Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/rP7LFWOk4eH6aRGmgBKTIagZti0.roa
File: rP7LFWOk4eH6aRGmgBKTIagZti0.roa (raw, json)
Hash identifier: CzYU/GJB2tVbnKbb7OMAYv2y9gDTSY4Wv7+tLdV0koE=
Subject key identifier: AC:FE:CB:15:63:A4:E1:E1:FA:69:11:A6:80:12:93:21:A8:19:B6:2D
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018570306F829AD6C062A5FE15E62A215019
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/rP7LFWOk4eH6aRGmgBKTIagZti0.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59448
IP address blocks: 217.20.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6f:82:9a:d6:c0:62:a5:fe:15:e6:2a:21:50:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acfecb1563a4e1e1fa6911a680129321a819b62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:97:dc:e0:f3:26:ec:28:c3:2a:cc:c2:3a:
17:de:fa:7f:e8:74:39:15:4a:d4:ab:76:f4:25:50:
46:89:f6:c0:d2:6f:44:ed:08:d6:a1:bf:45:4c:b8:
1f:df:16:23:54:00:3f:0d:4c:67:97:87:3b:de:b3:
e0:29:b8:f4:8d:0a:fa:38:88:40:03:19:7d:6e:13:
3d:a5:29:f4:52:eb:5c:94:44:f7:2b:17:a5:e7:f2:
2d:0f:cd:80:2b:af:0a:9f:c3:4b:af:27:63:3f:ed:
f5:ed:5b:31:7d:27:cc:ee:6d:d3:7f:6f:c6:e7:88:
89:cd:62:1f:ff:9d:7b:0d:26:7e:2b:b6:5a:46:fb:
74:91:98:d3:55:cf:56:43:51:54:f7:f9:0b:9b:17:
88:b2:24:63:fc:72:b1:ba:82:95:ea:f0:ff:7e:27:
3a:c8:c9:a2:af:ce:c7:cd:64:9b:df:fc:49:de:34:
08:76:33:22:a9:20:34:4a:02:2b:29:f0:38:7f:dc:
57:bd:9c:41:7a:28:e7:f0:6e:5b:08:db:3f:a3:e1:
a2:20:ba:de:4d:82:a3:9f:da:22:02:69:72:a4:3b:
9a:c0:07:09:c4:d7:8a:c1:a3:1c:06:ec:19:2c:79:
ef:7c:96:4d:af:1f:3f:6b:07:4c:48:e1:6a:ec:2c:
24:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FE:CB:15:63:A4:E1:E1:FA:69:11:A6:80:12:93:21:A8:19:B6:2D
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/rP7LFWOk4eH6aRGmgBKTIagZti0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.128.0/24
Signature Algorithm: sha256WithRSAEncryption
03:bb:b6:ae:d2:87:8f:2c:73:e5:98:7a:5b:e7:f2:e1:c4:f7:
ba:3c:7e:d0:bc:59:32:36:c0:bf:aa:95:0f:09:9e:23:c1:1a:
9e:22:6a:b2:64:b7:b9:f4:f0:72:50:2e:6b:5e:14:08:3c:ea:
ab:83:1e:83:7f:55:d8:7f:61:1d:6f:7f:b1:13:14:98:44:ad:
2c:e8:dd:59:67:4b:31:d1:d1:77:b1:f3:52:e3:e4:6d:ff:a6:
f2:c7:50:8f:38:76:af:b0:95:b1:be:b8:9e:46:b9:13:e6:08:
8c:c1:9f:d3:c9:75:8f:48:14:97:1e:59:b5:8a:99:c7:77:7e:
b8:e7:ad:bb:d4:e7:c2:fd:29:11:9e:2d:31:42:70:de:1e:cb:
61:f0:9a:7f:71:6f:81:2b:89:22:e3:89:f2:5b:26:91:94:ae:
bf:9c:16:c2:bc:94:a9:73:6b:9c:65:15:b0:0b:c4:ec:f0:7b:
81:79:6e:25:48:36:14:6a:96:fc:65:90:cf:ee:65:06:83:9e:
c8:6c:ce:e8:fa:96:72:c1:39:9e:cb:d6:33:27:8f:1b:de:e3:
8c:27:7a:0e:97:a4:ae:12:4f:32:8f:1d:e4:93:55:31:cc:bf:
f1:d9:3a:8b:c3:e5:39:29:24:a5:6b:2d:67:63:21:93:29:3b:
be:de:cd:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMG+CmtbAYqX+FeYqIVAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZlY2IxNTYzYTRlMWUxZmE2OTExYTY4MDEyOTMyMWE4MTliNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIaX3ODzJuwowyrMwjoX3vp/6HQ5
FUrUq3b0JVBGifbA0m9E7QjWob9FTLgf3xYjVAA/DUxnl4c73rPgKbj0jQr6OIhA
Axl9bhM9pSn0UutclET3Kxel5/ItD82AK68Kn8NLrydjP+317VsxfSfM7m3Tf2/G
54iJzWIf/517DSZ+K7ZaRvt0kZjTVc9WQ1FU9/kLmxeIsiRj/HKxuoKV6vD/fic6
yMmir87HzWSb3/xJ3jQIdjMiqSA0SgIrKfA4f9xXvZxBeijn8G5bCNs/o+GiILre
TYKjn9oiAmlypDuawAcJxNeKwaMcBuwZLHnvfJZNrx8/awdMSOFq7Cwk8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKz+yxVjpOHh+mkRpoASkyGoGbYtMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvclA3TEZXT2s0ZUg2YVJHbWdCS1RJYWdadGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RSAMA0G
CSqGSIb3DQEBCwUAA4IBAQADu7au0oePLHPlmHpb5/LhxPe6PH7QvFkyNsC/qpUP
CZ4jwRqeImqyZLe59PByUC5rXhQIPOqrgx6Df1XYf2Edb3+xExSYRK0s6N1ZZ0sx
0dF3sfNS4+Rt/6byx1CPOHavsJWxvrieRrkT5giMwZ/TyXWPSBSXHlm1ipnHd364
56271OfC/SkRni0xQnDeHsth8Jp/cW+BK4ki44nyWyaRlK6/nBbCvJSpc2ucZRWw
C8Ts8HuBeW4lSDYUapb8ZZDP7mUGg57IbM7o+pZywTmey9YzJ48b3uOMJ3oOl6Su
Ek8yjx3kk1UxzL/x2TqLw+U5KSSlay1nYyGTKTu+3s1h
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:04 2024 by rpki-client on console-fra.rpki-client.org