Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lQuOijCXBdNhPQauIQbktqVLBhk.roa
File: lQuOijCXBdNhPQauIQbktqVLBhk.roa (raw, json)
Hash identifier: 03KJ6MfArq/bPsS+CEp7R7KjQpm6zBt5uqd6lmLC0lM=
Subject key identifier: 95:0B:8E:8A:30:97:05:D3:61:3D:06:AE:21:06:E4:B6:A5:4B:06:19
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193F857D17E11AC093B228C9CA547325FDA
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lQuOijCXBdNhPQauIQbktqVLBhk.roa
Signing time: Tue 24 Dec 2024 11:05:25 +0000
ROA not before: Tue 24 Dec 2024 11:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 217.180.17.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:57:d1:7e:11:ac:09:3b:22:8c:9c:a5:47:32:5f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 24 11:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=950b8e8a309705d3613d06ae2106e4b6a54b0619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:a9:15:a5:7b:5c:a6:d3:93:91:80:4f:5e:
3d:d2:aa:71:b6:61:2f:17:6d:1d:db:d5:b4:5a:64:
e0:b8:44:bd:ab:08:27:4a:29:6c:61:7d:33:19:b5:
56:53:ef:43:d5:6c:0d:81:ea:56:bd:ae:01:c6:f4:
b8:8d:02:c4:d1:cc:31:da:99:26:3b:cc:07:e5:b4:
23:3e:7e:0f:bd:4e:56:08:a9:85:5c:38:2d:d4:69:
18:2c:8d:d5:0e:f0:6e:2f:0f:1d:35:9e:b5:76:e3:
0c:2a:7f:fc:fa:95:21:8d:a3:a6:a9:9b:cc:95:d0:
b0:49:b4:60:4f:69:9b:8d:f9:88:58:b9:56:5c:41:
ab:61:7e:19:34:e0:50:a3:2c:a7:7c:6a:e9:c9:e4:
85:10:05:a6:71:bb:64:62:c7:0e:0d:41:08:cc:20:
11:c7:2d:28:33:b3:c8:0d:ab:bd:70:74:8b:6b:87:
fe:32:2b:2f:78:4d:86:11:27:c1:a2:70:c8:8f:47:
96:3b:99:82:60:07:96:7e:1f:d7:42:c3:86:d4:a5:
2c:12:a0:4a:db:8d:fd:9c:00:03:2a:68:c3:90:d3:
76:62:8f:98:17:2b:df:00:8b:9d:b7:50:20:eb:80:
51:a7:c6:a8:16:3f:ec:53:e0:00:1b:2e:89:64:96:
bd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0B:8E:8A:30:97:05:D3:61:3D:06:AE:21:06:E4:B6:A5:4B:06:19
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lQuOijCXBdNhPQauIQbktqVLBhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.180.17.0/24
217.180.46.0/24
Signature Algorithm: sha256WithRSAEncryption
75:e1:dc:34:58:c8:20:3f:9d:d1:29:0a:dd:b8:e0:f7:80:32:
c4:e7:5e:d4:33:3f:c2:8f:95:da:be:f5:74:6a:27:81:f2:88:
06:ed:29:f8:0b:be:5f:cf:fd:47:45:40:5d:ce:64:6e:57:09:
1d:0e:85:56:d9:60:81:03:5a:27:5d:31:c0:6b:48:3c:13:83:
32:f9:ee:92:02:cb:9b:a6:76:50:61:f0:16:d0:f5:9e:d0:d1:
09:75:b2:2d:90:e4:01:4d:48:b6:5c:bc:0d:35:a2:66:a1:74:
17:9d:88:d6:93:a4:c3:97:79:90:a3:a6:c1:26:e0:06:37:33:
52:73:56:57:a1:23:b6:89:fa:24:9f:e4:c2:b8:88:cd:9a:75:
93:9a:2b:64:6f:fe:05:c5:a9:8e:79:e6:5d:4b:e6:69:c5:6d:
82:b5:33:f6:f6:27:dc:5a:0f:72:bd:15:f3:cb:81:0a:3c:13:
72:af:e6:61:69:a9:1a:0c:49:69:e9:5c:28:37:4b:4c:47:05:
d4:19:f5:c5:08:3c:48:55:52:55:9f:63:60:59:2a:74:e3:16:
2b:06:a5:82:4c:ed:49:7b:63:3a:9c:d8:2a:34:a1:7f:cf:c5:
c9:21:6e:eb:31:59:8a:53:cb:e1:60:da:f4:da:d1:e4:11:91:
68:58:d7:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZP4V9F+EawJOyKMnKVHMl/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjI0MTEwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBiOGU4YTMwOTcwNWQzNjEzZDA2YWUyMTA2ZTRiNmE1NGIwNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbypFaV7XKbTk5GAT1490qpxtmEv
F20d29W0WmTguES9qwgnSilsYX0zGbVWU+9D1WwNgepWva4BxvS4jQLE0cwx2pkm
O8wH5bQjPn4PvU5WCKmFXDgt1GkYLI3VDvBuLw8dNZ61duMMKn/8+pUhjaOmqZvM
ldCwSbRgT2mbjfmIWLlWXEGrYX4ZNOBQoyynfGrpyeSFEAWmcbtkYscODUEIzCAR
xy0oM7PIDau9cHSLa4f+MisveE2GESfBonDIj0eWO5mCYAeWfh/XQsOG1KUsEqBK
2439nAADKmjDkNN2Yo+YFyvfAIudt1Ag64BRp8aoFj/sU+AAGy6JZJa9dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJULjoowlwXTYT0GriEG5LalSwYZMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvbFF1T2lqQ1hCZE5oUFFhdUlRYmt0cVZMQmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2bQRAwQA
2bQuMA0GCSqGSIb3DQEBCwUAA4IBAQB14dw0WMggP53RKQrduOD3gDLE517UMz/C
j5XavvV0aieB8ogG7Sn4C75fz/1HRUBdzmRuVwkdDoVW2WCBA1onXTHAa0g8E4My
+e6SAsubpnZQYfAW0PWe0NEJdbItkOQBTUi2XLwNNaJmoXQXnYjWk6TDl3mQo6bB
JuAGNzNSc1ZXoSO2ifokn+TCuIjNmnWTmitkb/4FxamOeeZdS+ZpxW2CtTP29ifc
Wg9yvRXzy4EKPBNyr+ZhaakaDElp6VwoN0tMRwXUGfXFCDxIVVJVn2NgWSp04xYr
BqWCTO1Je2M6nNgqNKF/z8XJIW7rMVmKU8vhYNr02tHkEZFoWNed
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:03 2025 by rpki-client