Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bMkI0YnrbmDLNh9PeN3fieaVNwg.roa
File: bMkI0YnrbmDLNh9PeN3fieaVNwg.roa (raw, json)
Hash identifier: UWme1j7qIIF9Yir1dnXBJQvcbb7wATwphdY+mbvg0v8=
Subject key identifier: 6C:C9:08:D1:89:EB:6E:60:CB:36:1F:4F:78:DD:DF:89:E6:95:37:08
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01907E675437E89357F0C018D749F98B03F1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bMkI0YnrbmDLNh9PeN3fieaVNwg.roa
Signing time: Thu 04 Jul 2024 15:40:19 +0000
ROA not before: Thu 04 Jul 2024 15:40:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 217.60.239.0/24 maxlen: 24
217.60.241.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Dec 2024 08:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:67:54:37:e8:93:57:f0:c0:18:d7:49:f9:8b:03:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 4 15:40:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cc908d189eb6e60cb361f4f78dddf89e6953708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:eb:45:11:e8:ad:aa:7f:1b:c0:7d:b6:23:
58:d8:6c:0c:72:57:3d:c5:67:2c:7c:f0:0a:14:2f:
34:b0:15:36:a2:5b:8c:7f:80:fc:49:d2:18:b2:49:
0a:f9:35:d0:60:35:cb:8a:1d:eb:d6:e3:eb:2b:31:
e4:2a:34:a4:90:a6:84:81:2e:3f:53:1a:12:48:d5:
e3:10:f2:1b:69:c8:43:6a:f2:9c:5e:b9:52:f0:44:
13:6b:02:bd:7d:ad:09:0b:a7:c0:81:c2:e3:9b:cf:
a6:dc:95:da:d7:b9:88:4a:1d:51:66:d2:95:3e:14:
41:6c:aa:00:1e:e3:2d:29:6f:a2:67:a2:b7:0b:08:
ce:a8:ff:ff:d2:ea:67:6d:06:41:da:7a:05:f0:30:
11:a4:13:60:1d:d7:90:88:5c:81:5d:0f:d8:ba:38:
b5:0c:28:ce:53:ec:25:50:63:d3:51:3e:d9:a2:d1:
51:84:45:f3:7e:02:9a:f7:ae:ba:e0:bc:1f:2b:32:
ca:31:e8:4f:3b:a6:38:31:18:f0:57:47:c0:cf:44:
4d:a5:4b:19:e3:81:4d:ed:03:26:c9:90:d3:f5:97:
dc:02:4b:14:7b:b7:93:0f:92:d5:01:2d:7e:6a:d5:
95:b5:c0:7d:06:ac:7e:b1:fa:0e:25:7c:aa:e8:4c:
7f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C9:08:D1:89:EB:6E:60:CB:36:1F:4F:78:DD:DF:89:E6:95:37:08
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bMkI0YnrbmDLNh9PeN3fieaVNwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.239.0/24
217.60.241.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
03:13:e1:4e:3c:63:6b:5b:41:18:a2:61:30:73:74:f7:2f:a1:
3e:ad:bf:2c:12:2f:42:f4:3c:8b:28:da:d6:02:99:1d:b5:4d:
b0:b7:57:ec:b6:d9:cd:95:d9:c2:0f:77:2d:53:d9:87:90:8e:
4d:80:34:62:d3:ff:c6:36:9a:f3:b4:9b:be:a6:d9:d1:56:07:
37:f0:d2:6b:67:b5:cb:f6:51:e8:12:0e:49:27:e4:ef:4c:4f:
32:df:2c:ba:6b:25:56:34:da:e7:9c:df:02:57:4a:11:4e:36:
b1:65:8b:2b:4b:31:3b:41:71:95:39:a8:b4:f4:a0:77:21:35:
1a:5a:dd:52:78:aa:a5:0f:3b:0b:8f:e4:bf:76:68:7f:0a:8b:
50:64:58:ff:a6:9b:73:f9:26:e3:f7:b7:f6:a6:ef:06:cd:45:
e8:4c:39:92:fb:6a:b9:b6:03:4c:04:a5:1e:6f:5a:b9:fa:3c:
a7:f7:e6:ed:70:6f:97:ee:7d:ca:ae:ee:b4:32:c2:9a:57:7b:
b5:df:8f:af:80:21:6e:be:8b:27:53:5b:a1:5b:15:61:68:1c:
60:bd:86:31:30:5f:75:ee:2c:f0:a8:6a:41:81:d2:82:d3:52:
f6:20:b8:07:4b:07:08:43:8f:7f:73:d5:09:e1:28:23:a5:fc:
7d:4b:4a:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB+Z1Q36JNX8MAY10n5iwPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwNzA0MTU0MDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2M5MDhkMTg5ZWI2ZTYwY2IzNjFmNGY3OGRkZGY4OWU2OTUzNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWrrRRHorap/G8B9tiNY2GwMclc9
xWcsfPAKFC80sBU2oluMf4D8SdIYskkK+TXQYDXLih3r1uPrKzHkKjSkkKaEgS4/
UxoSSNXjEPIbachDavKcXrlS8EQTawK9fa0JC6fAgcLjm8+m3JXa17mISh1RZtKV
PhRBbKoAHuMtKW+iZ6K3CwjOqP//0upnbQZB2noF8DARpBNgHdeQiFyBXQ/Yuji1
DCjOU+wlUGPTUT7ZotFRhEXzfgKa96664LwfKzLKMehPO6Y4MRjwV0fAz0RNpUsZ
44FN7QMmyZDT9ZfcAksUe7eTD5LVAS1+atWVtcB9Bqx+sfoOJXyq6Ex/8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGzJCNGJ625gyzYfT3jd34nmlTcIMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYk1rSTBZbnJibURMTmg5UGVOM2ZpZWFWTndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2TzvAwQA
2TzxAwQA2Tz+MA0GCSqGSIb3DQEBCwUAA4IBAQADE+FOPGNrW0EYomEwc3T3L6E+
rb8sEi9C9DyLKNrWApkdtU2wt1fsttnNldnCD3ctU9mHkI5NgDRi0//GNprztJu+
ptnRVgc38NJrZ7XL9lHoEg5JJ+TvTE8y3yy6ayVWNNrnnN8CV0oRTjaxZYsrSzE7
QXGVOai09KB3ITUaWt1SeKqlDzsLj+S/dmh/CotQZFj/pptz+Sbj97f2pu8GzUXo
TDmS+2q5tgNMBKUeb1q5+jyn9+btcG+X7n3Kru60MsKaV3u134+vgCFuvosnU1uh
WxVhaBxgvYYxMF917izwqGpBgdKC01L2ILgHSwcIQ49/c9UJ4Sgjpfx9S0o+
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:42 2025 by rpki-client