Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/gUVgz7IZk9Pclqs0NY7LJzPPnr4.roa
File: gUVgz7IZk9Pclqs0NY7LJzPPnr4.roa (raw, json)
Hash identifier: xQ7G2YGpciwgEo6wFCqUCYGYOOswbHvqEzWgzJELP1M=
Subject key identifier: 81:45:60:CF:B2:19:93:D3:DC:96:AB:34:35:8E:CB:27:33:CF:9E:BE
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 0191E64FB3BC6C6068D6828852698315FBF6
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/gUVgz7IZk9Pclqs0NY7LJzPPnr4.roa
Signing time: Thu 12 Sep 2024 12:57:48 +0000
ROA not before: Thu 12 Sep 2024 12:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 217.147.180.0/23 maxlen: 24
217.147.180.0/24 maxlen: 24
217.147.181.0/24 maxlen: 24
2a0b:2900:1100::/40 maxlen: 48
2a0b:2900:1f00::/40 maxlen: 40
2a0b:2900:1f00::/48 maxlen: 48
2a0b:2900:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Sep 2024 12:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:4f:b3:bc:6c:60:68:d6:82:88:52:69:83:15:fb:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Sep 12 12:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=814560cfb21993d3dc96ab34358ecb2733cf9ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:48:9a:5a:0f:76:0f:e5:a0:a8:da:ba:7b:
e5:8d:0e:c0:fb:06:46:87:88:ad:c9:9d:1f:f2:ad:
b7:b6:4f:7e:d7:50:ff:93:85:f0:98:a1:86:92:b4:
be:2a:f7:e5:df:0a:3c:d6:f7:d8:bd:b2:fe:d6:73:
49:bf:28:82:ec:40:a7:18:b6:d9:0f:90:c6:89:79:
6d:45:10:ba:88:a0:32:e6:5f:7d:4a:d7:8a:14:9a:
7a:fa:20:b9:c7:eb:a3:9b:bf:78:5a:b8:95:e7:eb:
2b:fc:54:4c:dc:26:c1:f5:6e:44:6f:53:cf:71:94:
2e:70:e3:39:e6:56:de:10:4a:f0:fa:99:8d:65:06:
08:34:da:89:ac:e6:c5:52:71:ba:60:c7:21:08:26:
aa:7a:14:82:b2:80:5e:53:20:3e:34:37:d1:eb:a4:
aa:da:08:32:bc:a3:0e:fa:e4:e3:72:30:b9:8d:42:
8e:65:33:0d:6f:80:a0:5e:89:ec:f6:c8:49:26:6a:
6b:a0:55:c5:51:4d:3d:37:7c:a1:48:d2:ff:17:1a:
22:ac:cc:f3:ed:01:29:50:3c:ef:f4:19:71:81:7e:
14:4a:30:63:53:b9:b2:33:73:c2:d3:89:e9:41:0d:
9d:9e:e2:0c:82:8a:fc:0a:fa:41:ae:28:79:b2:d4:
82:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:45:60:CF:B2:19:93:D3:DC:96:AB:34:35:8E:CB:27:33:CF:9E:BE
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/gUVgz7IZk9Pclqs0NY7LJzPPnr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
IPv6:
2a0b:2900:1100::/40
2a0b:2900:1f00::/40
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
23:5e:b4:f6:6b:ff:72:8b:3a:58:fe:e6:e7:c9:76:49:c9:20:
78:75:0d:99:d8:fc:35:66:95:1f:0e:92:24:2e:0d:92:3b:86:
61:08:1d:70:3b:13:7e:4d:1f:ad:78:bf:6b:a1:29:71:f2:95:
24:db:a2:c4:9c:41:fc:08:58:ce:3d:47:e5:66:1b:a5:42:a6:
f3:26:33:37:16:7d:20:ce:33:cb:e9:fb:f1:d0:c2:e2:29:29:
56:f9:ae:98:27:95:f1:4b:5d:de:22:17:d5:0f:87:d3:95:c2:
45:98:8b:4d:74:94:92:4a:5a:21:f9:99:4e:84:32:07:f8:82:
90:fa:62:05:d7:58:65:d0:b6:37:4d:3a:43:75:b1:f3:06:a8:
11:85:be:ed:14:52:72:45:3b:80:79:16:68:64:68:15:b3:07:
10:33:71:a0:c0:1b:3e:92:ab:a5:52:f7:42:da:4e:88:13:49:
c7:e1:b1:d9:7a:42:bc:0e:86:c7:db:f9:bb:df:6e:44:9d:3f:
fa:ff:a2:fb:e4:c9:53:da:bc:a0:dc:47:ea:c8:ad:cc:18:c9:
fe:61:79:24:ce:1b:52:06:f2:aa:06:87:5b:29:85:af:3d:6a:
15:af:e8:41:81:78:bc:47:c7:b7:6d:5c:85:5d:90:c7:3b:10:
82:fd:0b:6f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHmT7O8bGBo1oKIUmmDFfv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjQwOTEyMTI1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ1NjBjZmIyMTk5M2QzZGM5NmFiMzQzNThlY2IyNzMzY2Y5ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3pImloPdg/loKjaunvljQ7A+wZG
h4ityZ0f8q23tk9+11D/k4XwmKGGkrS+Kvfl3wo81vfYvbL+1nNJvyiC7ECnGLbZ
D5DGiXltRRC6iKAy5l99SteKFJp6+iC5x+ujm794WriV5+sr/FRM3CbB9W5Eb1PP
cZQucOM55lbeEErw+pmNZQYINNqJrObFUnG6YMchCCaqehSCsoBeUyA+NDfR66Sq
2ggyvKMO+uTjcjC5jUKOZTMNb4CgXons9shJJmproFXFUU09N3yhSNL/FxoirMzz
7QEpUDzv9BlxgX4USjBjU7myM3PC04npQQ2dnuIMgor8CvpBrih5stSCqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIFFYM+yGZPT3JarNDWOyyczz56+MB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvZ1VWZ3o3SVprOVBjbHFzME5ZN0xKelBQbnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQB2ZO0MB4E
AgACMBgDBgAqCykAEQMGACoLKQAfAwYAKgspAP8wDQYJKoZIhvcNAQELBQADggEB
ACNetPZr/3KLOlj+5ufJdknJIHh1DZnY/DVmlR8OkiQuDZI7hmEIHXA7E35NH614
v2uhKXHylSTbosScQfwIWM49R+VmG6VCpvMmMzcWfSDOM8vp+/HQwuIpKVb5rpgn
lfFLXd4iF9UPh9OVwkWYi010lJJKWiH5mU6EMgf4gpD6YgXXWGXQtjdNOkN1sfMG
qBGFvu0UUnJFO4B5FmhkaBWzBxAzcaDAGz6Sq6VS90LaTogTScfhsdl6QrwOhsfb
+bvfbkSdP/r/ovvkyVPavKDcR+rIrcwYyf5heSTOG1IG8qoGh1spha89ahWv6EGB
eLxHx7dtXIVdkMc7EIL9C28=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:30 2025 by rpki-client