Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ApmTeceC7I4gT7KM4OwjrjoC_QI.roa
File: ApmTeceC7I4gT7KM4OwjrjoC_QI.roa (raw, json)
Hash identifier: TLZKt3oeRGu8AiIynbJ3IB+Vo2wCMVkJiqzzviTIQOI=
Subject key identifier: 02:99:93:79:C7:82:EC:8E:20:4F:B2:8C:E0:EC:23:AE:3A:02:FD:02
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019354CE5B9D41C343F4CCF08709DF133BF5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ApmTeceC7I4gT7KM4OwjrjoC_QI.roa
Signing time: Fri 22 Nov 2024 16:57:10 +0000
ROA not before: Fri 22 Nov 2024 16:57:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 217.60.242.0/24 maxlen: 24
217.60.244.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
217.60.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 09:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:ce:5b:9d:41:c3:43:f4:cc:f0:87:09:df:13:3b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 22 16:57:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02999379c782ec8e204fb28ce0ec23ae3a02fd02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:63:aa:80:de:04:72:72:d1:69:91:f0:d4:74:
01:61:4e:ec:8b:7c:82:cb:f3:9f:20:75:a8:7b:85:
57:04:c9:47:9e:c3:8b:a0:bc:20:16:a8:56:38:81:
a3:7a:cd:6a:ba:a7:dd:7d:e5:ba:a8:a2:43:c0:58:
6d:df:c3:79:4a:44:1e:07:09:96:c2:0c:58:6d:00:
07:b1:89:04:9a:9c:00:94:21:59:43:d1:bd:07:68:
a2:0c:ca:c7:be:f1:3f:5b:92:96:d5:2a:d4:72:19:
5c:aa:15:02:01:08:73:ac:9e:80:42:95:3d:1e:3b:
bf:3a:3d:38:a1:3e:27:c1:7d:09:6e:28:79:76:8f:
7c:89:4a:5a:68:a3:fe:a4:d1:87:b6:2b:c7:10:81:
b4:4a:b3:20:2a:26:ae:7c:c9:45:2e:47:f8:64:f9:
30:99:ac:ed:c8:7e:b1:51:be:24:10:68:7e:3f:5c:
37:cd:58:8f:6d:4b:07:56:ac:32:fa:1a:fe:82:3c:
ac:94:70:44:46:25:78:e4:37:43:07:1b:35:58:97:
0d:89:af:3b:d7:7f:c7:b0:d2:9c:4f:1e:bc:1b:52:
43:55:9f:c5:db:70:e3:97:05:42:dc:47:62:ce:dc:
5c:db:98:44:94:7a:8b:9e:2e:a0:7f:00:66:7f:6e:
68:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:99:93:79:C7:82:EC:8E:20:4F:B2:8C:E0:EC:23:AE:3A:02:FD:02
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ApmTeceC7I4gT7KM4OwjrjoC_QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.242.0/24
217.60.244.0/24
217.60.247.0/24
217.60.249.0/24
217.60.252.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:d6:77:58:dc:09:d8:f8:11:e8:34:a3:7e:31:34:e5:aa:8e:
77:bd:17:26:cd:e4:9c:79:ef:a9:88:ab:4c:35:f5:b7:b3:4a:
4d:46:97:a4:ad:97:1a:f6:43:af:7e:72:5d:b9:05:e9:1f:8a:
8c:0f:2c:28:90:a8:ce:36:35:5d:85:58:5a:6e:00:f6:78:18:
5e:cf:f8:69:f4:6e:e4:43:7d:a8:a6:4c:73:1b:2f:13:44:ec:
f7:e5:97:2d:98:2c:f7:d3:72:6a:d4:36:32:dc:2e:c4:fe:60:
55:35:02:f3:17:96:a3:d1:ae:6f:82:0f:e5:09:86:6d:c9:cb:
c7:92:7d:b4:fb:53:1b:41:77:08:35:91:03:b9:ac:7a:7c:d4:
3f:be:89:98:f8:6d:43:2e:bc:ca:ec:81:f8:bb:68:b2:5c:64:
e0:d4:c7:33:06:93:01:b8:99:73:9f:4f:06:2b:c4:2f:d0:28:
50:40:fd:b5:94:12:e4:07:ab:ed:58:04:15:5e:20:6d:4d:f6:
7b:8c:16:8d:10:15:96:84:a1:3b:16:12:6f:5c:ef:77:22:64:
27:59:f9:f9:55:a4:61:5b:f5:7e:20:2b:83:8a:ec:78:38:ca:
7e:ce:c6:6f:b7:80:2c:27:33:15:93:1c:b3:17:86:24:3d:95:
18:82:a3:67
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNUzludQcND9MzwhwnfEzv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTIyMTY1NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk5OTM3OWM3ODJlYzhlMjA0ZmIyOGNlMGVjMjNhZTNhMDJmZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGOqgN4EcnLRaZHw1HQBYU7si3yC
y/OfIHWoe4VXBMlHnsOLoLwgFqhWOIGjes1quqfdfeW6qKJDwFht38N5SkQeBwmW
wgxYbQAHsYkEmpwAlCFZQ9G9B2iiDMrHvvE/W5KW1SrUchlcqhUCAQhzrJ6AQpU9
Hju/Oj04oT4nwX0Jbih5do98iUpaaKP+pNGHtivHEIG0SrMgKiaufMlFLkf4ZPkw
maztyH6xUb4kEGh+P1w3zViPbUsHVqwy+hr+gjyslHBERiV45DdDBxs1WJcNia87
13/HsNKcTx68G1JDVZ/F23DjlwVC3Ediztxc25hElHqLni6gfwBmf25oKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAKZk3nHguyOIE+yjODsI646Av0CMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQXBtVGVjZUM3STRnVDdLTTRPd2pyam9DX1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA2TzyAwQA
2Tz0AwQA2Tz3AwQA2Tz5AwQB2Tz8MA0GCSqGSIb3DQEBCwUAA4IBAQCt1ndY3AnY
+BHoNKN+MTTlqo53vRcmzeScee+piKtMNfW3s0pNRpekrZca9kOvfnJduQXpH4qM
DywokKjONjVdhVhabgD2eBhez/hp9G7kQ32opkxzGy8TROz35ZctmCz303Jq1DYy
3C7E/mBVNQLzF5aj0a5vgg/lCYZtycvHkn20+1MbQXcINZEDuax6fNQ/vomY+G1D
LrzK7IH4u2iyXGTg1MczBpMBuJlzn08GK8Qv0ChQQP21lBLkB6vtWAQVXiBtTfZ7
jBaNEBWWhKE7FhJvXO93ImQnWfn5VaRhW/V+ICuDiux4OMp+zsZvt4AsJzMVkxyz
F4YkPZUYgqNn
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:49:11 2025 by rpki-client