Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/0Q4rNMlnuLD8-RGMPuuy6bGBS20.roa
File: 0Q4rNMlnuLD8-RGMPuuy6bGBS20.roa (raw, json)
Hash identifier: YLjRt8qnkyCIWw34huASfzroefhYLOaD/AJJFsAoqJw=
Subject key identifier: D1:0E:2B:34:C9:67:B8:B0:FC:F9:11:8C:3E:EB:B2:E9:B1:81:4B:6D
Certificate issuer: /CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Certificate serial: 018CC7932EB196FE68F83CD3BD71559CFA54
Authority key identifier: A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/0Q4rNMlnuLD8-RGMPuuy6bGBS20.roa
Signing time: Tue 02 Jan 2024 00:29:20 +0000
ROA not before: Tue 02 Jan 2024 00:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20768
IP address blocks: 217.151.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:2e:b1:96:fe:68:f8:3c:d3:bd:71:55:9c:fa:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Validity
Not Before: Jan 2 00:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d10e2b34c967b8b0fcf9118c3eebb2e9b1814b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:30:d2:f4:30:18:41:76:88:99:cf:26:f2:b6:
c6:45:47:bd:9a:30:34:5b:54:ee:33:2f:d6:e0:c1:
fa:c4:3d:d3:68:f1:ea:2c:0d:c5:e2:49:3f:12:39:
f5:47:3f:a9:3d:28:76:af:ff:f6:7c:29:0d:11:f9:
88:1c:eb:5f:fb:62:7e:2a:10:87:c9:50:db:2f:78:
3b:12:10:fd:ee:87:2f:79:2f:1d:ae:32:9c:29:90:
21:cd:a5:53:64:52:20:df:09:2b:97:b9:85:52:90:
ec:99:ac:fa:75:67:d5:e0:fb:28:24:5b:c0:89:d3:
14:50:70:7f:b0:3b:07:6b:54:63:e0:00:02:96:1e:
b2:56:c0:8c:dc:c1:7d:57:08:ae:b9:70:a3:87:73:
f7:34:df:13:81:c5:6b:71:5e:6c:16:ad:7e:5d:e7:
68:d3:56:de:0e:7b:e5:78:fd:5e:c6:04:f5:9d:38:
26:30:08:2c:0a:46:7f:f9:3f:7d:89:59:51:3b:c0:
c9:2d:97:63:df:b0:27:f2:91:ef:5e:02:02:8e:b7:
28:4f:ff:96:d9:38:32:08:1f:dc:5c:19:89:b0:48:
38:6c:31:e2:32:96:ef:8b:bf:0e:ec:b2:88:a3:78:
aa:57:fc:78:de:b7:a4:8b:7a:20:11:c8:a9:a5:a4:
04:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0E:2B:34:C9:67:B8:B0:FC:F9:11:8C:3E:EB:B2:E9:B1:81:4B:6D
X509v3 Authority Key Identifier:
keyid:A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/0Q4rNMlnuLD8-RGMPuuy6bGBS20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/o9MfF5m_VYj_qYjkkoa_xwpLNL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.151.208.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:77:76:fc:32:76:ec:ff:0b:61:df:a5:55:99:35:4e:4f:35:
b2:3f:a6:70:a3:9e:18:ce:8b:91:22:c9:5f:f6:3e:79:9c:4b:
38:9f:a5:53:13:00:d0:08:c1:a9:d6:ec:a2:42:02:75:be:65:
98:98:44:42:9f:d1:6b:f5:da:ea:58:9d:29:9f:54:df:5a:d8:
7d:07:a1:c0:d3:9d:6a:46:fd:42:d3:57:48:67:5c:d7:52:c5:
84:92:94:28:36:3b:21:46:93:9c:07:83:bb:52:54:4d:22:55:
d8:a4:51:80:ed:9c:73:61:2d:ed:bf:e9:b6:7f:73:2f:dc:35:
25:c5:55:7d:f5:ad:43:bc:09:ad:b5:f2:e1:ae:3e:e8:7d:25:
a1:87:ce:72:ad:dd:e3:f3:76:15:93:c1:2d:de:19:4c:25:91:
66:12:bd:21:e1:9f:02:f3:1e:a2:2f:87:05:0e:bd:17:e9:bf:
b0:57:5f:5f:e7:05:6a:5b:93:44:92:b8:a1:8c:61:4c:22:00:
61:f0:f6:67:26:bb:32:ad:dc:47:f1:1e:14:a1:f4:ed:e0:16:
47:4a:b0:f7:87:48:73:af:16:50:2f:a0:ed:43:77:e6:e3:d1:
6a:1f:d8:00:42:6e:03:45:41:28:1f:e5:a2:e6:9c:77:83:20:
f7:b6:e2:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHky6xlv5o+DzTvXFVnPpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDMxZjE3OTliZjU1ODhmZmE5ODhlNDkyODZiZmM3MGE0
YjM0YmUwHhcNMjQwMTAyMDAyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBlMmIzNGM5NjdiOGIwZmNmOTExOGMzZWViYjJlOWIxODE0YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTDS9DAYQXaImc8m8rbGRUe9mjA0
W1TuMy/W4MH6xD3TaPHqLA3F4kk/Ejn1Rz+pPSh2r//2fCkNEfmIHOtf+2J+KhCH
yVDbL3g7EhD97ocveS8drjKcKZAhzaVTZFIg3wkrl7mFUpDsmaz6dWfV4PsoJFvA
idMUUHB/sDsHa1Rj4AAClh6yVsCM3MF9VwiuuXCjh3P3NN8TgcVrcV5sFq1+Xedo
01beDnvleP1exgT1nTgmMAgsCkZ/+T99iVlRO8DJLZdj37An8pHvXgICjrcoT/+W
2TgyCB/cXBmJsEg4bDHiMpbvi78O7LKIo3iqV/x43reki3ogEcippaQEpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEOKzTJZ7iw/PkRjD7rsumxgUttMB8GA1UdIwQY
MBaAFKPTHxeZv1WI/6mI5JKGv8cKSzS+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUt
YWRlNTI2MWMxMDQzLzEvMFE0ck5NbG51TEQ4LVJHTVB1dXk2YkdCUzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUtYWRlNTI2MWMxMDQz
LzEvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZfQMA0G
CSqGSIb3DQEBCwUAA4IBAQC2d3b8Mnbs/wth36VVmTVOTzWyP6Zwo54YzouRIslf
9j55nEs4n6VTEwDQCMGp1uyiQgJ1vmWYmERCn9Fr9drqWJ0pn1TfWth9B6HA051q
Rv1C01dIZ1zXUsWEkpQoNjshRpOcB4O7UlRNIlXYpFGA7ZxzYS3tv+m2f3Mv3DUl
xVV99a1DvAmttfLhrj7ofSWhh85yrd3j83YVk8Et3hlMJZFmEr0h4Z8C8x6iL4cF
Dr0X6b+wV19f5wVqW5NEkrihjGFMIgBh8PZnJrsyrdxH8R4UofTt4BZHSrD3h0hz
rxZQL6DtQ3fm49FqH9gAQm4DRUEoH+Wi5px3gyD3tuLF
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:15:20 2025 by rpki-client