Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/MOwvhGu3SiJjTcTnK90VkXzY8hQ.roa
File: MOwvhGu3SiJjTcTnK90VkXzY8hQ.roa (raw, json)
Hash identifier: T/BytqFex/YETNiJvuPduZRC2iqO5yJ0IHpvJP3F8GE=
Subject key identifier: 30:EC:2F:84:6B:B7:4A:22:63:4D:C4:E7:2B:DD:15:91:7C:D8:F2:14
Certificate issuer: /CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Certificate serial: 018B22E63B4C3ECE8D00E0173249AAB8AE9C
Authority key identifier: 00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/MOwvhGu3SiJjTcTnK90VkXzY8hQ.roa
Signing time: Thu 12 Oct 2023 07:59:55 +0000
ROA not before: Thu 12 Oct 2023 07:59:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 217.28.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:22:e6:3b:4c:3e:ce:8d:00:e0:17:32:49:aa:b8:ae:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Validity
Not Before: Oct 12 07:59:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30ec2f846bb74a22634dc4e72bdd15917cd8f214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3d:e3:38:ae:97:41:e1:47:ba:bb:84:b0:9e:
ad:5b:af:c7:39:d0:b2:1c:8a:f6:19:92:61:46:f3:
ef:2f:4d:96:b7:71:f3:60:a6:b0:67:10:d3:5b:93:
4c:ab:9e:c4:c0:cc:75:4c:af:f0:4e:a8:4b:7a:99:
e2:ea:97:97:06:bd:07:23:be:ea:53:c1:6d:4d:55:
ba:4b:cc:0d:a2:1b:47:3d:96:43:e8:75:dd:46:50:
d3:9f:ed:90:eb:e4:7a:60:0e:0e:59:9c:8d:d1:59:
54:15:8c:63:b8:47:7b:32:fc:8d:2f:d5:6b:a3:6d:
0e:27:3a:18:6d:77:eb:c5:11:b7:1f:fa:b2:bd:56:
84:3c:2b:80:d7:b7:6d:ff:17:7d:e6:c5:61:3a:a1:
44:12:99:37:bb:70:73:14:a1:70:10:59:b1:a3:ed:
2c:c6:7f:1e:90:a0:1b:ed:ac:e6:bb:3e:21:c6:88:
02:28:50:a7:20:57:82:c4:d7:14:50:98:2b:c6:17:
9d:40:7b:44:bf:47:9b:30:32:8f:f5:66:bf:be:c9:
eb:9a:98:9e:dd:43:ba:b9:47:23:1e:57:70:67:0d:
e3:41:9e:20:58:18:94:c4:9d:88:b2:fd:05:b4:7b:
05:83:59:f3:e0:d8:4b:b2:ca:30:e4:41:ec:29:50:
c3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EC:2F:84:6B:B7:4A:22:63:4D:C4:E7:2B:DD:15:91:7C:D8:F2:14
X509v3 Authority Key Identifier:
keyid:00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/MOwvhGu3SiJjTcTnK90VkXzY8hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/ABK53JdtfOgH5G_qSTbHJrDEogY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.128.0/24
Signature Algorithm: sha256WithRSAEncryption
58:48:de:ea:5e:ac:d7:56:01:c4:94:88:47:50:ab:5b:96:d3:
9f:fe:ac:11:88:90:10:59:f5:58:89:54:f4:1a:0b:cf:23:df:
55:1d:db:0c:ff:6a:9e:f8:22:c3:26:50:96:ab:96:5d:42:44:
03:11:75:23:ef:33:9b:3b:82:9d:01:7d:d2:81:f1:59:c2:26:
bf:ab:7a:68:10:bf:f8:aa:c3:87:d4:6d:ee:fd:3d:14:11:8f:
cc:18:29:b1:71:7a:16:ae:30:d6:bb:35:35:52:0b:51:1c:0c:
f8:b9:d0:64:4e:8d:42:18:cc:5f:00:6e:43:6f:49:11:43:2d:
c3:b0:36:9b:fd:67:97:15:28:7a:e6:d9:52:b3:d9:19:7d:2c:
78:4d:d5:6b:83:82:27:43:19:28:54:3b:97:47:c0:00:e3:ef:
51:7f:94:4a:31:20:8a:a6:20:23:6e:61:fe:5a:94:7b:bc:c1:
70:1f:72:08:7d:2d:ce:61:34:2d:d1:5d:a4:06:64:39:c5:e7:
e4:f9:5b:2a:69:0c:56:d2:7e:d8:5a:af:ca:cf:af:a8:ba:96:
85:2c:c7:93:1f:cb:73:5f:bb:6a:a5:28:d0:c6:ca:0d:99:de:
79:9a:8c:98:1e:ef:f3:66:a1:d1:ae:73:93:5d:42:e2:22:d4:
4c:14:f9:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsi5jtMPs6NAOAXMkmquK6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTJiOWRjOTc2ZDdjZTgwN2U0NmZlYTQ5MzZjNzI2YjBj
NGEyMDYwHhcNMjMxMDEyMDc1OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVjMmY4NDZiYjc0YTIyNjM0ZGM0ZTcyYmRkMTU5MTdjZDhmMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj3jOK6XQeFHuruEsJ6tW6/HOdCy
HIr2GZJhRvPvL02Wt3HzYKawZxDTW5NMq57EwMx1TK/wTqhLepni6peXBr0HI77q
U8FtTVW6S8wNohtHPZZD6HXdRlDTn+2Q6+R6YA4OWZyN0VlUFYxjuEd7MvyNL9Vr
o20OJzoYbXfrxRG3H/qyvVaEPCuA17dt/xd95sVhOqFEEpk3u3BzFKFwEFmxo+0s
xn8ekKAb7azmuz4hxogCKFCnIFeCxNcUUJgrxhedQHtEv0ebMDKP9Wa/vsnrmpie
3UO6uUcjHldwZw3jQZ4gWBiUxJ2Isv0FtHsFg1nz4NhLssow5EHsKVDD6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDsL4Rrt0oiY03E5yvdFZF82PIUMB8GA1UdIwQY
MBaAFAASudyXbXzoB+Rv6kk2xyawxKIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjIt
OTg0YTA4ODk4NDU5LzEvTU93dmhHdTNTaUpqVGNUbks5MFZrWHpZOGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5
LzEvQUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyAMA0G
CSqGSIb3DQEBCwUAA4IBAQBYSN7qXqzXVgHElIhHUKtbltOf/qwRiJAQWfVYiVT0
GgvPI99VHdsM/2qe+CLDJlCWq5ZdQkQDEXUj7zObO4KdAX3SgfFZwia/q3poEL/4
qsOH1G3u/T0UEY/MGCmxcXoWrjDWuzU1UgtRHAz4udBkTo1CGMxfAG5Db0kRQy3D
sDab/WeXFSh65tlSs9kZfSx4TdVrg4InQxkoVDuXR8AA4+9Rf5RKMSCKpiAjbmH+
WpR7vMFwH3IIfS3OYTQt0V2kBmQ5xefk+VsqaQxW0n7YWq/Kz6+oupaFLMeTH8tz
X7tqpSjQxsoNmd55moyYHu/zZqHRrnOTXULiItRMFPnx
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:29 2024 by rpki-client on console-ams.rpki-client.org