Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/sGij5XTb69xw3lcJBaj7oLvKWUI.roa
File: sGij5XTb69xw3lcJBaj7oLvKWUI.roa (raw, json)
Hash identifier: BVjJSMqKMaJf0BDeSLpqmwLeD3nU0UUTpeNyWE1NblE=
Subject key identifier: B0:68:A3:E5:74:DB:EB:DC:70:DE:57:09:05:A8:FB:A0:BB:CA:59:42
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018A6458526F63F277F89C2722C348B1280F
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/sGij5XTb69xw3lcJBaj7oLvKWUI.roa
Signing time: Tue 05 Sep 2023 07:57:04 +0000
ROA not before: Tue 05 Sep 2023 07:57:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206728
IP address blocks: 217.197.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 07:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:58:52:6f:63:f2:77:f8:9c:27:22:c3:48:b1:28:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Sep 5 07:57:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b068a3e574dbebdc70de570905a8fba0bbca5942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:56:55:99:b2:b7:44:2a:73:f5:11:1a:0b:97:
ab:36:cc:cd:c7:e6:66:29:44:dc:0c:a0:05:da:68:
35:c8:ea:d6:b9:56:0b:ee:27:7c:b2:48:8d:3a:00:
0c:28:ba:23:42:3a:1b:e2:31:c9:f8:11:6e:6e:40:
a1:fa:be:0a:9e:fc:02:a3:dc:6c:88:41:1e:dd:7d:
d6:e5:cb:6a:8a:0d:1b:c7:e6:13:2a:4d:e4:24:98:
62:5e:0b:18:03:61:7b:64:87:b0:99:e0:aa:9f:ac:
4c:48:81:c4:cf:2a:b6:ab:d7:c7:ff:b3:64:83:ff:
f4:ad:82:c7:1c:62:78:ba:e9:08:0e:12:21:ac:92:
0d:94:52:d3:4d:fb:44:0d:56:97:85:ba:ec:6c:f6:
29:5c:48:a0:be:e2:e3:79:55:21:89:8c:eb:5d:5f:
8b:c7:4e:7b:37:12:75:76:c8:a8:7f:3d:34:de:f0:
94:75:c7:71:2b:8e:e3:8d:17:1b:40:73:af:c4:b0:
da:3a:b8:a7:bc:c8:44:5a:5d:95:fb:81:bd:0b:7d:
de:99:2f:ac:eb:1a:5b:cc:55:d1:aa:c0:30:60:54:
c2:9b:60:86:77:ef:17:53:c8:4d:2b:18:65:0c:6d:
46:e7:43:1d:03:1f:62:ce:80:18:a7:c7:76:96:2d:
4d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:68:A3:E5:74:DB:EB:DC:70:DE:57:09:05:A8:FB:A0:BB:CA:59:42
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/sGij5XTb69xw3lcJBaj7oLvKWUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.107.0/24
Signature Algorithm: sha256WithRSAEncryption
50:eb:fb:41:55:1e:d8:a6:a8:bf:52:bb:b8:13:8e:4e:8d:ff:
dc:40:49:bb:90:33:80:d3:25:83:e5:b7:f1:a6:e8:58:1a:18:
9c:0b:28:32:df:af:c6:a5:55:07:0e:a6:ed:52:76:40:e4:70:
e9:f3:eb:47:f7:07:fa:b0:5a:c2:0c:7d:1a:97:26:2f:97:30:
15:27:82:3b:95:44:9a:32:4c:18:d3:73:00:bb:e1:18:6f:55:
b7:d7:91:5e:0d:cf:88:4e:80:c0:ae:05:69:1b:4f:fb:41:54:
c7:ab:8c:65:cf:3a:7a:7a:96:c5:b6:41:de:b9:98:78:89:2e:
de:d2:ea:5b:74:c1:4d:a1:e3:17:72:83:4b:eb:64:02:97:0d:
00:27:b4:27:f9:04:a6:b5:18:45:c4:d3:47:09:ac:31:44:b8:
af:69:72:ec:94:8c:f4:70:86:54:75:f6:ef:3a:71:d1:e5:e6:
08:3f:09:68:6d:cb:25:b2:9d:6a:78:ef:6f:c2:8b:e2:ee:74:
25:06:87:48:8c:e0:45:93:62:72:2d:69:c6:e4:15:d3:66:67:
4e:cf:9a:45:a1:fc:c4:3f:b3:a8:d1:8f:20:92:98:c1:2b:dd:
72:4d:04:53:4d:1d:6a:c7:c4:d0:2c:1a:39:36:66:5f:80:5d:
f4:f2:6f:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpkWFJvY/J3+JwnIsNIsSgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjMwOTA1MDc1NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDY4YTNlNTc0ZGJlYmRjNzBkZTU3MDkwNWE4ZmJhMGJiY2E1OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFZVmbK3RCpz9REaC5erNszNx+Zm
KUTcDKAF2mg1yOrWuVYL7id8skiNOgAMKLojQjob4jHJ+BFubkCh+r4KnvwCo9xs
iEEe3X3W5ctqig0bx+YTKk3kJJhiXgsYA2F7ZIewmeCqn6xMSIHEzyq2q9fH/7Nk
g//0rYLHHGJ4uukIDhIhrJINlFLTTftEDVaXhbrsbPYpXEigvuLjeVUhiYzrXV+L
x057NxJ1dsiofz003vCUdcdxK47jjRcbQHOvxLDaOrinvMhEWl2V+4G9C33emS+s
6xpbzFXRqsAwYFTCm2CGd+8XU8hNKxhlDG1G50MdAx9izoAYp8d2li1NGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBoo+V02+vccN5XCQWo+6C7yllCMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvc0dpajVYVGI2OXh3M2xjSkJhajdvTHZLV1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVrMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ6/tBVR7Ypqi/Uru4E45Ojf/cQEm7kDOA0yWD5bfx
puhYGhicCygy36/GpVUHDqbtUnZA5HDp8+tH9wf6sFrCDH0alyYvlzAVJ4I7lUSa
MkwY03MAu+EYb1W315FeDc+IToDArgVpG0/7QVTHq4xlzzp6epbFtkHeuZh4iS7e
0upbdMFNoeMXcoNL62QClw0AJ7Qn+QSmtRhFxNNHCawxRLivaXLslIz0cIZUdfbv
OnHR5eYIPwlobcslsp1qeO9vwovi7nQlBodIjOBFk2JyLWnG5BXTZmdOz5pFofzE
P7Oo0Y8gkpjBK91yTQRTTR1qx8TQLBo5NmZfgF308m/7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:37 2024 by rpki-client on console-fra.rpki-client.org