Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/paIyt1pyZV2dkJ_RnHVv_jxMRyY.roa
File: paIyt1pyZV2dkJ_RnHVv_jxMRyY.roa (raw, json)
Hash identifier: I6nx6+Jk5B6jBOS5JykgnqYu9leL/DJ9zXra6xgmQyk=
Subject key identifier: A5:A2:32:B7:5A:72:65:5D:9D:90:9F:D1:9C:75:6F:FE:3C:4C:47:26
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0191D01D8B632C114FE7281EE5AE09F865CE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/paIyt1pyZV2dkJ_RnHVv_jxMRyY.roa
Signing time: Sun 08 Sep 2024 05:31:22 +0000
ROA not before: Sun 08 Sep 2024 05:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31549
IP address blocks: 217.60.187.0/24 maxlen: 24
217.60.188.0/22 maxlen: 22
217.60.192.0/21 maxlen: 21
217.60.200.0/22 maxlen: 22
217.60.224.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 28 Oct 2024 13:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d0:1d:8b:63:2c:11:4f:e7:28:1e:e5:ae:09:f8:65:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 8 05:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a232b75a72655d9d909fd19c756ffe3c4c4726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:08:86:8d:c1:34:f5:76:85:86:f2:af:f3:81:
0f:fc:ae:bc:c9:16:98:c3:4e:d8:c8:44:c3:b5:fb:
49:40:98:2a:7a:a0:e9:eb:3a:f3:d5:14:0e:35:0a:
39:25:1f:76:30:57:b9:96:23:4f:99:92:76:03:f8:
d7:8d:be:d8:51:d6:a8:86:43:6d:ec:a5:97:c0:4f:
10:62:03:5d:9f:d5:c8:90:26:92:5b:ff:3f:32:90:
f2:b9:8d:62:f8:d2:51:b2:81:cb:09:13:0f:33:7a:
cd:8b:04:98:74:33:ff:cd:de:3d:0c:52:c8:9b:f0:
e6:5b:80:84:33:11:50:c6:2a:09:8b:33:95:06:3f:
9c:d8:19:b1:b8:1b:d0:f8:b8:33:19:9e:53:86:40:
8b:35:83:69:d6:71:23:dd:f5:4f:0e:fd:8c:62:65:
0b:be:bf:7b:a3:6a:92:dd:08:53:5b:24:95:03:56:
1d:74:ef:fd:e1:84:e9:bf:c1:96:a0:3d:8b:a7:db:
c8:8d:76:15:ae:ba:d6:27:70:08:49:6f:9e:ea:78:
dc:d9:c0:38:78:84:e4:f8:7c:59:ad:c9:cb:83:10:
b0:37:45:2c:97:c7:c6:c3:f9:e9:8f:ce:44:cd:68:
bb:5f:f6:19:61:7c:18:50:a7:de:6a:26:87:f5:7f:
bb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A2:32:B7:5A:72:65:5D:9D:90:9F:D1:9C:75:6F:FE:3C:4C:47:26
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/paIyt1pyZV2dkJ_RnHVv_jxMRyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.187.0-217.60.203.255
217.60.224.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:5c:d1:ad:8f:da:94:85:10:f3:e1:22:d2:4f:7b:29:27:20:
4f:37:fd:07:01:3d:b1:9c:9a:65:c7:0f:5f:20:11:57:16:7a:
40:6b:0d:a7:03:37:b8:0f:80:e3:89:82:7b:21:fe:b4:cb:d9:
a2:1e:cd:e2:6d:cc:e5:19:1c:e3:9a:22:a2:c0:59:ae:cf:96:
c2:3d:b1:fb:2e:7b:b6:c3:91:07:24:67:8d:f3:94:b4:8f:7c:
79:10:45:3a:9e:ac:92:4d:d2:b2:df:2e:0b:88:59:2e:50:10:
5d:76:86:32:2d:30:a8:1c:6d:3b:bf:51:26:2f:74:db:de:90:
a4:6e:f5:60:4e:77:d4:43:92:65:08:6c:ca:5f:df:a7:1d:3f:
a7:c5:ed:30:2a:84:fa:19:71:06:a2:ec:78:e1:ea:7d:b1:32:
a5:90:36:4c:b3:97:fb:db:d2:f2:a1:92:5e:a3:88:23:50:4d:
c2:54:ec:a7:0b:3c:95:c0:9b:c9:86:34:42:41:6f:29:42:2e:
9d:59:b3:a7:1d:d2:af:a5:14:fc:91:d8:7b:dd:5b:1d:70:6b:
24:43:2b:5e:ee:73:64:74:9c:17:73:72:e4:6d:43:82:9f:58:
bc:c7:35:f6:e4:07:92:07:15:f1:c9:ba:bb:70:8a:ba:d3:1b:
73:9a:c0:11
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZHQHYtjLBFP5yge5a4J+GXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwOTA4MDUzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWEyMzJiNzVhNzI2NTVkOWQ5MDlmZDE5Yzc1NmZmZTNjNGM0NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3giGjcE09XaFhvKv84EP/K68yRaY
w07YyETDtftJQJgqeqDp6zrz1RQONQo5JR92MFe5liNPmZJ2A/jXjb7YUdaohkNt
7KWXwE8QYgNdn9XIkCaSW/8/MpDyuY1i+NJRsoHLCRMPM3rNiwSYdDP/zd49DFLI
m/DmW4CEMxFQxioJizOVBj+c2BmxuBvQ+LgzGZ5ThkCLNYNp1nEj3fVPDv2MYmUL
vr97o2qS3QhTWySVA1YddO/94YTpv8GWoD2Lp9vIjXYVrrrWJ3AISW+e6njc2cA4
eITk+HxZrcnLgxCwN0Usl8fGw/npj85EzWi7X/YZYXwYUKfeaiaH9X+7RwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKWiMrdacmVdnZCf0Zx1b/48TEcmMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcGFJeXQxcHlaVjJka0pfUm5IVnZfanhNUnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADZPLsD
BALZPMgDBAHZPOAwDQYJKoZIhvcNAQELBQADggEBALBc0a2P2pSFEPPhItJPeykn
IE83/QcBPbGcmmXHD18gEVcWekBrDacDN7gPgOOJgnsh/rTL2aIezeJtzOUZHOOa
IqLAWa7PlsI9sfsue7bDkQckZ43zlLSPfHkQRTqerJJN0rLfLguIWS5QEF12hjIt
MKgcbTu/USYvdNvekKRu9WBOd9RDkmUIbMpf36cdP6fF7TAqhPoZcQai7Hjh6n2x
MqWQNkyzl/vb0vKhkl6jiCNQTcJU7KcLPJXAm8mGNEJBbylCLp1Zs6cd0q+lFPyR
2HvdWx1wayRDK17uc2R0nBdzcuRtQ4KfWLzHNfbkB5IHFfHJurtwirrTG3OawBE=
-----END CERTIFICATE-----
Generated at Mon Oct 28 17:32:36 2024 by rpki-client on console-ams.rpki-client.org