Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/f_OFJuCY4eQ5FW7OyAfBifddf8Y.roa
File: f_OFJuCY4eQ5FW7OyAfBifddf8Y.roa (raw, json)
Hash identifier: hTHkOs2V8Kh5puYFuhMLgFWr44WTwu46gC5srvEIxGA=
Subject key identifier: 7F:F3:85:26:E0:98:E1:E4:39:15:6E:CE:C8:07:C1:89:F7:5D:7F:C6
Certificate issuer: /CN=955dbebbc1070b99e4fb372117df2620038603e9
Certificate serial: 018CC2DB58F455413DBD633B28EC7C0FEE56
Authority key identifier: 95:5D:BE:BB:C1:07:0B:99:E4:FB:37:21:17:DF:26:20:03:86:03:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/f_OFJuCY4eQ5FW7OyAfBifddf8Y.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 217.14.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:f4:55:41:3d:bd:63:3b:28:ec:7c:0f:ee:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955dbebbc1070b99e4fb372117df2620038603e9
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ff38526e098e1e439156ecec807c189f75d7fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:57:a7:8e:51:f9:bd:56:26:87:d0:ae:2a:f6:
b0:19:50:6e:b6:62:46:05:29:bd:62:96:00:79:b3:
73:f8:7a:62:8d:61:f4:b3:c8:8d:f7:eb:ec:8d:bb:
b7:6e:b8:d1:d1:d0:79:81:25:be:10:44:5a:98:ba:
7c:67:ec:03:19:b9:66:18:ce:9e:3a:a9:f8:a9:ba:
d8:d6:08:87:03:f1:0f:17:d5:55:a7:79:be:da:93:
6c:55:78:f4:80:0f:e9:a4:a4:df:da:21:38:9e:23:
60:7e:22:8d:d5:6f:04:e0:27:88:43:bf:12:07:84:
a3:e2:3b:74:76:6b:34:37:a6:a1:a3:37:68:f7:d0:
61:63:61:01:12:e4:40:19:0c:57:41:cb:96:ff:79:
c4:ad:80:b2:d9:2f:26:6a:81:cf:5c:35:dc:b0:76:
aa:e2:16:0b:92:4c:3d:91:85:a2:ac:9a:10:c2:bc:
6b:67:db:9b:d4:2a:d7:8c:55:e6:df:c9:19:f2:f6:
85:7b:19:f4:89:2d:89:80:fe:09:3c:73:1d:a5:61:
ce:65:44:58:97:d8:ee:19:29:b3:b2:6c:06:9a:9d:
79:cd:5f:5e:d1:4e:9e:4e:b6:84:4a:60:5a:57:08:
00:41:dd:7b:bc:b0:df:71:55:d6:ed:d9:aa:0c:ee:
2d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F3:85:26:E0:98:E1:E4:39:15:6E:CE:C8:07:C1:89:F7:5D:7F:C6
X509v3 Authority Key Identifier:
keyid:95:5D:BE:BB:C1:07:0B:99:E4:FB:37:21:17:DF:26:20:03:86:03:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/f_OFJuCY4eQ5FW7OyAfBifddf8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/lV2-u8EHC5nk-zchF98mIAOGA-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.120.0/22
Signature Algorithm: sha256WithRSAEncryption
04:f9:55:04:7a:b6:e5:c2:49:84:17:7d:06:7a:b0:90:7d:f9:
d4:37:e0:c0:e2:66:3d:dc:02:df:cf:ec:e0:b2:f4:6b:68:da:
c3:6a:4b:b9:17:43:ac:36:f8:6b:da:55:55:fb:2a:33:58:23:
72:26:41:7a:0f:a1:60:67:b7:3d:8a:3b:98:f2:00:12:8f:27:
d2:97:d2:4c:16:4e:91:c9:5b:1d:e5:21:28:68:7d:7d:44:e1:
cb:ac:ba:31:e1:d7:14:23:95:26:c8:93:0f:74:f6:84:ea:4c:
0f:63:6f:e6:a4:fe:a5:57:73:c0:59:ff:59:d8:17:2b:66:54:
b7:80:a6:f8:57:22:9e:d4:5e:5d:98:99:ce:0c:ba:37:5a:c1:
59:32:6e:b9:3e:b5:b4:cd:b3:f2:fb:51:42:bd:04:94:d1:60:
b1:87:3e:e3:f8:36:98:f6:02:a9:31:66:56:38:38:23:5f:21:
9d:a2:10:a7:6c:ce:97:e6:b4:68:e9:de:19:31:4b:e1:48:35:
e0:cc:30:b3:f5:47:be:dd:07:da:b3:85:47:7d:89:be:10:c9:
25:a8:83:3d:c5:24:cd:b5:a1:82:69:e9:cd:93:d0:cb:96:eb:
89:5d:75:44:e0:13:37:f0:9a:98:42:9b:74:72:7a:e6:d7:6f:
cf:8c:66:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21j0VUE9vWM7KOx8D+5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NWRiZWJiYzEwNzBiOTllNGZiMzcyMTE3ZGYyNjIwMDM4
NjAzZTkwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYzODUyNmUwOThlMWU0MzkxNTZlY2VjODA3YzE4OWY3NWQ3ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlenjlH5vVYmh9CuKvawGVButmJG
BSm9YpYAebNz+HpijWH0s8iN9+vsjbu3brjR0dB5gSW+EERamLp8Z+wDGblmGM6e
Oqn4qbrY1giHA/EPF9VVp3m+2pNsVXj0gA/ppKTf2iE4niNgfiKN1W8E4CeIQ78S
B4Sj4jt0dms0N6ahozdo99BhY2EBEuRAGQxXQcuW/3nErYCy2S8maoHPXDXcsHaq
4hYLkkw9kYWirJoQwrxrZ9ub1CrXjFXm38kZ8vaFexn0iS2JgP4JPHMdpWHOZURY
l9juGSmzsmwGmp15zV9e0U6eTraESmBaVwgAQd17vLDfcVXW7dmqDO4tmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/zhSbgmOHkORVuzsgHwYn3XX/GMB8GA1UdIwQY
MBaAFJVdvrvBBwuZ5Ps3IRffJiADhgPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFYyLXU4RUhDNW5rLXpjaEY5OG1JQU9HQS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kZGFjMTEtMmU2My00YWFlLTk0MGYt
MDIzMjAzOTQ3ZDlkLzEvZl9PRkp1Q1k0ZVE1Rlc3T3lBZkJpZmRkZjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kZGFjMTEtMmU2My00YWFlLTk0MGYtMDIzMjAzOTQ3ZDlk
LzEvbFYyLXU4RUhDNW5rLXpjaEY5OG1JQU9HQS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2Q54MA0G
CSqGSIb3DQEBCwUAA4IBAQAE+VUEerblwkmEF30GerCQffnUN+DA4mY93ALfz+zg
svRraNrDaku5F0OsNvhr2lVV+yozWCNyJkF6D6FgZ7c9ijuY8gASjyfSl9JMFk6R
yVsd5SEoaH19ROHLrLox4dcUI5UmyJMPdPaE6kwPY2/mpP6lV3PAWf9Z2BcrZlS3
gKb4VyKe1F5dmJnODLo3WsFZMm65PrW0zbPy+1FCvQSU0WCxhz7j+DaY9gKpMWZW
ODgjXyGdohCnbM6X5rRo6d4ZMUvhSDXgzDCz9Ue+3Qfas4VHfYm+EMklqIM9xSTN
taGCaenNk9DLluuJXXVE4BM38JqYQpt0cnrm12/PjGbD
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:26 2025 by rpki-client