Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/8u1NQ0FyR9uCFWcN3PfziP1v3T0.roa
File: 8u1NQ0FyR9uCFWcN3PfziP1v3T0.roa (raw, json)
Hash identifier: y1lPDZMskjwkNDHU6xSTahoxuYQ6NTQxjTo8F6V+csk=
Subject key identifier: F2:ED:4D:43:41:72:47:DB:82:15:67:0D:DC:F7:F3:88:FD:6F:DD:3D
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 0185712778EE4BB72E679EDB0DE5BE94F818
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/8u1NQ0FyR9uCFWcN3PfziP1v3T0.roa
Signing time: Mon 02 Jan 2023 06:24:50 +0000
ROA not before: Mon 02 Jan 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28990
IP address blocks: 217.26.144.0/24 maxlen: 24
217.26.144.0/21 maxlen: 21
217.26.144.0/20 maxlen: 24
217.26.145.0/24 maxlen: 24
217.26.150.0/24 maxlen: 24
217.26.152.0/21 maxlen: 21
217.26.147.0/24 maxlen: 24
217.26.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:78:ee:4b:b7:2e:67:9e:db:0d:e5:be:94:f8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2ed4d43417247db8215670ddcf7f388fd6fdd3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fa:9a:11:d3:99:7a:4d:03:66:7a:6b:60:5a:
3b:65:3f:a6:4e:ce:1b:03:a7:f7:aa:76:ab:4a:06:
08:90:dd:24:da:55:6a:50:c7:23:ed:db:fc:ba:bc:
d7:3f:44:78:8f:1b:1f:99:f7:e0:9f:ef:ed:bd:ed:
22:88:03:71:55:9f:46:68:e6:bd:95:ec:96:64:b9:
ca:16:8e:2c:f2:f6:8d:84:2d:78:d7:d0:05:31:22:
be:b9:b8:37:05:98:47:b6:e0:dc:96:fe:1e:bb:10:
c5:c8:62:29:7f:1c:c3:80:8f:16:bd:4a:f6:4b:19:
f0:61:ce:10:d7:e4:82:72:f4:d0:bc:5e:e9:a0:38:
cb:1a:c1:f2:8e:ca:f1:f2:61:1a:4c:f3:7d:95:ad:
ed:29:98:b2:e5:14:7e:ba:cc:97:bf:e1:bc:6f:ee:
84:5c:a1:b5:de:12:16:23:c9:d1:cf:48:01:cf:ab:
41:28:cf:d9:66:38:92:84:0e:4b:2d:dd:95:a6:54:
e8:a9:a4:c1:bc:d1:bc:bf:a4:0c:dc:2f:82:98:f7:
b7:ec:6c:8f:9f:21:50:17:a2:27:c8:db:2a:63:41:
fe:ee:87:e9:c6:51:95:ae:b3:32:e3:60:e4:dc:4f:
9b:4c:ef:c5:5c:6f:6c:5a:80:ff:1d:f4:16:74:7f:
ef:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:ED:4D:43:41:72:47:DB:82:15:67:0D:DC:F7:F3:88:FD:6F:DD:3D
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/8u1NQ0FyR9uCFWcN3PfziP1v3T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.144.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:e3:a7:be:62:70:be:38:d0:70:11:f1:0d:d4:9b:6f:63:c8:
9d:14:ac:87:b6:34:5f:3c:7c:e1:f2:bd:3b:ce:66:05:f4:41:
4e:71:bc:3e:63:3e:59:71:09:44:d6:7a:61:82:07:c1:06:b8:
26:c3:ba:12:7f:72:15:76:33:fd:b2:58:7b:b3:f9:0a:ab:b3:
e2:ad:8c:90:8f:5e:90:60:4b:16:dd:f2:5d:2c:06:1b:45:c1:
2d:62:b8:ec:03:5d:49:2c:94:37:37:7a:f4:85:1f:71:f3:d2:
c1:44:c7:59:63:a8:3c:df:8e:16:2a:b1:0e:33:b3:0f:29:3b:
53:13:bc:a0:78:1a:5f:1f:b6:01:4e:fa:55:63:cb:1f:56:38:
18:53:8b:86:7d:0d:f9:99:7a:0a:3d:fc:f3:db:93:27:9b:ab:
61:fa:be:90:02:19:69:b7:03:1a:09:c0:b5:f1:49:0c:99:38:
38:e1:02:6d:b1:06:5a:98:80:7a:73:47:38:5c:ae:f6:dc:4b:
84:1f:96:4e:aa:ff:ca:d6:a2:51:b2:e3:3f:34:0a:7c:1b:f4:
8f:ae:7b:05:3d:76:a4:a4:36:a2:d2:b2:71:18:b2:c2:bc:36:
db:aa:8c:12:c7:2e:78:c1:d8:02:e3:62:5f:d4:e7:92:aa:3b:
e1:92:77:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ3juS7cuZ57bDeW+lPgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjMwMTAyMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVkNGQ0MzQxNzI0N2RiODIxNTY3MGRkY2Y3ZjM4OGZkNmZkZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfqaEdOZek0DZnprYFo7ZT+mTs4b
A6f3qnarSgYIkN0k2lVqUMcj7dv8urzXP0R4jxsfmffgn+/tve0iiANxVZ9GaOa9
leyWZLnKFo4s8vaNhC1419AFMSK+ubg3BZhHtuDclv4euxDFyGIpfxzDgI8WvUr2
SxnwYc4Q1+SCcvTQvF7poDjLGsHyjsrx8mEaTPN9la3tKZiy5RR+usyXv+G8b+6E
XKG13hIWI8nRz0gBz6tBKM/ZZjiShA5LLd2VplToqaTBvNG8v6QM3C+CmPe37GyP
nyFQF6InyNsqY0H+7ofpxlGVrrMy42Dk3E+bTO/FXG9sWoD/HfQWdH/vVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLtTUNBckfbghVnDdz384j9b909MB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvOHUxTlEwRnlSOXVDRldjTjNQZnppUDF2M1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RqQMA0G
CSqGSIb3DQEBCwUAA4IBAQB646e+YnC+ONBwEfEN1JtvY8idFKyHtjRfPHzh8r07
zmYF9EFOcbw+Yz5ZcQlE1nphggfBBrgmw7oSf3IVdjP9slh7s/kKq7PirYyQj16Q
YEsW3fJdLAYbRcEtYrjsA11JLJQ3N3r0hR9x89LBRMdZY6g8344WKrEOM7MPKTtT
E7ygeBpfH7YBTvpVY8sfVjgYU4uGfQ35mXoKPfzz25Mnm6th+r6QAhlptwMaCcC1
8UkMmTg44QJtsQZamIB6c0c4XK723EuEH5ZOqv/K1qJRsuM/NAp8G/SPrnsFPXak
pDai0rJxGLLCvDbbqowSxy54wdgC42Jf1OeSqjvhknep
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:51 2024 by rpki-client on console-ams.rpki-client.org