Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/qoAhq7CgG7dOdM1oP-R2lWD0tn8.roa
File: qoAhq7CgG7dOdM1oP-R2lWD0tn8.roa (raw, json)
Hash identifier: j796r2pEkcybB3BUzuau5mk/zx/tsnjPg2pcl2EPSpk=
Subject key identifier: AA:80:21:AB:B0:A0:1B:B7:4E:74:CD:68:3F:E4:76:95:60:F4:B6:7F
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018CC56E65B053416046ED30C7CE59842C1E
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/qoAhq7CgG7dOdM1oP-R2lWD0tn8.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216334
IP address blocks: 217.196.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:36:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:65:b0:53:41:60:46:ed:30:c7:ce:59:84:2c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa8021abb0a01bb74e74cd683fe4769560f4b67f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:6f:c0:db:4d:e3:90:29:22:be:cf:9f:92:
4e:1c:62:f4:a7:41:52:99:99:aa:3c:27:6b:38:f4:
4f:41:31:27:33:46:d2:5b:e3:fa:6f:ea:8a:39:a7:
ac:58:5a:20:19:d8:c2:3a:c1:13:50:b2:89:63:ad:
e2:89:ba:ec:66:be:2f:16:47:d4:11:fc:21:20:a4:
b9:4f:70:ba:c1:1d:42:ca:8a:4d:59:b3:3b:4f:d2:
5e:7d:88:14:a5:8e:db:eb:87:0e:51:be:c5:6a:50:
c3:c0:88:3e:55:eb:3d:99:f7:ba:05:21:2e:90:23:
85:6b:3f:24:ef:4d:42:ac:8b:6f:2c:98:f6:1c:bf:
24:d0:3e:83:06:5c:c6:83:21:ef:39:eb:fa:67:d5:
f0:41:a1:83:0d:4a:e3:c8:7c:e6:96:ba:b3:2c:1d:
40:64:58:9f:1c:94:2a:bf:68:dd:b3:bb:59:53:5f:
3c:7e:35:52:c3:5e:3b:21:7c:52:01:1c:af:37:a4:
29:70:4c:e6:c8:9e:48:68:b3:16:38:f2:44:8d:d7:
15:1d:26:7f:9d:1e:41:5d:3e:f8:84:71:74:9b:e5:
24:c8:ea:64:8d:99:d0:c8:a8:cc:94:48:f1:d1:d6:
8c:d0:d1:34:87:8c:66:86:ee:14:4d:96:f0:71:53:
df:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:80:21:AB:B0:A0:1B:B7:4E:74:CD:68:3F:E4:76:95:60:F4:B6:7F
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/qoAhq7CgG7dOdM1oP-R2lWD0tn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.105.0/24
Signature Algorithm: sha256WithRSAEncryption
99:37:59:dc:ac:a3:dd:c6:cd:31:6c:cd:a4:b8:48:cb:e9:25:
a1:82:ec:04:b7:6c:13:cc:6e:1c:c2:f0:1e:4a:21:41:4c:46:
20:1f:da:01:d5:ba:63:74:7b:99:4f:a7:74:eb:a5:c5:5d:51:
bc:ed:c2:7c:0f:4f:2c:aa:38:46:f3:0c:d9:78:b8:b0:8f:09:
1a:7f:0e:10:ee:56:2e:9a:a7:0a:fd:ed:31:d7:ca:56:05:f5:
f3:23:f0:c9:27:14:d5:a4:93:ff:b7:67:78:b0:24:5e:7b:76:
ca:ba:d6:76:17:ce:93:2e:98:ed:77:91:73:be:5d:b1:56:a1:
a2:7a:52:20:56:76:96:10:03:ea:22:06:59:82:1b:93:01:b8:
03:34:4a:53:f9:02:6a:06:7a:f4:a7:4c:9d:8b:75:fd:96:cb:
ee:66:c8:41:83:95:1c:ff:bc:fa:62:09:7e:7d:e1:55:3b:b9:
49:52:91:4a:83:23:51:16:60:bc:bb:20:0b:ab:dd:c9:da:65:
e6:9a:51:dd:7b:48:46:cf:49:52:b0:fc:cf:4e:63:6d:36:58:
03:50:28:f7:8c:cc:9d:4b:ad:e9:14:32:f8:e4:8c:71:d0:29:
3b:ff:d1:35:11:ed:d2:9a:00:15:0c:40:ab:e2:76:4a:b5:e5:
78:80:64:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbmWwU0FgRu0wx85ZhCweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTgwMjFhYmIwYTAxYmI3NGU3NGNkNjgzZmU0NzY5NTYwZjRiNjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXpvwNtN45ApIr7Pn5JOHGL0p0FS
mZmqPCdrOPRPQTEnM0bSW+P6b+qKOaesWFogGdjCOsETULKJY63iibrsZr4vFkfU
EfwhIKS5T3C6wR1CyopNWbM7T9JefYgUpY7b64cOUb7FalDDwIg+Ves9mfe6BSEu
kCOFaz8k701CrItvLJj2HL8k0D6DBlzGgyHvOev6Z9XwQaGDDUrjyHzmlrqzLB1A
ZFifHJQqv2jds7tZU188fjVSw147IXxSARyvN6QpcEzmyJ5IaLMWOPJEjdcVHSZ/
nR5BXT74hHF0m+UkyOpkjZnQyKjMlEjx0daM0NE0h4xmhu4UTZbwcVPfvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqAIauwoBu3TnTNaD/kdpVg9LZ/MB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvcW9BaHE3Q2dHN2RPZE0xb1AtUjJsV0QwdG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cRpMA0G
CSqGSIb3DQEBCwUAA4IBAQCZN1ncrKPdxs0xbM2kuEjL6SWhguwEt2wTzG4cwvAe
SiFBTEYgH9oB1bpjdHuZT6d066XFXVG87cJ8D08sqjhG8wzZeLiwjwkafw4Q7lYu
mqcK/e0x18pWBfXzI/DJJxTVpJP/t2d4sCRee3bKutZ2F86TLpjtd5Fzvl2xVqGi
elIgVnaWEAPqIgZZghuTAbgDNEpT+QJqBnr0p0ydi3X9lsvuZshBg5Uc/7z6Ygl+
feFVO7lJUpFKgyNRFmC8uyALq93J2mXmmlHde0hGz0lSsPzPTmNtNlgDUCj3jMyd
S63pFDL45Ixx0Ck7/9E1Ee3SmgAVDECr4nZKteV4gGT6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:44 2025 by rpki-client