Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/cwK8UuYcXeCLAPO0NczRV5uWZqc.roa
File: cwK8UuYcXeCLAPO0NczRV5uWZqc.roa (raw, json)
Hash identifier: R3eQn8ZEJSXTprvv4SY0VEdpY6wHD/FhsQwuEZbd61E=
Subject key identifier: 73:02:BC:52:E6:1C:5D:E0:8B:00:F3:B4:35:CC:D1:57:9B:96:66:A7
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018D1351582C0C2C74AB431E0EE89F702EF0
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/cwK8UuYcXeCLAPO0NczRV5uWZqc.roa
Signing time: Tue 16 Jan 2024 17:28:34 +0000
ROA not before: Tue 16 Jan 2024 17:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 217.147.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 02:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:51:58:2c:0c:2c:74:ab:43:1e:0e:e8:9f:70:2e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 16 17:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7302bc52e61c5de08b00f3b435ccd1579b9666a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:86:64:cd:da:20:00:64:fa:d1:cc:73:27:
91:a5:1c:aa:4c:fa:8c:de:87:c4:39:ee:f7:fb:7b:
b2:a8:69:00:a0:37:94:64:16:de:0c:7c:8b:93:7d:
09:26:ae:1a:b9:7a:29:e0:a6:d8:34:ba:78:37:01:
50:c1:1f:35:4a:0c:9d:83:a9:c8:84:78:a4:8f:71:
84:56:1d:17:97:06:08:6e:d4:11:68:8d:5d:f5:97:
59:aa:42:61:13:85:d8:7c:6c:c0:34:83:27:4b:5e:
d2:2c:ec:57:07:98:fd:a8:7f:ef:d6:19:51:5c:4b:
66:c8:87:13:28:21:c9:ce:fd:66:12:37:73:24:28:
66:3f:3d:d7:e7:fd:d3:5d:96:cd:6c:0f:60:a3:31:
e7:dd:07:fa:a1:a8:b4:54:df:47:e8:55:0e:99:ed:
55:ea:49:4f:e2:51:b9:68:73:16:15:89:13:dc:ab:
89:91:3c:67:69:1d:b9:5e:75:1d:8d:c1:c8:2c:b3:
c8:18:0e:3f:31:5b:d4:e7:6f:4f:83:c9:c5:f7:d1:
a5:0f:db:a3:cb:f7:70:58:30:b9:3c:02:29:99:42:
7c:2f:50:f4:71:1e:0e:3c:7b:a7:4a:46:fc:0e:48:
9e:f1:25:b5:6a:1c:e5:1f:fc:68:cc:85:b5:f8:0e:
2d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:02:BC:52:E6:1C:5D:E0:8B:00:F3:B4:35:CC:D1:57:9B:96:66:A7
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/cwK8UuYcXeCLAPO0NczRV5uWZqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.166.0/24
Signature Algorithm: sha256WithRSAEncryption
19:88:c2:27:e6:60:99:e9:41:e7:a2:31:f0:8c:74:0a:31:fb:
80:93:75:b4:92:db:59:30:24:8a:3a:05:38:ab:c7:82:f9:d3:
6a:f0:c6:88:d0:78:73:31:01:a4:54:92:5c:3f:ea:b4:0f:08:
f3:29:5b:fe:76:5c:3a:9f:ea:a6:0f:78:23:23:55:7d:80:82:
a7:49:6a:96:ee:c1:83:49:09:e1:07:14:fe:f8:7c:2f:2b:2f:
b5:40:d7:af:03:e0:c6:d2:f6:4d:3e:40:8d:32:a2:93:bf:03:
14:9f:ad:99:37:a4:cb:67:37:5a:5c:19:e8:e4:61:05:05:9c:
5f:1d:f8:7c:2b:e7:76:7c:6c:c6:93:1d:9c:f9:96:c3:20:16:
11:21:b8:b0:b3:5a:f9:1d:9c:ed:9a:19:76:10:e9:8b:c5:99:
4a:5a:a1:e2:bc:c8:af:3e:36:39:a4:91:92:9b:09:65:b1:56:
a5:80:f1:b1:00:eb:cf:3a:cf:e6:77:f3:f8:fe:52:33:a4:6e:
f5:c6:46:09:bc:59:ee:5d:1c:1f:dc:24:91:22:f1:2e:f9:81:
ed:6a:07:3a:00:8d:dd:ef:32:5a:cb:34:6c:f4:da:47:72:af:
39:8d:d4:d3:0b:8e:d7:e1:bd:f0:64:aa:a5:f7:79:f1:b5:37:
4a:7e:b5:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0TUVgsDCx0q0MeDuifcC7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwMTE2MTcyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzAyYmM1MmU2MWM1ZGUwOGIwMGYzYjQzNWNjZDE1NzliOTY2NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkyGZM3aIABk+tHMcyeRpRyqTPqM
3ofEOe73+3uyqGkAoDeUZBbeDHyLk30JJq4auXop4KbYNLp4NwFQwR81Sgydg6nI
hHikj3GEVh0XlwYIbtQRaI1d9ZdZqkJhE4XYfGzANIMnS17SLOxXB5j9qH/v1hlR
XEtmyIcTKCHJzv1mEjdzJChmPz3X5/3TXZbNbA9gozHn3Qf6oai0VN9H6FUOme1V
6klP4lG5aHMWFYkT3KuJkTxnaR25XnUdjcHILLPIGA4/MVvU529Pg8nF99GlD9uj
y/dwWDC5PAIpmUJ8L1D0cR4OPHunSkb8Dkie8SW1ahzlH/xozIW1+A4tUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMCvFLmHF3giwDztDXM0VeblmanMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvY3dLOFV1WWNYZUNMQVBPME5jelJWNXVXWnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOmMA0G
CSqGSIb3DQEBCwUAA4IBAQAZiMIn5mCZ6UHnojHwjHQKMfuAk3W0kttZMCSKOgU4
q8eC+dNq8MaI0HhzMQGkVJJcP+q0DwjzKVv+dlw6n+qmD3gjI1V9gIKnSWqW7sGD
SQnhBxT++HwvKy+1QNevA+DG0vZNPkCNMqKTvwMUn62ZN6TLZzdaXBno5GEFBZxf
Hfh8K+d2fGzGkx2c+ZbDIBYRIbiws1r5HZztmhl2EOmLxZlKWqHivMivPjY5pJGS
mwllsValgPGxAOvPOs/md/P4/lIzpG71xkYJvFnuXRwf3CSRIvEu+YHtagc6AI3d
7zJayzRs9NpHcq85jdTTC47X4b3wZKql93nxtTdKfrXz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:35 2025 by rpki-client