTYD1w9lswpH4WUz/bTqRhn+rWxpDiWZpoBHcKDi6DDHMretKoS
vJ9VAhfV5Ug2gxrnfvFVnOQABwFWeI/7Uv7GZkxDanol/DDCT2mxLE8rAKfb0MmG
c7PvPyyGAL2mZvSfc31/cCBBPGm1bYMWuKOS6PBL61w3myVTcepAB+ky3HGP7aY4
XWzjzTLzoFGua8GauNAXbg/JbemHouwN8QElPtwRuyt8HwmPhs8H8z1rcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBfHaxxhRral1Nr3fUiMLakawLZkMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRjhkckhHRkd0cVhVMnZkOVNJd3RxUnJBdG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2bEiAwQA
2bFIAwQA2bQVAwQA2bQsAwQA2bQvMA0GCSqGSIb3DQEBCwUAA4IBAQBxz8H+Q2hn
QU24cVDwOJSrnhD4800UftmiNuBh4N6h3lwxvSLvksv6diGm/8qiUQcWjwRjspcF
OYncCKcoBjmbRiGOQl12FzoTJdht/ojZQDsYKt0yYStMg7HUjZRkNSLadAkEHcKr
X1PbEt3Iz4G7DtK1KsuXf+Y2kn80HLfOREkmkXZfbJrANe2tSJJjT5c9N+su8yxk
c8xiNIXbFql7AkJGJlVljg1qUberTAeEhVlMs7OksjmyvDuPbi6c/IuoPMS0E9+U
NkIGog4/RbqYwC9pjBV+sNyptszQpSjEXfCXnsr/s+oKCnlgAM0h6BhQ78HF9n2R
N+T1t1oZbmjX
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:52 2025 by rpki-client