Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/iSgXW_a7Bu7UqWpkh_6gKLyEEmk.roa
File: iSgXW_a7Bu7UqWpkh_6gKLyEEmk.roa (raw, json)
Hash identifier: YNk0cafQQsVV+6BGK+z7ald1HTR1CCPjSlKLLQlW6FU=
Subject key identifier: 89:28:17:5B:F6:BB:06:EE:D4:A9:6A:64:87:FE:A0:28:BC:84:12:69
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018B620CEE60BCC531D7B9FACFF60DF030BD
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/iSgXW_a7Bu7UqWpkh_6gKLyEEmk.roa
Signing time: Tue 24 Oct 2023 14:18:16 +0000
ROA not before: Tue 24 Oct 2023 14:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 217.147.181.0/24 maxlen: 24
217.147.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:0c:ee:60:bc:c5:31:d7:b9:fa:cf:f6:0d:f0:30:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Oct 24 14:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8928175bf6bb06eed4a96a6487fea028bc841269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:89:1a:54:45:25:3e:b1:71:59:be:ae:8a:
76:6d:a3:1f:a0:c0:77:aa:03:bc:90:7e:2a:01:2d:
1f:ca:a1:4d:a1:7b:17:13:4a:2b:b9:85:51:f5:bb:
db:72:91:8c:bf:a0:f2:78:91:a6:f1:da:c7:b6:84:
28:54:2e:78:32:62:53:ea:c6:7b:fb:32:a5:3a:e7:
3c:f4:a4:e3:41:b6:09:b5:f5:47:75:c3:1b:62:d8:
e4:10:9e:b3:33:c0:80:71:23:da:a4:53:54:69:f4:
30:94:b2:f9:fc:52:79:00:82:5f:13:95:bc:29:9a:
df:e9:42:86:77:a0:6d:d9:8c:ea:a0:04:c7:04:34:
b7:5d:53:20:4a:07:04:03:81:02:50:1e:38:68:c4:
d5:13:6b:1c:87:92:cf:27:db:96:74:28:65:ee:0a:
18:cd:70:12:95:e1:33:88:c9:bb:12:52:f1:5f:b2:
c6:1b:5b:82:c9:4d:10:0f:32:ce:86:3a:04:05:49:
7d:88:69:00:7c:14:74:92:da:30:5e:e6:e1:4d:9f:
44:8c:3a:de:9a:41:41:32:2d:be:d9:b5:f3:7c:fc:
3b:56:5e:a9:08:58:28:c6:e6:5f:d1:9c:32:6c:0b:
73:47:05:48:a5:d6:44:d1:20:0c:8a:dd:31:ee:e7:
0f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:28:17:5B:F6:BB:06:EE:D4:A9:6A:64:87:FE:A0:28:BC:84:12:69
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/iSgXW_a7Bu7UqWpkh_6gKLyEEmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
Signature Algorithm: sha256WithRSAEncryption
74:68:e7:36:dc:30:25:4b:dd:65:42:02:cd:5b:be:02:92:d1:
d9:bc:20:33:8c:28:8d:ea:9b:ea:fa:8b:00:a8:1f:1e:51:2e:
17:ec:63:3d:ff:63:a2:bf:ac:90:bc:16:f7:69:99:46:6a:f9:
44:58:63:25:61:68:23:8a:47:f0:9f:cd:ea:67:2b:c6:d8:e8:
97:63:4d:4d:e2:0e:6a:20:d9:89:94:91:31:c6:a7:37:39:d0:
51:f2:8c:76:68:09:fa:43:3f:37:2e:ce:8f:0e:83:f9:a9:5c:
0c:f1:40:99:2e:e4:bf:86:68:ec:d4:5c:0c:95:35:78:51:3c:
8e:e5:63:bf:50:ec:bb:0f:bf:2c:e7:d9:7a:d8:5a:7d:b4:8e:
20:d4:97:2a:13:1b:3d:cf:22:57:3b:8f:ff:b3:97:83:ce:5b:
22:fa:22:e4:2e:b8:c3:38:b9:21:dc:e5:e9:38:7f:e8:d8:99:
90:f9:72:a2:1b:4a:49:c8:e7:02:db:1e:d0:61:b2:39:3a:68:
7c:b2:e2:6a:b7:5e:1d:d7:9a:e1:b1:58:65:8d:c4:d2:4c:9b:
2a:00:f4:25:ee:ff:30:eb:dc:d3:c6:af:d0:9a:64:7e:f0:53:
26:ce:a8:18:66:c4:05:19:2b:29:53:05:d3:af:cf:1e:51:94:
fd:40:13:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtiDO5gvMUx17n6z/YN8DC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjMxMDI0MTQxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI4MTc1YmY2YmIwNmVlZDRhOTZhNjQ4N2ZlYTAyOGJjODQxMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLyJGlRFJT6xcVm+rop2baMfoMB3
qgO8kH4qAS0fyqFNoXsXE0oruYVR9bvbcpGMv6DyeJGm8drHtoQoVC54MmJT6sZ7
+zKlOuc89KTjQbYJtfVHdcMbYtjkEJ6zM8CAcSPapFNUafQwlLL5/FJ5AIJfE5W8
KZrf6UKGd6Bt2YzqoATHBDS3XVMgSgcEA4ECUB44aMTVE2sch5LPJ9uWdChl7goY
zXASleEziMm7ElLxX7LGG1uCyU0QDzLOhjoEBUl9iGkAfBR0ktowXubhTZ9EjDre
mkFBMi2+2bXzfPw7Vl6pCFgoxuZf0ZwybAtzRwVIpdZE0SAMit0x7ucPzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkoF1v2uwbu1KlqZIf+oCi8hBJpMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvaVNnWFdfYTdCdTdVcVdwa2hfNmdLTHlFRW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZO0MA0G
CSqGSIb3DQEBCwUAA4IBAQB0aOc23DAlS91lQgLNW74CktHZvCAzjCiN6pvq+osA
qB8eUS4X7GM9/2Oiv6yQvBb3aZlGavlEWGMlYWgjikfwn83qZyvG2OiXY01N4g5q
INmJlJExxqc3OdBR8ox2aAn6Qz83Ls6PDoP5qVwM8UCZLuS/hmjs1FwMlTV4UTyO
5WO/UOy7D78s59l62Fp9tI4g1JcqExs9zyJXO4//s5eDzlsi+iLkLrjDOLkh3OXp
OH/o2JmQ+XKiG0pJyOcC2x7QYbI5Omh8suJqt14d15rhsVhljcTSTJsqAPQl7v8w
69zTxq/QmmR+8FMmzqgYZsQFGSspUwXTr88eUZT9QBOY
-----END CERTIFICATE-----
Generated at Wed Oct 25 11:55:31 2023 by rpki-client on console-fra.rpki-client.org