Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/S7Yt7uhckwYUXo3HYu-gg2zrC_Y.roa
File: S7Yt7uhckwYUXo3HYu-gg2zrC_Y.roa (raw, json)
Hash identifier: 1TkvvQvoHfLhnS7egk5wy1BDuR//pUhc8CwnN84b1Y0=
Subject key identifier: 4B:B6:2D:EE:E8:5C:93:06:14:5E:8D:C7:62:EF:A0:83:6C:EB:0B:F6
Certificate issuer: /CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Certificate serial: 01856CC1588BB75779E89D7BBDE44372E80E
Authority key identifier: 98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/S7Yt7uhckwYUXo3HYu-gg2zrC_Y.roa
Signing time: Sun 01 Jan 2023 09:54:48 +0000
ROA not before: Sun 01 Jan 2023 09:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198500
IP address blocks: 217.69.96.0/20 maxlen: 20
2a00:5800::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:58:8b:b7:57:79:e8:9d:7b:bd:e4:43:72:e8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Validity
Not Before: Jan 1 09:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bb62deee85c9306145e8dc762efa0836ceb0bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0a:c0:9b:bf:4a:9e:c9:d0:b8:63:8f:eb:3c:
92:34:0b:95:51:65:20:98:8d:ac:8b:07:bd:5e:e0:
33:a1:93:43:61:ab:1a:1c:ce:6d:67:6f:4d:9f:f6:
b0:da:57:32:63:e3:6c:8e:0d:53:e1:1e:32:14:22:
db:17:c8:58:e4:76:e8:6d:ac:c0:85:42:5c:3b:2e:
5a:9e:21:e8:f2:c4:85:6e:ee:16:f2:c6:b2:b5:2f:
3d:86:d2:da:d5:d1:99:a6:30:de:76:53:ca:76:b2:
40:22:b4:46:7e:05:27:b9:fa:a8:3b:12:3e:fa:0f:
81:c9:c9:95:02:05:b1:4d:21:a0:63:27:5b:6a:89:
68:14:ac:02:c7:c1:cc:ca:2a:4e:69:9c:74:f5:9b:
b9:1e:de:3f:9d:bc:51:b3:5c:b4:d3:a8:a9:97:95:
51:5f:e9:ad:76:b3:46:2a:36:c8:c3:8b:8b:85:8d:
49:34:1e:69:c8:92:d7:2b:dd:18:c0:8d:75:de:b0:
6e:a8:47:f8:cb:d0:57:f7:1e:4f:68:51:c7:e5:09:
fb:e2:79:e0:04:72:65:4c:66:c5:7c:a0:53:e6:2b:
6d:6c:c2:95:14:a0:6a:9a:91:33:32:ee:fa:f5:cd:
ec:f5:59:8c:e5:72:16:cb:32:38:5f:5a:6c:37:b0:
32:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B6:2D:EE:E8:5C:93:06:14:5E:8D:C7:62:EF:A0:83:6C:EB:0B:F6
X509v3 Authority Key Identifier:
keyid:98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/S7Yt7uhckwYUXo3HYu-gg2zrC_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/mBGGh_3W_4D7CYqe7vBt43f4XW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.69.96.0/20
IPv6:
2a00:5800::/32
Signature Algorithm: sha256WithRSAEncryption
6d:47:c9:15:d7:dd:52:3d:99:fe:b0:95:f6:d3:c4:91:28:b2:
d4:55:6c:d1:23:d4:68:96:4c:93:f5:47:03:09:9e:b1:c0:ee:
e9:ed:75:7f:19:f5:d8:2f:b7:4d:ae:ed:02:96:66:8c:39:27:
d3:1e:05:ec:92:cf:42:c5:70:db:3c:5e:ff:2f:c6:ae:a4:3f:
40:7f:6b:1e:04:bd:99:fc:aa:70:ad:a4:b5:52:89:bf:0f:b5:
80:ce:e4:13:a2:70:17:17:9d:dd:ec:87:ee:48:b0:fd:2c:66:
a8:73:e9:e4:70:93:d4:0a:39:08:73:b2:c6:87:5e:47:75:a5:
0e:52:06:23:64:b4:bd:b2:94:15:5f:59:7b:a0:ab:cc:ff:82:
04:ba:67:8e:2b:5a:ae:c7:bd:61:dc:90:d2:7d:2e:6d:29:71:
9f:72:ab:ce:1d:82:06:14:49:ff:1a:e2:65:a3:b1:00:bf:ab:
24:d1:99:38:71:b5:8e:e9:cb:77:25:38:d9:72:33:0f:27:a1:
b5:09:3c:a3:3e:41:17:41:b1:fb:1e:b2:76:54:78:c6:c0:15:
b5:84:68:a2:cb:57:68:3f:fe:1e:ee:53:4e:9b:2f:fb:5f:a1:
d4:36:b6:33:7a:31:89:c8:28:31:0d:69:a5:25:31:66:ec:59:
46:90:51:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswViLt1d56J17veRDcugOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTE4Njg3ZmRkNmZmODBmYjA5OGE5ZWVlZjA2ZGUzNzdm
ODVkNmUwHhcNMjMwMTAxMDk1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI2MmRlZWU4NWM5MzA2MTQ1ZThkYzc2MmVmYTA4MzZjZWIwYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQrAm79KnsnQuGOP6zySNAuVUWUg
mI2siwe9XuAzoZNDYasaHM5tZ29Nn/aw2lcyY+Nsjg1T4R4yFCLbF8hY5HbobazA
hUJcOy5aniHo8sSFbu4W8saytS89htLa1dGZpjDedlPKdrJAIrRGfgUnufqoOxI+
+g+BycmVAgWxTSGgYydbaoloFKwCx8HMyipOaZx09Zu5Ht4/nbxRs1y006ipl5VR
X+mtdrNGKjbIw4uLhY1JNB5pyJLXK90YwI113rBuqEf4y9BX9x5PaFHH5Qn74nng
BHJlTGbFfKBT5ittbMKVFKBqmpEzMu769c3s9VmM5XIWyzI4X1psN7AyLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEu2Le7oXJMGFF6Nx2LvoINs6wv2MB8GA1UdIwQY
MBaAFJgRhof91v+A+wmKnu7wbeN3+F1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYt
NjlhZjBhNmU5ODliLzEvUzdZdDd1aGNrd1lVWG8zSFl1LWdnMnpyQ19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYtNjlhZjBhNmU5ODli
LzEvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UVgMA0E
AgACMAcDBQAqAFgAMA0GCSqGSIb3DQEBCwUAA4IBAQBtR8kV191SPZn+sJX208SR
KLLUVWzRI9RolkyT9UcDCZ6xwO7p7XV/GfXYL7dNru0ClmaMOSfTHgXsks9CxXDb
PF7/L8aupD9Af2seBL2Z/KpwraS1Uom/D7WAzuQTonAXF53d7IfuSLD9LGaoc+nk
cJPUCjkIc7LGh15HdaUOUgYjZLS9spQVX1l7oKvM/4IEumeOK1qux71h3JDSfS5t
KXGfcqvOHYIGFEn/GuJlo7EAv6sk0Zk4cbWO6ct3JTjZcjMPJ6G1CTyjPkEXQbH7
HrJ2VHjGwBW1hGiiy1doP/4e7lNOmy/7X6HUNrYzejGJyCgxDWmlJTFm7FlGkFF3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:18 2024 by rpki-client on console-ams.rpki-client.org