Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dYqDgEYABzdMB4pGBthhbcOUvic.roa
File: dYqDgEYABzdMB4pGBthhbcOUvic.roa (raw, json)
Hash identifier: qMHO2/qx8Q3Z5rNo1THAjHc4jaXFP8JWc+si7jtR5Bo=
Subject key identifier: 75:8A:83:80:46:00:07:37:4C:07:8A:46:06:D8:61:6D:C3:94:BE:27
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192E80877F078D2CA7E756E2829D1F8EC1C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dYqDgEYABzdMB4pGBthhbcOUvic.roa
Signing time: Fri 01 Nov 2024 14:02:01 +0000
ROA not before: Fri 01 Nov 2024 14:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212742
IP address blocks: 217.60.128.0/19 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 13:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e8:08:77:f0:78:d2:ca:7e:75:6e:28:29:d1:f8:ec:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 1 14:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=758a8380460007374c078a4606d8616dc394be27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:13:fe:3a:4e:fa:07:a4:b8:f0:f7:32:ff:ef:
f2:ba:60:5e:5c:ef:43:aa:16:77:83:63:01:b2:50:
35:b3:fa:8b:12:62:0f:94:46:6e:6e:55:d9:b7:f8:
b2:eb:d3:0d:c2:49:8f:fa:19:be:d3:b2:e7:c4:3a:
08:41:5f:ae:99:83:f7:85:d9:76:c3:27:60:71:f1:
1c:44:71:4f:80:d1:e1:16:1a:7e:78:2d:46:57:92:
8f:73:2b:4f:62:2d:4a:f0:0b:d3:3e:a6:2b:37:1b:
93:94:36:f6:05:49:1c:65:e7:8a:ce:2e:06:6a:f6:
58:ef:dd:91:73:41:b7:de:45:e3:3e:e4:d5:8e:6c:
85:37:12:7b:a1:13:f1:40:25:ff:3c:c2:24:71:dc:
2c:e7:26:91:22:e6:5e:28:80:77:c3:b1:c8:64:65:
8c:16:64:d6:49:ee:77:df:67:90:da:33:1b:5b:8a:
16:a3:ce:58:68:2e:4c:d5:a4:bd:6b:c6:e6:b2:e6:
d6:7e:6d:b2:bf:3c:f4:1c:ea:54:16:df:48:49:95:
c3:dc:0d:05:dc:62:8d:89:25:30:f9:ea:ea:64:48:
14:43:70:95:37:98:c6:71:e5:33:12:c3:6d:2b:8a:
6b:d1:2c:b5:cd:55:6d:97:2b:90:65:6f:71:80:96:
92:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8A:83:80:46:00:07:37:4C:07:8A:46:06:D8:61:6D:C3:94:BE:27
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dYqDgEYABzdMB4pGBthhbcOUvic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.128.0-217.60.175.255
217.60.208.0/20
Signature Algorithm: sha256WithRSAEncryption
12:69:7b:d7:00:01:8f:fc:3c:eb:21:75:c4:7c:00:a7:62:b2:
cc:ee:dc:59:18:7e:a3:58:fe:65:2e:20:c0:6b:c1:00:21:8b:
94:26:6f:d2:5d:98:b7:48:54:f0:1e:eb:27:0d:28:c7:7a:b3:
37:27:dd:e3:7e:9c:fe:0b:21:79:45:73:79:39:24:e3:69:e3:
b9:74:ec:66:69:29:46:6d:22:75:b0:69:85:f7:f5:e5:be:24:
b3:ba:4e:57:a0:e6:65:1c:ff:42:35:ba:66:92:9a:37:97:39:
7e:91:16:46:f6:36:ba:12:77:b5:6b:a2:71:2e:b4:b2:e9:c2:
4e:0d:c0:86:38:d5:41:d2:25:09:44:ec:92:62:16:cd:b9:c2:
ac:7e:73:ed:b6:f2:73:95:d8:96:86:23:a4:35:9f:3d:e1:e1:
21:a8:9e:6c:75:66:32:78:db:1d:aa:f9:28:25:2a:ac:35:d6:
16:a1:fe:ad:5d:79:bf:73:90:70:b3:e5:7a:91:c3:e5:9a:e1:
2a:5b:33:f6:9a:fd:98:57:56:96:ee:02:1d:50:8c:d0:c6:89:
b7:59:51:d2:ab:c7:94:1d:e5:1c:73:a4:87:f0:08:5f:2b:87:
66:d4:38:aa:65:5b:16:1d:46:93:59:16:c6:57:f0:7c:7e:25:
0e:82:19:0c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLoCHfweNLKfnVuKCnR+OwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTAxMTQwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NThhODM4MDQ2MDAwNzM3NGMwNzhhNDYwNmQ4NjE2ZGMzOTRiZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xP+Ok76B6S48Pcy/+/yumBeXO9D
qhZ3g2MBslA1s/qLEmIPlEZublXZt/iy69MNwkmP+hm+07LnxDoIQV+umYP3hdl2
wydgcfEcRHFPgNHhFhp+eC1GV5KPcytPYi1K8AvTPqYrNxuTlDb2BUkcZeeKzi4G
avZY792Rc0G33kXjPuTVjmyFNxJ7oRPxQCX/PMIkcdws5yaRIuZeKIB3w7HIZGWM
FmTWSe5332eQ2jMbW4oWo85YaC5M1aS9a8bmsubWfm2yvzz0HOpUFt9ISZXD3A0F
3GKNiSUw+erqZEgUQ3CVN5jGceUzEsNtK4pr0Sy1zVVtlyuQZW9xgJaSUwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHWKg4BGAAc3TAeKRgbYYW3DlL4nMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZFlxRGdFWUFCemRNQjRwR0J0aGhiY09VdmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAfZPIAD
BATZPKADBATZPNAwDQYJKoZIhvcNAQELBQADggEBABJpe9cAAY/8POshdcR8AKdi
sszu3FkYfqNY/mUuIMBrwQAhi5Qmb9JdmLdIVPAe6ycNKMd6szcn3eN+nP4LIXlF
c3k5JONp47l07GZpKUZtInWwaYX39eW+JLO6Tleg5mUc/0I1umaSmjeXOX6RFkb2
NroSd7VronEutLLpwk4NwIY41UHSJQlE7JJiFs25wqx+c+228nOV2JaGI6Q1nz3h
4SGonmx1ZjJ42x2q+SglKqw11hah/q1deb9zkHCz5XqRw+Wa4SpbM/aa/ZhXVpbu
Ah1QjNDGibdZUdKrx5Qd5RxzpIfwCF8rh2bUOKplWxYdRpNZFsZX8Hx+JQ6CGQw=
-----END CERTIFICATE-----
Generated at Sun Nov 3 16:37:07 2024 by rpki-client on console-fra.rpki-client.org