Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/GxN3c2GqL0i6WIap6xZtAV7By4M.roa
File: GxN3c2GqL0i6WIap6xZtAV7By4M.roa (raw, json)
Hash identifier: XgJhqbRKYjfe1XAVYjIq68ejbS5G+7do1/Gx9VYUwmY=
Subject key identifier: 1B:13:77:73:61:AA:2F:48:BA:58:86:A9:EB:16:6D:01:5E:C1:CB:83
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 0194EEB18AF0B408894CD8E6828ABF776AFE
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/GxN3c2GqL0i6WIap6xZtAV7By4M.roa
Signing time: Mon 10 Feb 2025 07:10:00 +0000
ROA not before: Mon 10 Feb 2025 07:10:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.147.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 14:38:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:b1:8a:f0:b4:08:89:4c:d8:e6:82:8a:bf:77:6a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Feb 10 07:10:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b13777361aa2f48ba5886a9eb166d015ec1cb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:17:8e:32:5d:3a:93:17:21:09:e2:1d:6a:a9:
ba:2e:7f:18:5c:0e:d6:27:49:7a:87:47:3f:b4:4e:
ad:b2:ce:9f:58:4f:d6:3f:26:27:00:a9:16:34:0d:
3c:b6:a9:d8:3f:37:ec:34:13:c5:24:4e:23:d1:2f:
25:ba:8e:27:7f:4b:38:f9:f0:8f:a3:19:64:dc:89:
3d:2a:0f:df:70:2f:7a:76:ad:5d:7f:89:b0:10:10:
40:4c:86:37:d6:3b:e2:ca:07:4b:86:44:33:85:54:
3f:de:f2:1f:2d:95:30:18:08:ac:1b:33:50:80:ac:
13:1a:d7:69:0b:5a:77:83:3d:b6:8a:fd:ef:1a:45:
63:3d:4e:c0:c8:0d:fe:da:05:40:f1:83:fd:f7:30:
39:0a:98:bd:ff:ea:ae:79:e1:6e:0c:2e:8a:92:63:
9c:41:bd:6f:f0:8c:b9:0e:d2:58:0f:45:8e:31:cc:
b5:a0:54:b3:af:10:c4:00:3d:ea:35:ad:67:50:83:
ed:85:ab:1e:8f:dc:be:c2:b0:ea:82:00:bb:cf:1d:
3a:18:c5:f7:21:17:16:5e:ee:19:6f:34:86:c9:4b:
dc:21:c8:2d:4c:59:0f:0e:f3:67:12:1e:0f:3b:6a:
7e:2d:0b:df:ba:6a:bb:74:a8:e3:b6:de:6a:d2:43:
b4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:13:77:73:61:AA:2F:48:BA:58:86:A9:EB:16:6D:01:5E:C1:CB:83
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/GxN3c2GqL0i6WIap6xZtAV7By4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.165.0/24
Signature Algorithm: sha256WithRSAEncryption
11:9a:3b:ec:82:d2:3b:cd:1c:4c:72:c8:47:85:1a:b0:3a:3e:
33:13:df:b6:88:7a:7f:f5:f6:86:c8:7a:6a:c8:35:db:4d:72:
a5:9a:1e:27:7b:57:99:8a:fa:28:8e:7d:39:aa:20:c3:a3:aa:
12:4a:8d:b0:e3:72:de:1f:70:b1:e3:53:85:5a:4e:6b:e2:e0:
21:63:c8:1f:60:91:92:db:ed:de:2a:d3:77:9d:26:ef:68:b9:
91:bc:1b:b1:f3:88:23:8e:aa:b4:a7:f6:85:8e:5a:d9:3d:07:
1a:05:c4:32:af:be:8a:3b:cb:c4:f6:5f:2a:14:f0:9f:67:51:
30:6e:f9:9b:24:cf:fc:a3:eb:a1:e8:c2:63:18:64:d4:57:b9:
0f:cb:32:88:04:2f:2b:d6:db:48:e7:ee:bb:f7:e5:a7:88:86:
86:92:ff:c6:d3:ff:e3:c9:42:75:3c:ba:f0:66:f0:26:43:24:
86:e5:71:66:6d:8d:37:16:2b:43:0f:7b:4e:ed:d9:96:e3:4a:
9f:0d:08:25:5c:46:9c:70:9b:e7:2f:37:d8:7b:fe:5e:76:4c:
ac:91:c5:8f:32:89:84:69:5c:a8:bc:4d:34:1e:9d:82:ed:83:
b4:e1:26:57:7c:20:64:7e:1e:8b:7b:7c:da:35:76:39:d4:2e:
91:a8:4b:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTusYrwtAiJTNjmgoq/d2r+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjUwMjEwMDcxMDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjEzNzc3MzYxYWEyZjQ4YmE1ODg2YTllYjE2NmQwMTVlYzFjYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7heOMl06kxchCeIdaqm6Ln8YXA7W
J0l6h0c/tE6tss6fWE/WPyYnAKkWNA08tqnYPzfsNBPFJE4j0S8luo4nf0s4+fCP
oxlk3Ik9Kg/fcC96dq1df4mwEBBATIY31jviygdLhkQzhVQ/3vIfLZUwGAisGzNQ
gKwTGtdpC1p3gz22iv3vGkVjPU7AyA3+2gVA8YP99zA5Cpi9/+queeFuDC6KkmOc
Qb1v8Iy5DtJYD0WOMcy1oFSzrxDEAD3qNa1nUIPthasej9y+wrDqggC7zx06GMX3
IRcWXu4ZbzSGyUvcIcgtTFkPDvNnEh4PO2p+LQvfumq7dKjjtt5q0kO0XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBsTd3Nhqi9IuliGqesWbQFewcuDMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvR3hOM2MyR3FMMGk2V0lhcDZ4WnRBVjdCeTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOlMA0G
CSqGSIb3DQEBCwUAA4IBAQARmjvsgtI7zRxMcshHhRqwOj4zE9+2iHp/9faGyHpq
yDXbTXKlmh4ne1eZivoojn05qiDDo6oSSo2w43LeH3Cx41OFWk5r4uAhY8gfYJGS
2+3eKtN3nSbvaLmRvBux84gjjqq0p/aFjlrZPQcaBcQyr76KO8vE9l8qFPCfZ1Ew
bvmbJM/8o+uh6MJjGGTUV7kPyzKIBC8r1ttI5+679+WniIaGkv/G0//jyUJ1PLrw
ZvAmQySG5XFmbY03FitDD3tO7dmW40qfDQglXEaccJvnLzfYe/5edkyskcWPMomE
aVyovE00Hp2C7YO04SZXfCBkfh6Le3zaNXY51C6RqEv1
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:17 2025 by rpki-client