Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/cfEsFaqWSPCCkOLVncTFYjEK5D0.roa
File: cfEsFaqWSPCCkOLVncTFYjEK5D0.roa (raw, json)
Hash identifier: HJzhNUmj17on4T5kQbTCIy+MkbW/P6jzybbl8sYQy68=
Subject key identifier: 71:F1:2C:15:AA:96:48:F0:82:90:E2:D5:9D:C4:C5:62:31:0A:E4:3D
Certificate issuer: /CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Certificate serial: 018CC2DB31EAF637D7AF648C16CA75504AC3
Authority key identifier: 98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/cfEsFaqWSPCCkOLVncTFYjEK5D0.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198500
IP address blocks: 217.69.96.0/20 maxlen: 20
2a00:5800::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:31:ea:f6:37:d7:af:64:8c:16:ca:75:50:4a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71f12c15aa9648f08290e2d59dc4c562310ae43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:78:7b:6a:0a:87:c9:47:b3:80:32:17:43:03:
da:32:c7:d6:8d:11:c8:4d:a3:a2:df:24:c7:52:54:
0c:2e:e1:fd:8b:6f:a8:c8:12:29:e8:1c:7d:04:a3:
2c:fe:d7:38:39:83:11:d1:b6:f5:3d:60:03:ff:7d:
fd:de:36:ec:05:49:f2:9c:41:d5:c0:27:fe:5a:c1:
3a:c0:0a:5d:36:09:d4:0b:df:09:8b:58:f8:1b:ea:
4e:67:9c:78:3e:a2:b2:54:cc:ca:ee:79:e9:80:cc:
f9:43:af:e7:17:7b:98:60:d9:06:f2:3b:2f:f5:35:
aa:97:aa:85:55:36:1a:dc:8c:d0:09:9f:5d:a9:16:
4f:78:45:d2:e4:c9:b3:7a:11:c4:23:84:11:36:e8:
e2:41:ff:58:54:51:c7:a5:44:77:bd:0d:4d:0b:1a:
9d:19:d3:1d:65:b5:25:ac:df:49:90:c9:b8:48:85:
08:4e:3c:86:76:c0:1e:8a:cb:49:74:89:1d:63:d2:
3f:32:7b:32:38:f0:de:06:18:f7:97:87:63:35:bb:
96:94:d2:73:1f:1e:51:c5:e9:5a:12:8f:53:cf:72:
17:60:8b:9d:72:1c:d9:89:7d:bc:fc:23:27:3a:31:
0e:1e:94:ef:c7:ce:f6:74:74:14:2f:da:59:91:fb:
d7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F1:2C:15:AA:96:48:F0:82:90:E2:D5:9D:C4:C5:62:31:0A:E4:3D
X509v3 Authority Key Identifier:
keyid:98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/cfEsFaqWSPCCkOLVncTFYjEK5D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/mBGGh_3W_4D7CYqe7vBt43f4XW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.69.96.0/20
IPv6:
2a00:5800::/32
Signature Algorithm: sha256WithRSAEncryption
6a:a8:ed:0f:ee:cf:51:3f:8b:0c:04:66:51:b3:d2:12:97:79:
9e:ba:f5:ef:7d:cc:4d:95:fc:49:51:c3:ee:47:cc:5a:87:ab:
de:9d:9b:b1:a1:64:1a:0b:c0:5a:40:64:73:b4:21:c4:40:ed:
02:c8:98:75:0d:f2:c2:b2:fd:13:93:a3:48:3e:f1:8b:ee:34:
1e:49:75:a2:2f:93:9b:a8:62:a6:20:9a:de:08:4e:38:70:dd:
15:51:e0:b6:dd:89:54:14:50:2e:f2:39:ee:1f:e3:8d:51:22:
ef:b4:5a:df:53:be:9f:ee:92:87:9d:d2:74:cc:a4:7b:57:52:
80:bb:5d:ea:36:01:18:01:18:4e:a8:ab:6c:57:cd:5a:c9:42:
22:de:17:07:97:a0:ca:a8:44:2c:f6:91:ab:69:55:85:89:67:
47:65:2e:5c:94:fd:af:cf:55:ad:53:26:51:fe:6d:17:91:bb:
b0:69:6b:0f:77:66:e4:d3:da:63:b0:c1:32:40:1b:da:98:82:
ce:94:90:f9:56:de:5a:25:dd:ee:6c:7c:bf:4f:c1:37:90:a3:
5d:41:df:03:d0:c9:fb:e5:f1:bf:ff:02:76:cf:b7:b5:e9:7b:
ee:56:44:62:71:cd:c2:8f:a2:3f:8f:e4:52:43:15:ff:1e:f7:
c2:03:21:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2zHq9jfXr2SMFsp1UErDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTE4Njg3ZmRkNmZmODBmYjA5OGE5ZWVlZjA2ZGUzNzdm
ODVkNmUwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYxMmMxNWFhOTY0OGYwODI5MGUyZDU5ZGM0YzU2MjMxMGFlNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnh7agqHyUezgDIXQwPaMsfWjRHI
TaOi3yTHUlQMLuH9i2+oyBIp6Bx9BKMs/tc4OYMR0bb1PWAD/3393jbsBUnynEHV
wCf+WsE6wApdNgnUC98Ji1j4G+pOZ5x4PqKyVMzK7nnpgMz5Q6/nF3uYYNkG8jsv
9TWql6qFVTYa3IzQCZ9dqRZPeEXS5MmzehHEI4QRNujiQf9YVFHHpUR3vQ1NCxqd
GdMdZbUlrN9JkMm4SIUITjyGdsAeistJdIkdY9I/MnsyOPDeBhj3l4djNbuWlNJz
Hx5RxelaEo9Tz3IXYIudchzZiX28/CMnOjEOHpTvx872dHQUL9pZkfvXTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHHxLBWqlkjwgpDi1Z3ExWIxCuQ9MB8GA1UdIwQY
MBaAFJgRhof91v+A+wmKnu7wbeN3+F1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYt
NjlhZjBhNmU5ODliLzEvY2ZFc0ZhcVdTUENDa09MVm5jVEZZakVLNUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYtNjlhZjBhNmU5ODli
LzEvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UVgMA0E
AgACMAcDBQAqAFgAMA0GCSqGSIb3DQEBCwUAA4IBAQBqqO0P7s9RP4sMBGZRs9IS
l3meuvXvfcxNlfxJUcPuR8xah6venZuxoWQaC8BaQGRztCHEQO0CyJh1DfLCsv0T
k6NIPvGL7jQeSXWiL5ObqGKmIJreCE44cN0VUeC23YlUFFAu8jnuH+ONUSLvtFrf
U76f7pKHndJ0zKR7V1KAu13qNgEYARhOqKtsV81ayUIi3hcHl6DKqEQs9pGraVWF
iWdHZS5clP2vz1WtUyZR/m0XkbuwaWsPd2bk09pjsMEyQBvamILOlJD5Vt5aJd3u
bHy/T8E3kKNdQd8D0Mn75fG//wJ2z7e16XvuVkRicc3Cj6I/j+RSQxX/HvfCAyHx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:05 2025 by rpki-client