Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/sXTuMwM7OSkNJtsnqH66gokJaug.roa
File: sXTuMwM7OSkNJtsnqH66gokJaug.roa (raw, json)
Hash identifier: orUJzZSdm4d34Ei9xR5NBOaYI07FcHZRO/EAuLKGXS0=
Subject key identifier: B1:74:EE:33:03:3B:39:29:0D:26:DB:27:A8:7E:BA:82:89:09:6A:E8
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 01887CC087589CB9BE58ED0766FEE805EBA2
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/sXTuMwM7OSkNJtsnqH66gokJaug.roa
Signing time: Fri 02 Jun 2023 15:36:12 +0000
ROA not before: Fri 02 Jun 2023 15:36:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 217.163.11.0/24 maxlen: 24
217.163.23.0/24 maxlen: 24
217.163.30.0/24 maxlen: 24
217.163.28.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:c0:87:58:9c:b9:be:58:ed:07:66:fe:e8:05:eb:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jun 2 15:36:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b174ee33033b39290d26db27a87eba8289096ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:97:77:36:2d:e2:1a:25:86:cb:39:80:ff:3d:
28:b8:eb:56:0a:78:60:b2:20:e3:9d:72:44:a5:6a:
08:10:1e:e1:c4:e9:1a:33:3f:1d:c4:b6:2f:bd:3c:
a5:57:73:cd:e5:9a:fb:11:5f:14:c7:0d:9c:c9:5f:
99:7c:3e:7a:ca:59:4e:20:51:37:4d:c2:9b:55:98:
25:45:a8:2a:fa:56:45:b2:b5:50:25:7e:1a:8e:e4:
6b:68:be:54:14:1e:66:51:87:c8:d9:c9:91:b0:bf:
50:b8:3c:e4:63:49:e5:28:cf:ed:af:28:b1:67:df:
c4:17:18:20:96:07:b4:9a:65:74:18:da:95:12:4d:
bb:c3:3c:fd:d2:b6:10:c9:86:ae:56:94:a3:03:33:
7e:8f:f5:09:6f:fa:9f:93:0b:20:f6:59:cd:ed:8c:
46:c3:75:42:00:d7:61:29:65:7f:e1:b5:5c:59:a4:
96:45:5f:22:7c:9f:6d:4e:6f:37:05:2f:25:c5:34:
98:d8:bf:d1:91:2e:da:80:7d:2f:23:f8:50:93:67:
87:d0:a6:17:de:cd:e9:68:f9:2e:6b:25:0a:b4:1d:
9e:e0:9e:5e:4f:62:09:78:a2:30:d4:ac:b2:53:57:
b0:53:6c:a9:b8:00:14:51:c8:94:c8:3c:6c:02:2f:
9e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:74:EE:33:03:3B:39:29:0D:26:DB:27:A8:7E:BA:82:89:09:6A:E8
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/sXTuMwM7OSkNJtsnqH66gokJaug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.163.11.0/24
217.163.23.0/24
217.163.28.0-217.163.30.255
Signature Algorithm: sha256WithRSAEncryption
2f:00:dd:a8:eb:33:7e:0c:e9:65:82:d9:ae:9b:a1:1d:73:6c:
5b:cf:5a:6d:54:db:6b:7d:97:fc:20:33:52:eb:1b:e4:b1:61:
e2:87:59:7e:93:14:ce:33:5b:c4:5a:99:b3:82:34:69:83:9a:
f2:0e:78:8e:5f:b2:1f:67:4a:8e:8f:5b:0e:33:8c:e1:86:e6:
4a:bf:02:f3:38:a4:cb:71:5c:55:c4:80:37:36:8b:d3:b4:33:
24:0a:62:24:8a:28:61:88:3f:79:a9:4d:93:ed:09:7a:47:8f:
f1:0d:a9:3f:1f:79:83:94:23:86:e7:d8:b9:1d:d3:9a:33:f0:
7d:28:de:6e:3e:2a:4c:e1:1a:bb:c8:8a:1c:c6:70:c3:d7:c1:
f4:ab:df:65:fc:b8:bd:6e:b1:a5:e6:38:bd:dc:7a:e0:bd:a4:
ff:8c:14:55:bd:24:71:0f:75:74:eb:bc:7e:75:33:f5:8b:74:
b2:b9:50:82:81:b3:b6:df:a9:1e:bc:28:28:fa:c7:43:47:d9:
e0:d3:e7:20:84:af:63:df:b7:81:fb:6b:f9:30:7a:f5:dd:61:
31:6e:87:ed:48:d1:15:48:43:a7:e4:b2:22:ff:bd:01:18:23:
95:e4:0b:58:38:71:c8:0d:78:8d:b7:20:43:83:42:96:34:ec:
dd:57:92:f8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYh8wIdYnLm+WO0HZv7oBeuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwNjAyMTUzNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc0ZWUzMzAzM2IzOTI5MGQyNmRiMjdhODdlYmE4Mjg5MDk2YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZd3Ni3iGiWGyzmA/z0ouOtWCnhg
siDjnXJEpWoIEB7hxOkaMz8dxLYvvTylV3PN5Zr7EV8Uxw2cyV+ZfD56yllOIFE3
TcKbVZglRagq+lZFsrVQJX4ajuRraL5UFB5mUYfI2cmRsL9QuDzkY0nlKM/tryix
Z9/EFxgglge0mmV0GNqVEk27wzz90rYQyYauVpSjAzN+j/UJb/qfkwsg9lnN7YxG
w3VCANdhKWV/4bVcWaSWRV8ifJ9tTm83BS8lxTSY2L/RkS7agH0vI/hQk2eH0KYX
3s3paPkuayUKtB2e4J5eT2IJeKIw1KyyU1ewU2ypuAAUUciUyDxsAi+exQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLF07jMDOzkpDSbbJ6h+uoKJCWroMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvc1hUdU13TTdPU2tOSnRzbnFINjZnb2tKYXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA2aMLAwQA
2aMXMAwDBALZoxwDBADZox4wDQYJKoZIhvcNAQELBQADggEBAC8A3ajrM34M6WWC
2a6boR1zbFvPWm1U22t9l/wgM1LrG+SxYeKHWX6TFM4zW8RambOCNGmDmvIOeI5f
sh9nSo6PWw4zjOGG5kq/AvM4pMtxXFXEgDc2i9O0MyQKYiSKKGGIP3mpTZPtCXpH
j/ENqT8feYOUI4bn2Lkd05oz8H0o3m4+KkzhGrvIihzGcMPXwfSr32X8uL1usaXm
OL3ceuC9pP+MFFW9JHEPdXTrvH51M/WLdLK5UIKBs7bfqR68KCj6x0NH2eDT5yCE
r2Pft4H7a/kwevXdYTFuh+1I0RVIQ6fksiL/vQEYI5XkC1g4ccgNeI23IEODQpY0
7N1Xkvg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:44 2024 by rpki-client on console-ams.rpki-client.org