Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/17k3fGdVbWXV13p3qfB5Ya_yIXU.roa
File: 17k3fGdVbWXV13p3qfB5Ya_yIXU.roa (raw, json)
Hash identifier: mbm/xaO08+NTWsqiMxQ7pLvbEjibJnXLNBsrbiSaANM=
Subject key identifier: D7:B9:37:7C:67:55:6D:65:D5:D7:7A:77:A9:F0:79:61:AF:F2:21:75
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 01856F42C7BCAF3ECB3B0A370476A38EFA1D
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/17k3fGdVbWXV13p3qfB5Ya_yIXU.roa
Signing time: Sun 01 Jan 2023 21:35:25 +0000
ROA not before: Sun 01 Jan 2023 21:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 145.219.64.0/18 maxlen: 18
145.219.0.0/21 maxlen: 21
145.219.18.0/23 maxlen: 23
145.219.20.0/22 maxlen: 22
145.219.128.0/17 maxlen: 17
145.219.24.0/21 maxlen: 21
193.176.255.0/24 maxlen: 24
145.219.32.0/19 maxlen: 19
2a04:b0c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:c7:bc:af:3e:cb:3b:0a:37:04:76:a3:8e:fa:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jan 1 21:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7b9377c67556d65d5d77a77a9f07961aff22175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:08:de:6f:50:98:2d:ec:20:2c:c1:d4:2a:
47:97:19:7a:dc:7a:16:8c:c4:df:3e:16:1b:36:e1:
aa:39:16:ca:10:06:c1:4e:87:8d:8c:70:f0:d8:7e:
6c:99:a8:a9:66:72:33:77:40:66:24:2f:e2:c7:34:
86:92:eb:ff:27:22:f8:39:ad:ee:34:2b:48:f9:07:
a9:96:b7:a7:83:2d:76:71:0a:dc:ea:71:f2:1f:83:
a9:1b:ac:35:13:13:27:fa:f8:f4:b6:ed:38:28:e9:
d7:29:74:e6:df:4b:33:af:a4:2d:0b:9e:37:fc:a3:
97:d9:56:1d:2b:70:43:3a:1c:91:de:53:5c:d1:64:
d6:7a:0a:04:70:d9:77:9a:80:4d:66:b6:49:32:c5:
d8:dc:57:20:76:9b:6a:8a:09:3d:75:f8:72:ab:6a:
4a:78:ff:67:28:62:02:ea:28:a7:9e:cb:ff:36:7e:
6c:0c:22:1e:74:fe:fd:8d:18:e7:57:21:12:24:b4:
2e:0b:b8:ad:7e:bb:c8:a3:0f:39:f0:af:cd:7a:b6:
c2:cc:2c:5b:83:75:37:47:0f:33:a7:a7:d9:b6:f7:
53:c2:e1:0e:50:53:ee:36:39:4b:c3:cd:e7:fb:83:
05:e7:61:6f:20:cb:f5:c7:f2:06:d7:b7:9f:89:28:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B9:37:7C:67:55:6D:65:D5:D7:7A:77:A9:F0:79:61:AF:F2:21:75
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/17k3fGdVbWXV13p3qfB5Ya_yIXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.0.0/21
145.219.18.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
2d:3c:cb:83:12:3f:42:ab:df:bd:e6:96:82:3e:d9:c3:db:3a:
af:71:98:7e:3c:ba:77:03:4d:46:25:94:bf:48:73:24:22:a6:
06:fa:e3:7c:6d:12:bc:37:b7:30:fa:ec:13:34:bf:d5:66:cf:
03:30:6d:19:5c:64:4f:13:1f:17:23:20:2b:7c:d1:37:e3:f6:
79:ed:46:3a:9d:23:65:69:9e:3d:63:69:9e:12:19:05:85:68:
6f:58:e3:a6:15:cc:a5:4e:06:3b:a4:3e:7d:3c:b5:4b:b8:b2:
97:40:18:40:57:c9:e3:7c:22:01:87:50:76:f8:0d:16:09:da:
b7:ec:77:4f:18:8f:93:44:0e:e4:af:1e:e9:56:0e:45:1a:93:
69:bb:df:ac:3a:78:18:ac:3b:ea:02:d4:28:fd:07:01:db:ba:
a2:f1:44:40:91:35:41:bf:c6:7e:b3:89:3a:0f:f8:77:48:15:
b2:88:dd:61:27:04:0c:92:b0:eb:57:cd:5c:d2:11:63:8e:43:
78:52:44:21:7d:15:36:5c:ca:74:39:0a:9a:5d:28:d2:4b:8c:
1a:a3:5d:9e:d6:66:e3:99:52:bb:7d:ab:27:39:50:41:a3:91:
35:0a:18:f6:ea:02:2d:87:81:a2:db:7a:09:e4:7c:28:57:87:
b9:13:54:47
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVvQse8rz7LOwo3BHajjvodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjMwMTAxMjEzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2I5Mzc3YzY3NTU2ZDY1ZDVkNzdhNzdhOWYwNzk2MWFmZjIyMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ4I3m9QmC3sICzB1CpHlxl63HoW
jMTfPhYbNuGqORbKEAbBToeNjHDw2H5smaipZnIzd0BmJC/ixzSGkuv/JyL4Oa3u
NCtI+Qeplrengy12cQrc6nHyH4OpG6w1ExMn+vj0tu04KOnXKXTm30szr6QtC543
/KOX2VYdK3BDOhyR3lNc0WTWegoEcNl3moBNZrZJMsXY3Fcgdptqigk9dfhyq2pK
eP9nKGIC6iinnsv/Nn5sDCIedP79jRjnVyESJLQuC7itfrvIow858K/NerbCzCxb
g3U3Rw8zp6fZtvdTwuEOUFPuNjlLw83n+4MF52FvIMv1x/IG17efiSisKwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNe5N3xnVW1l1dd6d6nweWGv8iF1MB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvMTdrM2ZHZFZiV1hWMTNwM3FmQjVZYV95SVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQDkdsAMAsD
BAGR2xIDAwKR2AMEAMGw/zANBAIAAjAHAwUCKgSwxDANBgkqhkiG9w0BAQsFAAOC
AQEALTzLgxI/QqvfveaWgj7Zw9s6r3GYfjy6dwNNRiWUv0hzJCKmBvrjfG0SvDe3
MPrsEzS/1WbPAzBtGVxkTxMfFyMgK3zRN+P2ee1GOp0jZWmePWNpnhIZBYVob1jj
phXMpU4GO6Q+fTy1S7iyl0AYQFfJ43wiAYdQdvgNFgnat+x3TxiPk0QO5K8e6VYO
RRqTabvfrDp4GKw76gLUKP0HAdu6ovFEQJE1Qb/GfrOJOg/4d0gVsojdYScEDJKw
61fNXNIRY45DeFJEIX0VNlzKdDkKml0o0kuMGqNdntZm45lSu32rJzlQQaORNQoY
9uoCLYeBott6CeR8KFeHuRNURw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org