Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/aIe39-oZOWoVsvrZmHam5NsNZbY.roa
File: aIe39-oZOWoVsvrZmHam5NsNZbY.roa (raw, json)
Hash identifier: LYNGT0dTuDLfQiROY9BO/sT6d0qL52a7LyC2SQHj7nU=
Subject key identifier: 68:87:B7:F7:EA:19:39:6A:15:B2:FA:D9:98:76:A6:E4:DB:0D:65:B6
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 01887CA7CF13A136B1564D5878E350E7A26B
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/aIe39-oZOWoVsvrZmHam5NsNZbY.roa
Signing time: Fri 02 Jun 2023 15:09:12 +0000
ROA not before: Fri 02 Jun 2023 15:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 217.163.11.0/24 maxlen: 24
217.163.10.0/24 maxlen: 24
217.163.23.0/24 maxlen: 24
217.163.30.0/24 maxlen: 24
217.163.28.0/23 maxlen: 24
217.163.31.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:a7:cf:13:a1:36:b1:56:4d:58:78:e3:50:e7:a2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jun 2 15:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6887b7f7ea19396a15b2fad99876a6e4db0d65b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c3:cc:04:b6:ab:ed:44:8b:68:73:d7:22:60:
2b:d6:5b:29:fa:8c:2c:fd:c6:93:f3:13:0c:73:8b:
4d:dc:19:e5:24:af:04:d1:fe:bc:52:ac:aa:f9:0e:
8f:32:c1:9c:aa:d5:88:52:ff:09:3d:3d:28:ff:da:
19:1b:2e:9e:23:27:17:47:53:2a:45:4d:1b:45:73:
35:81:c9:81:f7:0c:cb:4b:3c:fc:04:83:25:87:5a:
9e:6e:c3:f5:91:c7:98:12:a1:e6:a7:da:37:69:84:
94:13:e4:21:53:59:e2:11:6c:9d:e0:93:f6:57:bd:
78:52:7d:e9:6d:59:94:d0:eb:04:b9:c3:78:2f:6d:
1c:31:17:bc:4e:be:52:82:78:66:42:b7:10:4a:49:
c0:bf:97:c1:da:4f:57:d1:c0:5e:31:29:5c:50:68:
b4:1d:3c:3f:b6:61:98:16:11:56:32:66:5f:cd:f7:
a3:04:5f:61:ca:7a:16:18:fe:1e:99:1b:89:2a:55:
b7:96:fd:59:e9:cc:b0:c1:34:55:6b:e2:22:b4:b4:
bd:9f:76:28:14:c3:06:d4:61:22:29:c2:0d:7d:39:
f0:aa:8e:fd:4b:37:52:8e:5b:25:95:46:6a:20:f9:
69:8e:f4:f7:f7:29:6f:e1:94:4f:56:58:a3:4d:d0:
3d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:87:B7:F7:EA:19:39:6A:15:B2:FA:D9:98:76:A6:E4:DB:0D:65:B6
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/aIe39-oZOWoVsvrZmHam5NsNZbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.163.10.0/23
217.163.23.0/24
217.163.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:0b:ce:72:d1:eb:8e:a0:c4:6e:62:76:13:f9:9e:3d:37:00:
ef:d1:b6:9d:2d:11:ff:5f:35:bf:fc:b8:09:5e:bd:de:54:64:
44:70:55:a5:3d:49:68:da:8b:df:04:f0:cd:5b:62:13:91:c2:
50:24:30:d0:f2:d1:3c:5c:ce:22:6e:70:99:f3:e4:c9:8c:57:
6e:91:56:b3:c8:f7:19:4e:13:30:89:6e:ca:8b:6e:1e:cf:80:
e9:f1:5b:3a:6b:db:40:84:52:ff:07:fd:d8:bf:2a:c5:79:45:
c1:7d:c7:51:20:fd:c4:fe:40:f5:a7:d0:55:75:7b:c0:77:40:
7b:bd:95:59:ab:93:53:5b:c0:24:61:ba:58:07:74:a2:38:f3:
25:51:41:89:c7:7a:3e:14:42:65:09:52:08:fa:fa:48:89:ad:
71:78:ae:9b:48:66:e3:ee:9a:b3:9b:ab:62:57:23:f5:97:46:
3a:34:8b:63:d2:31:77:8a:76:29:03:39:96:4e:ed:6e:e2:bb:
da:dd:b4:ad:4b:9e:66:7d:43:0c:93:92:7b:d7:c8:da:e1:06:
8b:3b:2f:37:2f:ea:04:a7:85:1d:22:96:90:f3:cd:1b:c3:ad:
b7:71:b2:a1:69:8b:ca:e3:c2:0e:4b:b2:5c:5b:70:63:05:61:
bd:cf:df:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh8p88ToTaxVk1YeONQ56JrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwNjAyMTUwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg3YjdmN2VhMTkzOTZhMTViMmZhZDk5ODc2YTZlNGRiMGQ2NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcPMBLar7USLaHPXImAr1lsp+ows
/caT8xMMc4tN3BnlJK8E0f68Uqyq+Q6PMsGcqtWIUv8JPT0o/9oZGy6eIycXR1Mq
RU0bRXM1gcmB9wzLSzz8BIMlh1qebsP1kceYEqHmp9o3aYSUE+QhU1niEWyd4JP2
V714Un3pbVmU0OsEucN4L20cMRe8Tr5SgnhmQrcQSknAv5fB2k9X0cBeMSlcUGi0
HTw/tmGYFhFWMmZfzfejBF9hynoWGP4emRuJKlW3lv1Z6cywwTRVa+IitLS9n3Yo
FMMG1GEiKcINfTnwqo79SzdSjlsllUZqIPlpjvT39ylv4ZRPVlijTdA9wQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGiHt/fqGTlqFbL62Zh2puTbDWW2MB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvYUllMzktb1pPV29Wc3ZyWm1IYW01TnNOWmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQB2aMKAwQA
2aMXAwQC2aMcMA0GCSqGSIb3DQEBCwUAA4IBAQAsC85y0euOoMRuYnYT+Z49NwDv
0badLRH/XzW//LgJXr3eVGREcFWlPUlo2ovfBPDNW2ITkcJQJDDQ8tE8XM4ibnCZ
8+TJjFdukVazyPcZThMwiW7Ki24ez4Dp8Vs6a9tAhFL/B/3YvyrFeUXBfcdRIP3E
/kD1p9BVdXvAd0B7vZVZq5NTW8AkYbpYB3SiOPMlUUGJx3o+FEJlCVII+vpIia1x
eK6bSGbj7pqzm6tiVyP1l0Y6NItj0jF3inYpAzmWTu1u4rva3bStS55mfUMMk5J7
18ja4QaLOy83L+oEp4UdIpaQ880bw623cbKhaYvK48IOS7JcW3BjBWG9z9/U
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:18 2023 by rpki-client on console-ams.rpki-client.org