Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NOZmD3mP6g2DzwSMTxW8QXlAAow.roa
File: NOZmD3mP6g2DzwSMTxW8QXlAAow.roa (raw, json)
Hash identifier: UNVlX2LqqsRaIbfoJ/ofMeZOzJ/17nOmhVUUUfk59As=
Subject key identifier: 34:E6:66:0F:79:8F:EA:0D:83:CF:04:8C:4F:15:BC:41:79:40:02:8C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0191BE63464A88231A7A7A25795AA0D974F3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NOZmD3mP6g2DzwSMTxW8QXlAAow.roa
Signing time: Wed 04 Sep 2024 18:54:22 +0000
ROA not before: Wed 04 Sep 2024 18:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215211
IP address blocks: 217.60.0.0/17 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 18 Oct 2024 09:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:63:46:4a:88:23:1a:7a:7a:25:79:5a:a0:d9:74:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 4 18:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34e6660f798fea0d83cf048c4f15bc417940028c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ff:4b:7e:7e:35:b4:01:25:cb:97:ea:a0:db:
a2:e9:5d:36:c2:ea:23:eb:6f:09:ef:b3:c6:f7:5f:
81:9c:ae:52:3b:ae:5a:b4:5a:a8:35:87:22:99:53:
b2:86:42:84:ce:89:f0:c5:46:77:6d:a6:da:5a:d2:
1f:5f:25:e2:77:da:6d:50:ae:4e:0f:41:cd:8f:ca:
d2:d0:7e:48:a7:03:50:e2:eb:7e:0f:d4:a5:cc:1c:
0b:78:f4:13:c0:ce:a4:60:2e:5e:9a:54:ab:16:5f:
76:b2:68:bf:1e:70:d2:be:fe:a8:04:07:a3:c2:f2:
79:1f:09:96:64:40:9d:c3:81:ea:2a:ed:46:f4:03:
53:28:45:d8:c1:8f:2b:f1:87:92:18:c7:cd:2b:b8:
5b:3f:84:d6:4c:57:cf:15:e5:76:a0:3f:d6:67:90:
f5:ef:93:46:7c:72:51:1f:33:c8:a5:39:05:8d:f7:
b5:e2:25:87:f4:e1:e0:02:7b:73:9d:23:c1:b0:65:
7c:39:d7:91:dd:55:4c:3c:aa:34:44:20:6d:28:dd:
35:eb:eb:5d:34:9b:6f:b7:5c:ef:89:dd:bf:cb:17:
bc:5c:5a:5a:66:66:5e:0c:55:09:98:9c:92:bc:eb:
3d:d5:a4:20:5e:ff:99:25:d3:05:d5:39:cd:a8:4a:
ee:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E6:66:0F:79:8F:EA:0D:83:CF:04:8C:4F:15:BC:41:79:40:02:8C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NOZmD3mP6g2DzwSMTxW8QXlAAow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/17
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
ba:7d:5e:64:6b:c4:ce:80:bf:34:03:33:aa:48:78:3d:c1:43:
7c:a9:4b:fc:ae:c6:6c:e4:c9:c5:35:3f:28:e3:e3:03:61:e3:
65:fd:f6:94:e2:cd:9a:1f:b7:19:b2:c2:a9:b7:55:85:d8:ba:
dd:8c:fb:9c:55:14:bd:26:d0:20:3c:30:b5:1a:e7:08:01:42:
b7:ed:e2:b3:c3:d8:1e:7d:ff:1b:88:48:b5:88:49:31:3b:75:
b0:0f:dc:fb:9c:1f:94:2d:e3:a9:7b:20:30:94:13:04:3e:60:
a3:0e:a1:f7:9c:e4:7a:35:c0:8f:8c:57:51:3e:78:ef:f6:65:
2c:27:79:76:5f:d8:09:74:0b:db:9e:93:f3:94:79:a0:00:61:
04:55:47:cd:74:46:e9:6c:46:67:30:6b:90:2f:e7:28:74:2c:
83:36:78:d9:44:83:82:38:5f:56:a2:8d:6e:e1:f4:fb:1a:7c:
4c:ad:bc:6b:ac:7a:71:56:cf:82:fc:36:cb:50:99:30:9e:99:
93:11:49:cc:14:fd:17:c9:22:54:e1:40:04:84:72:4e:4b:93:
4e:dc:b6:6d:ea:66:6d:bf:c3:47:17:ef:77:3e:2e:82:92:cf:
ed:6a:04:23:0c:37:ec:8e:af:ae:bc:83:82:b4:55:bf:19:3b:
ef:6f:b8:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZG+Y0ZKiCMaenoleVqg2XTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwOTA0MTg1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU2NjYwZjc5OGZlYTBkODNjZjA0OGM0ZjE1YmM0MTc5NDAwMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv9Lfn41tAEly5fqoNui6V02wuoj
628J77PG91+BnK5SO65atFqoNYcimVOyhkKEzonwxUZ3babaWtIfXyXid9ptUK5O
D0HNj8rS0H5IpwNQ4ut+D9SlzBwLePQTwM6kYC5emlSrFl92smi/HnDSvv6oBAej
wvJ5HwmWZECdw4HqKu1G9ANTKEXYwY8r8YeSGMfNK7hbP4TWTFfPFeV2oD/WZ5D1
75NGfHJRHzPIpTkFjfe14iWH9OHgAntznSPBsGV8OdeR3VVMPKo0RCBtKN016+td
NJtvt1zvid2/yxe8XFpaZmZeDFUJmJySvOs91aQgXv+ZJdMF1TnNqErunQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDTmZg95j+oNg88EjE8VvEF5QAKMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTk9abUQzbVA2ZzJEendTTVR4VzhRWGxBQW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQH2TwAMA0E
AgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQC6fV5ka8TOgL80AzOqSHg9
wUN8qUv8rsZs5MnFNT8o4+MDYeNl/faU4s2aH7cZssKpt1WF2LrdjPucVRS9JtAg
PDC1GucIAUK37eKzw9geff8biEi1iEkxO3WwD9z7nB+ULeOpeyAwlBMEPmCjDqH3
nOR6NcCPjFdRPnjv9mUsJ3l2X9gJdAvbnpPzlHmgAGEEVUfNdEbpbEZnMGuQL+co
dCyDNnjZRIOCOF9Woo1u4fT7GnxMrbxrrHpxVs+C/DbLUJkwnpmTEUnMFP0XySJU
4UAEhHJOS5NO3LZt6mZtv8NHF+93Pi6Cks/tagQjDDfsjq+uvIOCtFW/GTvvb7gk
-----END CERTIFICATE-----
Generated at Fri Oct 18 13:32:51 2024 by rpki-client on console-ams.rpki-client.org