Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/1-z0l5gFuVbod3xO40uu_vVjPXs0.roa
File: 1-z0l5gFuVbod3xO40uu_vVjPXs0.roa (raw, json)
Hash identifier: xExruubco2nU8FIFKE6HVDtvIoG5rk7vQPwMWW8lDvk=
Subject key identifier: FB:3D:25:E6:01:6E:55:BA:1D:DF:13:B8:D2:EB:BF:BD:58:CF:5E:CD
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D6648D57E56DE39C79E37187E5F369A
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/1-z0l5gFuVbod3xO40uu_vVjPXs0.roa
Signing time: Sun 01 Jan 2023 12:54:57 +0000
ROA not before: Sun 01 Jan 2023 12:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200005
IP address blocks: 217.112.151.0/24 maxlen: 24
217.112.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:48:d5:7e:56:de:39:c7:9e:37:18:7e:5f:36:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb3d25e6016e55ba1ddf13b8d2ebbfbd58cf5ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:73:67:85:dc:e0:ac:5e:18:95:76:fe:ff:9e:
1a:ef:f6:76:82:c9:d6:8e:2b:70:0d:29:56:93:01:
8d:b4:e8:f4:dc:e3:85:24:b1:37:ef:31:a2:94:1b:
c8:d0:bc:42:98:62:90:95:90:fe:aa:1d:6b:0d:fa:
92:29:ba:bc:09:97:1e:f5:d0:e2:26:19:71:84:1e:
7e:b3:89:94:bd:99:6a:1e:ab:41:86:6b:51:b0:5a:
8d:60:bb:82:00:e1:37:c2:6a:f2:1f:da:4e:83:eb:
06:49:86:f8:1f:4b:11:b7:c6:92:08:4f:db:c6:23:
62:c8:7e:5a:95:e3:03:5a:a8:e5:6b:3a:bd:03:cd:
13:98:44:52:8b:36:95:97:68:15:d9:36:a3:db:ed:
28:74:ca:62:9c:47:dd:5f:be:a8:7d:ea:bd:12:1d:
d5:7d:d1:e4:7e:03:74:b3:a4:65:1e:aa:c2:64:63:
ac:9d:6d:39:9d:57:c8:de:37:a6:a0:79:25:66:97:
fb:74:54:12:18:b2:f1:af:f4:0d:78:0c:c3:1b:94:
9d:93:9f:e5:b6:e2:c3:82:5c:64:87:25:8f:6e:ac:
02:48:2d:1c:6d:d8:74:3f:b3:e1:b9:4d:14:72:b6:
c1:02:91:17:28:e1:7e:54:26:b4:78:84:81:74:86:
4c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3D:25:E6:01:6E:55:BA:1D:DF:13:B8:D2:EB:BF:BD:58:CF:5E:CD
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/1-z0l5gFuVbod3xO40uu_vVjPXs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.112.151.0/24
217.112.158.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5c:0f:a2:66:82:49:c8:b5:9d:7f:ab:2d:40:24:6f:25:50:
65:71:ee:84:5c:b1:4f:5c:2c:56:a5:e4:92:48:a8:29:01:82:
ec:a7:ea:29:a6:01:12:50:47:84:76:80:d2:df:df:91:fc:77:
12:39:de:fd:86:9c:08:7b:eb:af:43:8a:47:f2:e7:cd:73:f3:
62:7e:57:93:6a:4d:31:22:f1:3d:ce:5e:48:65:5d:55:cb:cb:
41:93:b9:94:a4:61:2a:77:33:9e:37:bf:74:3e:ca:fc:a6:97:
de:dd:e5:0d:12:de:bb:f9:36:24:41:c3:03:4d:0e:06:36:dd:
06:0c:4e:3c:13:3c:e2:0b:22:a6:81:b3:d7:c1:bd:5e:65:28:
42:7d:09:0c:f4:b4:0d:19:0a:67:f8:30:85:1c:1e:7c:95:92:
a8:3b:75:ee:16:24:c1:b0:e0:61:0e:49:89:be:3b:16:23:4f:
b8:22:77:ce:2b:53:3d:4a:49:ca:46:41:53:0a:2b:3b:1f:b5:
a9:fc:97:4a:41:fb:a5:04:d0:8c:cf:af:f5:73:e3:72:bf:ea:
2b:2a:0d:87:40:cf:4b:bd:cd:f0:41:88:da:b9:ab:4b:6d:72:
25:f9:86:37:80:0f:d4:45:ff:50:e7:25:3c:ed:6e:cb:d7:43:
ab:83:67:96
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVtZkjVflbeOceeNxh+XzaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjNkMjVlNjAxNmU1NWJhMWRkZjEzYjhkMmViYmZiZDU4Y2Y1ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHNnhdzgrF4YlXb+/54a7/Z2gsnW
jitwDSlWkwGNtOj03OOFJLE37zGilBvI0LxCmGKQlZD+qh1rDfqSKbq8CZce9dDi
JhlxhB5+s4mUvZlqHqtBhmtRsFqNYLuCAOE3wmryH9pOg+sGSYb4H0sRt8aSCE/b
xiNiyH5aleMDWqjlazq9A80TmERSizaVl2gV2Taj2+0odMpinEfdX76ofeq9Eh3V
fdHkfgN0s6RlHqrCZGOsnW05nVfI3jemoHklZpf7dFQSGLLxr/QNeAzDG5Sdk5/l
tuLDglxkhyWPbqwCSC0cbdh0P7PhuU0UcrbBApEXKOF+VCa0eISBdIZMIwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPs9JeYBblW6Hd8TuNLrv71Yz17NMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvMS16MGw1Z0Z1VmJvZDN4TzQwdXVfdlZqUFhzMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvYTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJl
My8xL0gta1AzcGVFcVIyVHA2S3ZXZFRRUV9FWEg3by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANlwlwME
ANlwnjANBgkqhkiG9w0BAQsFAAOCAQEAH1wPomaCSci1nX+rLUAkbyVQZXHuhFyx
T1wsVqXkkkioKQGC7KfqKaYBElBHhHaA0t/fkfx3Ejne/YacCHvrr0OKR/LnzXPz
Yn5Xk2pNMSLxPc5eSGVdVcvLQZO5lKRhKncznje/dD7K/KaX3t3lDRLeu/k2JEHD
A00OBjbdBgxOPBM84gsipoGz18G9XmUoQn0JDPS0DRkKZ/gwhRwefJWSqDt17hYk
wbDgYQ5Jib47FiNPuCJ3zitTPUpJykZBUworOx+1qfyXSkH7pQTQjM+v9XPjcr/q
KyoNh0DPS73N8EGI2rmrS21yJfmGN4AP1EX/UOclPO1uy9dDq4Nnlg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:34 2024 by rpki-client on console-ams.rpki-client.org