Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/3pt5SIrd5bPriLSyXqgnffvFozQ.roa
File: 3pt5SIrd5bPriLSyXqgnffvFozQ.roa (raw, json)
Hash identifier: FnGQ7xOvyqgq/UyX9zGVWXNzGEqaLcL3C0lsuUJo2Gw=
Subject key identifier: DE:9B:79:48:8A:DD:E5:B3:EB:88:B4:B2:5E:A8:27:7D:FB:C5:A3:34
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018B66988F690A49D2B9D1BB54FE807DF6AC
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/3pt5SIrd5bPriLSyXqgnffvFozQ.roa
Signing time: Wed 25 Oct 2023 11:29:16 +0000
ROA not before: Wed 25 Oct 2023 11:29:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 217.147.181.0/24 maxlen: 24
217.147.180.0/24 maxlen: 24
2a0b:2900:ff00::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:98:8f:69:0a:49:d2:b9:d1:bb:54:fe:80:7d:f6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Oct 25 11:29:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de9b79488adde5b3eb88b4b25ea8277dfbc5a334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9b:c7:39:5b:92:a7:3d:47:98:5f:48:b1:ec:
58:2e:8f:4a:6e:98:da:79:46:a5:30:b8:54:4d:0b:
a9:a1:fc:d9:44:1f:41:f0:c6:b2:75:4c:3b:a4:05:
db:25:09:05:6e:c6:69:f6:00:57:14:30:08:9b:3f:
85:a3:41:33:88:37:79:f0:db:46:95:a4:e8:b3:98:
f0:76:ee:d4:60:d2:b4:20:89:cb:be:72:22:93:b4:
df:b3:fa:c2:5c:5d:53:9f:7e:97:35:9c:84:2a:11:
be:4c:16:e2:19:46:c5:85:43:01:02:da:b3:66:81:
d2:ba:41:37:42:51:80:89:04:5d:5d:89:34:53:8a:
47:ae:86:19:41:18:98:e2:23:80:c3:5d:f3:00:40:
79:98:37:21:f9:8e:d8:fa:e0:dc:a3:ac:03:42:3b:
88:be:96:fb:80:64:35:69:72:55:9e:17:2a:4f:8b:
bf:ee:da:9e:91:78:8a:f3:25:20:6b:34:61:d9:13:
26:eb:72:10:98:d2:55:0a:7f:6b:97:a6:16:16:4d:
21:a8:b5:e2:12:be:58:50:b7:90:f8:ed:80:df:63:
b4:5b:eb:96:f5:f4:46:77:8b:46:a2:71:e5:e6:ad:
e1:c5:61:a6:cf:3e:5b:cc:15:5c:64:e0:e9:c6:bf:
03:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9B:79:48:8A:DD:E5:B3:EB:88:B4:B2:5E:A8:27:7D:FB:C5:A3:34
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/3pt5SIrd5bPriLSyXqgnffvFozQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
IPv6:
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
13:8e:6c:0c:33:ef:60:51:ec:9b:23:64:f2:95:f9:2e:cc:d3:
85:46:90:f6:36:31:18:d8:4b:2d:a3:0e:10:2b:e6:39:20:72:
1c:39:1a:ca:4b:e1:29:08:76:d7:96:6e:1c:a0:55:a2:09:6f:
6e:38:b4:f1:58:e4:f7:8f:80:27:f0:35:d4:ab:a5:91:86:6f:
6e:9c:16:41:13:d4:7d:70:36:a5:63:37:b1:7c:af:99:93:32:
83:87:38:14:43:0b:e3:1d:53:21:67:09:56:25:58:12:fa:da:
00:b1:5a:0f:fa:0a:0f:55:be:e6:df:ee:02:10:cf:96:06:f6:
7d:91:d7:da:d1:80:4f:f4:8e:3e:f5:7c:95:c0:04:4e:1d:28:
81:ad:37:6f:a7:da:a3:2e:f6:df:82:d3:9c:4e:f6:d3:cc:ea:
53:69:be:64:04:60:11:f1:94:d5:09:7b:71:b5:19:fc:ad:f1:
73:57:53:a4:f8:fb:28:9b:3d:0c:e4:a3:19:65:b6:02:63:53:
8e:64:26:f1:b0:e0:dd:90:55:4f:26:f0:c7:94:9b:1e:0e:7d:
e2:ee:51:19:da:d1:02:32:0f:ae:06:e0:fd:2d:61:52:b4:bb:
73:68:94:fc:19:ba:92:74:79:cb:3a:26:08:58:f3:ac:31:04:
a0:56:ec:e9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYtmmI9pCknSudG7VP6AffasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjMxMDI1MTEyOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTliNzk0ODhhZGRlNWIzZWI4OGI0YjI1ZWE4Mjc3ZGZiYzVhMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZvHOVuSpz1HmF9IsexYLo9Kbpja
eUalMLhUTQupofzZRB9B8MaydUw7pAXbJQkFbsZp9gBXFDAImz+Fo0EziDd58NtG
laTos5jwdu7UYNK0IInLvnIik7Tfs/rCXF1Tn36XNZyEKhG+TBbiGUbFhUMBAtqz
ZoHSukE3QlGAiQRdXYk0U4pHroYZQRiY4iOAw13zAEB5mDch+Y7Y+uDco6wDQjuI
vpb7gGQ1aXJVnhcqT4u/7tqekXiK8yUgazRh2RMm63IQmNJVCn9rl6YWFk0hqLXi
Er5YULeQ+O2A32O0W+uW9fRGd4tGonHl5q3hxWGmzz5bzBVcZODpxr8DRwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN6beUiK3eWz64i0sl6oJ337xaM0MB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvM3B0NVNJcmQ1YlByaUxTeVhxZ25mZnZGb3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQB2ZO0MA4E
AgACMAgDBgAqCykA/zANBgkqhkiG9w0BAQsFAAOCAQEAE45sDDPvYFHsmyNk8pX5
LszThUaQ9jYxGNhLLaMOECvmOSByHDkaykvhKQh215ZuHKBVoglvbji08Vjk94+A
J/A11KulkYZvbpwWQRPUfXA2pWM3sXyvmZMyg4c4FEML4x1TIWcJViVYEvraALFa
D/oKD1W+5t/uAhDPlgb2fZHX2tGAT/SOPvV8lcAETh0oga03b6faoy7234LTnE72
08zqU2m+ZARgEfGU1Ql7cbUZ/K3xc1dTpPj7KJs9DOSjGWW2AmNTjmQm8bDg3ZBV
Tybwx5SbHg594u5RGdrRAjIPrgbg/S1hUrS7c2iU/Bm6knR5yzomCFjzrDEEoFbs
6Q==
-----END CERTIFICATE-----
Generated at Wed Oct 25 14:56:23 2023 by rpki-client on console-ams.rpki-client.org