Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NO-PrIvX9KPwvsnMNtZ3zmDGtl4.roa
File: NO-PrIvX9KPwvsnMNtZ3zmDGtl4.roa (raw, json)
Hash identifier: ckmYh6g1GUxFsNM/xH6rlb7TKcNjNtMrny2TUSgdoZI=
Subject key identifier: 34:EF:8F:AC:8B:D7:F4:A3:F0:BE:C9:CC:36:D6:77:CE:60:C6:B6:5E
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194CDBC2392A85D70A3DC5185893A757298
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NO-PrIvX9KPwvsnMNtZ3zmDGtl4.roa
Signing time: Mon 03 Feb 2025 21:34:06 +0000
ROA not before: Mon 03 Feb 2025 21:34:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.177.0.0/21 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 13:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cd:bc:23:92:a8:5d:70:a3:dc:51:85:89:3a:75:72:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 3 21:34:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34ef8fac8bd7f4a3f0bec9cc36d677ce60c6b65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dd:44:45:e3:5d:a8:ef:02:9b:1a:8e:88:51:
f7:96:0a:ab:4a:3a:f7:d0:f2:31:13:47:8a:d6:c5:
f5:eb:b6:76:dd:a3:f9:89:87:58:49:21:c3:8f:fd:
f3:5c:3d:a6:32:ea:67:99:a8:c1:6b:08:cd:52:ff:
57:6b:a0:c0:c0:f2:a6:98:fa:24:a0:dc:c2:a3:5b:
bd:08:b3:42:ec:66:27:a7:a5:fb:1d:1a:3a:4b:99:
da:87:e4:06:b1:b5:ac:a9:66:c6:23:9f:64:33:e6:
09:0a:3f:b8:d7:6a:02:ff:1d:96:3e:0a:ca:47:dc:
4e:ca:44:60:5c:ee:87:06:cf:02:9a:1d:24:9c:b3:
d7:ee:5f:63:26:bf:4c:03:c9:b0:18:47:27:0b:d1:
8b:44:45:e9:c6:de:e5:57:c9:36:00:b7:aa:cd:47:
c2:16:b5:fb:c4:01:31:d9:44:c7:8f:79:e5:d8:18:
1d:fe:16:fa:93:e6:8b:5f:bc:ec:a8:5a:55:52:38:
00:7a:f4:16:6b:66:6d:a2:4e:84:92:0d:36:e5:a8:
35:30:b3:d8:22:95:30:46:23:a3:c0:ea:5d:2e:d1:
22:00:14:52:91:2a:96:65:84:cb:aa:34:3c:8e:f7:
56:39:0e:6b:46:0c:fb:6f:73:a7:80:f9:7c:ff:27:
b0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EF:8F:AC:8B:D7:F4:A3:F0:BE:C9:CC:36:D6:77:CE:60:C6:B6:5E
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NO-PrIvX9KPwvsnMNtZ3zmDGtl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.0.0/21
217.177.32.0/24
217.177.35.0/24
217.180.12.0/24
217.180.22.0/23
217.180.61.0/24
Signature Algorithm: sha256WithRSAEncryption
57:97:99:fb:e6:1b:e9:7a:95:9f:d8:a1:4e:db:f1:52:47:a3:
b9:71:55:c3:57:da:e8:ce:f7:9e:21:d6:eb:f2:3c:e0:a5:9b:
cd:72:cc:3f:e9:67:d0:5d:f2:82:cb:91:a4:00:81:66:da:2b:
f5:36:b8:cf:af:aa:3e:29:68:fb:40:ef:2d:f6:e8:f3:3e:e7:
7b:5b:29:20:06:01:9e:3b:7e:b8:bd:c5:27:2a:f8:9d:1e:ea:
e9:96:79:33:d0:17:5d:3d:1a:09:76:21:d1:a0:51:1a:40:9f:
3b:4c:98:3b:70:57:8b:38:3a:1e:45:41:93:0f:48:6b:b5:02:
12:13:86:f9:3f:e9:d3:f7:ba:0a:21:12:69:87:a8:5f:04:32:
b9:54:54:8b:56:f8:ca:6d:ee:9e:6e:10:ac:36:fd:08:7d:e6:
c2:dc:de:6a:ce:9f:ec:bb:2a:da:66:d1:63:24:23:91:70:3e:
d7:85:6f:77:05:c1:54:eb:d1:10:63:f3:bb:74:9f:5a:ad:b7:
b4:f4:89:29:2c:c9:aa:23:7c:f3:65:5e:ec:6b:90:99:68:c4:
94:23:8a:7e:b4:2f:06:29:43:11:0c:4a:2e:cc:ec:dd:72:2f:
7c:9c:d7:9f:a4:b5:9f:32:c0:87:4d:b5:40:b8:5a:fb:35:dd:
25:84:23:21
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZTNvCOSqF1wo9xRhYk6dXKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjAzMjEzNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVmOGZhYzhiZDdmNGEzZjBiZWM5Y2MzNmQ2NzdjZTYwYzZiNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd1EReNdqO8CmxqOiFH3lgqrSjr3
0PIxE0eK1sX167Z23aP5iYdYSSHDj/3zXD2mMupnmajBawjNUv9Xa6DAwPKmmPok
oNzCo1u9CLNC7GYnp6X7HRo6S5nah+QGsbWsqWbGI59kM+YJCj+412oC/x2WPgrK
R9xOykRgXO6HBs8Cmh0knLPX7l9jJr9MA8mwGEcnC9GLREXpxt7lV8k2ALeqzUfC
FrX7xAEx2UTHj3nl2Bgd/hb6k+aLX7zsqFpVUjgAevQWa2Ztok6Ekg025ag1MLPY
IpUwRiOjwOpdLtEiABRSkSqWZYTLqjQ8jvdWOQ5rRgz7b3OngPl8/yew5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDTvj6yL1/Sj8L7JzDbWd85gxrZeMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvTk8tUHJJdlg5S1B3dnNuTU50WjN6bURHdGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQD2bEAAwQA
2bEgAwQA2bEjAwQA2bQMAwQB2bQWAwQA2bQ9MA0GCSqGSIb3DQEBCwUAA4IBAQBX
l5n75hvpepWf2KFO2/FSR6O5cVXDV9rozveeIdbr8jzgpZvNcsw/6WfQXfKCy5Gk
AIFm2iv1NrjPr6o+KWj7QO8t9ujzPud7WykgBgGeO364vcUnKvidHurplnkz0Bdd
PRoJdiHRoFEaQJ87TJg7cFeLODoeRUGTD0hrtQISE4b5P+nT97oKIRJph6hfBDK5
VFSLVvjKbe6ebhCsNv0IfebC3N5qzp/suyraZtFjJCORcD7XhW93BcFU69EQY/O7
dJ9arbe09IkpLMmqI3zzZV7sa5CZaMSUI4p+tC8GKUMRDEouzOzdci98nNefpLWf
MsCHTbVAuFr7Nd0lhCMh
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:19:27 2025 by rpki-client