Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/yQbE2F7D8SUoPYHDwe_C32Ev_Iw.roa
File: yQbE2F7D8SUoPYHDwe_C32Ev_Iw.roa (raw, json)
Hash identifier: qH8wZHEUQzY7t0ub2sS32MpbfVlucfQ3Ric/1FQrm94=
Subject key identifier: C9:06:C4:D8:5E:C3:F1:25:28:3D:81:C3:C1:EF:C2:DF:61:2F:FC:8C
Certificate issuer: /CN=e5f9ad212cd65ab4ee2b8e9b3f8b833c3900ea7d
Certificate serial: 018CC50087FCA53A44D270B94C859559507A
Authority key identifier: E5:F9:AD:21:2C:D6:5A:B4:EE:2B:8E:9B:3F:8B:83:3C:39:00:EA:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/yQbE2F7D8SUoPYHDwe_C32Ev_Iw.roa
Signing time: Mon 01 Jan 2024 12:29:55 +0000
ROA not before: Mon 01 Jan 2024 12:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58209
IP address blocks: 217.18.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 11:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:87:fc:a5:3a:44:d2:70:b9:4c:85:95:59:50:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5f9ad212cd65ab4ee2b8e9b3f8b833c3900ea7d
Validity
Not Before: Jan 1 12:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c906c4d85ec3f125283d81c3c1efc2df612ffc8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:40:02:a8:77:69:55:8a:a4:d1:7e:73:7f:3c:
52:72:c8:bb:25:b0:7b:01:15:71:9e:40:75:da:73:
84:d4:f9:74:28:61:c6:47:ca:ce:2b:97:7a:7d:3b:
57:3c:be:bd:4e:51:e7:8e:90:f5:ff:d8:8b:3c:a7:
ec:a6:c2:0b:14:2e:f2:86:d4:c9:a7:c3:a9:a6:30:
6b:b3:98:3d:5a:e6:95:30:f2:86:e5:f7:b7:5e:df:
6e:87:33:5a:e4:2c:39:1b:12:2d:5e:1d:a0:f5:6b:
d7:ee:a0:03:c4:34:82:9c:27:b4:78:37:6b:c5:a7:
64:eb:cf:4f:fe:69:90:b5:4a:85:97:bb:e6:ff:99:
b9:61:72:d4:40:5b:e1:26:3d:2e:7a:d0:ae:d2:ef:
d4:35:2f:00:9f:1c:29:7a:29:b3:27:21:a4:b7:71:
6c:90:94:c3:67:16:19:08:07:75:9e:e0:e5:55:93:
fa:2c:94:97:15:49:a9:b0:8b:7a:1b:06:56:e6:a4:
15:af:4e:b4:36:61:11:dc:00:dc:aa:ff:93:92:02:
50:3e:de:7d:bb:1d:81:6f:f3:b3:9e:40:16:59:2d:
44:f0:9b:95:d5:04:29:17:1c:52:01:1e:cb:88:de:
a5:62:69:e5:ed:e1:56:83:84:2e:0d:73:46:06:28:
31:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:06:C4:D8:5E:C3:F1:25:28:3D:81:C3:C1:EF:C2:DF:61:2F:FC:8C
X509v3 Authority Key Identifier:
keyid:E5:F9:AD:21:2C:D6:5A:B4:EE:2B:8E:9B:3F:8B:83:3C:39:00:EA:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/yQbE2F7D8SUoPYHDwe_C32Ev_Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5fmtISzWWrTuK46bP4uDPDkA6n0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.81.0/24
Signature Algorithm: sha256WithRSAEncryption
28:5f:2f:d3:1c:ef:4e:a1:ff:a1:fa:89:e7:30:ba:99:81:ee:
ed:10:9d:13:ab:92:3a:45:9f:81:aa:62:5e:92:d3:db:c6:be:
ef:49:b7:17:bf:54:9d:f4:10:44:9e:22:be:b2:50:85:07:d0:
b2:75:83:93:61:ac:8f:e5:96:c4:f8:b9:55:0c:0e:e5:23:ee:
9a:0c:fb:92:6d:1e:18:98:33:ae:c8:d2:df:31:57:86:2b:83:
01:81:25:78:87:5b:06:62:c2:f8:37:2b:a1:5f:a1:a6:88:23:
a7:b5:e6:7e:57:6d:0e:f3:32:9d:95:57:86:c2:16:62:9f:ad:
99:68:f8:7c:84:7b:d4:82:d1:0a:23:a3:3d:6b:90:46:03:cf:
5d:ec:4a:fc:52:29:f6:8b:f6:09:46:8d:04:0e:59:4f:96:02:
f1:46:8a:b1:5e:35:16:4b:54:6b:8b:77:ae:0e:52:cf:4f:ec:
0b:ee:54:65:9e:5a:47:83:b7:39:3c:7c:63:b8:00:af:71:1c:
ac:49:c1:13:bf:e6:96:da:ae:ba:ae:08:9a:c0:12:c8:55:74:
6c:73:c4:2e:ef:94:00:05:de:f1:75:49:0a:56:9c:00:b8:e0:
ff:9a:f0:d1:c1:7f:09:97:ea:91:9c:a9:ff:49:17:5b:79:27:
db:74:19:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAIf8pTpE0nC5TIWVWVB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZjlhZDIxMmNkNjVhYjRlZTJiOGU5YjNmOGI4MzNjMzkw
MGVhN2QwHhcNMjQwMTAxMTIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA2YzRkODVlYzNmMTI1MjgzZDgxYzNjMWVmYzJkZjYxMmZmYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UACqHdpVYqk0X5zfzxScsi7JbB7
ARVxnkB12nOE1Pl0KGHGR8rOK5d6fTtXPL69TlHnjpD1/9iLPKfspsILFC7yhtTJ
p8OppjBrs5g9WuaVMPKG5fe3Xt9uhzNa5Cw5GxItXh2g9WvX7qADxDSCnCe0eDdr
xadk689P/mmQtUqFl7vm/5m5YXLUQFvhJj0uetCu0u/UNS8AnxwpeimzJyGkt3Fs
kJTDZxYZCAd1nuDlVZP6LJSXFUmpsIt6GwZW5qQVr060NmER3ADcqv+TkgJQPt59
ux2Bb/OznkAWWS1E8JuV1QQpFxxSAR7LiN6lYmnl7eFWg4QuDXNGBigxAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkGxNhew/ElKD2Bw8Hvwt9hL/yMMB8GA1UdIwQY
MBaAFOX5rSEs1lq07iuOmz+Lgzw5AOp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWZtdElTeldXclR1SzQ2YlA0dURQRGtBNm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mODA5MjYtZTlhOS00MWY5LTk1YTAt
OWI4MTNhMjAwMmFhLzEveVFiRTJGN0Q4U1VvUFlIRHdlX0MzMkV2X0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mODA5MjYtZTlhOS00MWY5LTk1YTAtOWI4MTNhMjAwMmFh
LzEvNWZtdElTeldXclR1SzQ2YlA0dURQRGtBNm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RJRMA0G
CSqGSIb3DQEBCwUAA4IBAQAoXy/THO9Oof+h+onnMLqZge7tEJ0Tq5I6RZ+BqmJe
ktPbxr7vSbcXv1Sd9BBEniK+slCFB9CydYOTYayP5ZbE+LlVDA7lI+6aDPuSbR4Y
mDOuyNLfMVeGK4MBgSV4h1sGYsL4NyuhX6GmiCOnteZ+V20O8zKdlVeGwhZin62Z
aPh8hHvUgtEKI6M9a5BGA89d7Er8Uin2i/YJRo0EDllPlgLxRoqxXjUWS1Rri3eu
DlLPT+wL7lRlnlpHg7c5PHxjuACvcRysScETv+aW2q66rgiawBLIVXRsc8Qu75QA
Bd7xdUkKVpwAuOD/mvDRwX8Jl+qRnKn/SRdbeSfbdBmO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:21 2025 by rpki-client