Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/7t68ZX8bi2ppBjqcU6aGTDtX86M.roa
File: 7t68ZX8bi2ppBjqcU6aGTDtX86M.roa (raw, json)
Hash identifier: GFmV8235i85ldlsPvTme2tj79vyfzhF9bSIyGIDyoKw=
Subject key identifier: EE:DE:BC:65:7F:1B:8B:6A:69:06:3A:9C:53:A6:86:4C:3B:57:F3:A3
Certificate issuer: /CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Certificate serial: 0188A4D5C1C086BB1A93807714B7FD2E0AE5
Authority key identifier: 2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/7t68ZX8bi2ppBjqcU6aGTDtX86M.roa
Signing time: Sat 10 Jun 2023 10:24:12 +0000
ROA not before: Sat 10 Jun 2023 10:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212648
IP address blocks: 217.145.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:d5:c1:c0:86:bb:1a:93:80:77:14:b7:fd:2e:0a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Validity
Not Before: Jun 10 10:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eedebc657f1b8b6a69063a9c53a6864c3b57f3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3e:59:6d:ba:7d:00:8f:ed:2c:fd:41:24:88:
15:1e:99:47:4e:8f:e6:3a:64:5a:50:c6:50:90:ce:
79:dd:12:f1:eb:4b:a4:b2:42:30:a2:ef:03:6b:d7:
2c:97:49:e2:f5:6d:f0:f5:61:23:1c:60:5d:43:76:
d7:e3:5c:b9:2d:f3:c4:5e:47:e5:72:d6:6a:3e:5a:
77:5e:04:a1:b1:f2:c2:65:50:aa:a8:18:ea:44:9d:
43:6d:b4:35:50:1b:5e:bd:c0:89:b1:99:07:b9:6e:
dd:84:16:b7:f6:92:38:c9:a4:7c:04:20:96:04:cb:
33:c9:4a:8a:36:af:fc:7f:62:a9:c7:c9:a7:90:2e:
a8:00:9a:fd:0e:38:f2:f0:0d:d9:6d:71:b7:aa:96:
37:e5:84:d0:64:8f:b0:30:f7:ac:ad:a5:7f:12:a4:
99:f2:a9:1b:a3:26:68:be:94:3d:d3:13:c2:2a:ff:
11:71:e0:f1:3e:87:f0:84:6d:75:ca:48:cf:db:15:
1b:fe:b4:61:04:12:4a:87:1f:54:d3:0b:27:f8:7a:
04:3e:97:8c:d8:bf:40:1f:e9:56:ae:be:93:25:ed:
17:db:22:75:0b:2d:11:f2:0e:69:af:f3:64:28:2a:
6a:d3:67:84:44:64:23:be:74:0e:ea:9c:a8:b7:fe:
61:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DE:BC:65:7F:1B:8B:6A:69:06:3A:9C:53:A6:86:4C:3B:57:F3:A3
X509v3 Authority Key Identifier:
keyid:2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/7t68ZX8bi2ppBjqcU6aGTDtX86M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.231.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:e9:59:b0:c7:2f:7e:b8:d9:d2:1e:bf:f0:89:9b:4b:ea:81:
5b:b3:fd:91:82:38:92:5e:9f:5a:2d:8d:37:0e:a8:b8:74:06:
44:f9:aa:84:bb:e5:ab:6b:4d:2a:16:79:f4:19:bc:0d:02:b1:
ec:48:88:d8:db:52:3c:d1:9c:1d:38:a4:af:a0:46:41:55:1e:
8d:48:e8:6d:5f:bb:ef:0d:d6:57:05:60:76:83:5c:a9:d0:a8:
52:4a:05:13:25:a2:83:22:09:58:a0:2e:ab:19:38:f8:6b:14:
02:d3:14:b8:0d:8c:a9:94:ab:7a:34:35:a9:5d:9d:39:d1:9f:
d0:e7:a8:fb:24:fc:21:eb:a0:17:8f:8b:f9:b7:65:55:3a:2f:
74:7a:4b:59:a2:48:cb:d6:af:62:79:4e:05:b8:14:48:63:a4:
20:e9:09:83:6b:01:29:aa:5a:7a:c3:3a:0b:9f:2f:95:cd:65:
bc:5d:ed:f8:85:ae:be:0c:92:bb:59:78:84:51:f6:c7:80:a9:
c5:54:4c:51:95:b7:11:4e:fb:12:aa:aa:4d:f7:5c:d4:96:0f:
3d:ef:84:f0:97:07:4e:0d:53:f4:03:fa:c6:84:20:a3:b2:62:
bf:f1:d3:13:30:68:f1:0f:f6:6f:35:32:6f:f9:da:86:60:83:
5e:ec:68:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYik1cHAhrsak4B3FLf9LgrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjhjZmEzZmQyZGE5Y2FhYTY1OTI4NDc1OGRlZTY3MDk5
OTM0ZjgwHhcNMjMwNjEwMTAyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWRlYmM2NTdmMWI4YjZhNjkwNjNhOWM1M2E2ODY0YzNiNTdmM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj5Zbbp9AI/tLP1BJIgVHplHTo/m
OmRaUMZQkM553RLx60ukskIwou8Da9csl0ni9W3w9WEjHGBdQ3bX41y5LfPEXkfl
ctZqPlp3XgShsfLCZVCqqBjqRJ1DbbQ1UBtevcCJsZkHuW7dhBa39pI4yaR8BCCW
BMszyUqKNq/8f2Kpx8mnkC6oAJr9Djjy8A3ZbXG3qpY35YTQZI+wMPesraV/EqSZ
8qkboyZovpQ90xPCKv8RceDxPofwhG11ykjP2xUb/rRhBBJKhx9U0wsn+HoEPpeM
2L9AH+lWrr6TJe0X2yJ1Cy0R8g5pr/NkKCpq02eERGQjvnQO6pyot/5hXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7evGV/G4tqaQY6nFOmhkw7V/OjMB8GA1UdIwQY
MBaAFC0oz6P9LanKqmWShHWN7mcJmTT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEt
M2FkNTJlOGI5NjI4LzEvN3Q2OFpYOGJpMnBwQmpxY1U2YUdURHRYODZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEtM2FkNTJlOGI5NjI4
LzEvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZHnMA0G
CSqGSIb3DQEBCwUAA4IBAQDO6Vmwxy9+uNnSHr/wiZtL6oFbs/2RgjiSXp9aLY03
Dqi4dAZE+aqEu+Wra00qFnn0GbwNArHsSIjY21I80ZwdOKSvoEZBVR6NSOhtX7vv
DdZXBWB2g1yp0KhSSgUTJaKDIglYoC6rGTj4axQC0xS4DYyplKt6NDWpXZ050Z/Q
56j7JPwh66AXj4v5t2VVOi90ektZokjL1q9ieU4FuBRIY6Qg6QmDawEpqlp6wzoL
ny+VzWW8Xe34ha6+DJK7WXiEUfbHgKnFVExRlbcRTvsSqqpN91zUlg8974TwlwdO
DVP0A/rGhCCjsmK/8dMTMGjxD/ZvNTJv+dqGYINe7GiG
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:32 2024 by rpki-client on console-ams.rpki-client.org