Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/zGHTpDtoFwnFHVQZPgKPPp8zA7Q.roa
File: zGHTpDtoFwnFHVQZPgKPPp8zA7Q.roa (raw, json)
Hash identifier: F/KidjkLB6QesntrQCgmZHtosGNXQFWOmk+4cMfH8QI=
Subject key identifier: CC:61:D3:A4:3B:68:17:09:C5:1D:54:19:3E:02:8F:3E:9F:33:03:B4
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018CC56E6314665B6298535647CE56B84291
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/zGHTpDtoFwnFHVQZPgKPPp8zA7Q.roa
Signing time: Mon 01 Jan 2024 14:29:54 +0000
ROA not before: Mon 01 Jan 2024 14:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206728
IP address blocks: 217.196.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 09:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:63:14:66:5b:62:98:53:56:47:ce:56:b8:42:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 14:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc61d3a43b681709c51d54193e028f3e9f3303b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:68:f5:eb:e5:f9:92:ba:46:1d:d6:55:1d:40:
90:18:b3:c8:eb:f8:49:de:5b:2d:59:2b:e1:e8:86:
b5:6b:2e:a2:85:83:c4:74:28:73:56:64:b6:87:0d:
34:12:fd:f3:2b:64:0d:8f:99:90:ea:10:a5:3b:6c:
68:6b:bf:75:e4:bf:2f:02:eb:a5:db:47:2e:ef:95:
9e:1c:c7:ec:15:71:3d:9b:77:ee:f0:be:d7:23:2e:
13:b3:28:0e:60:f7:95:9d:33:73:c7:e8:68:e6:d1:
6f:13:39:9a:42:e0:27:43:f6:e6:c2:f0:47:bd:3e:
7e:dc:49:e7:92:34:5d:82:79:df:f4:00:24:1a:6e:
85:a7:b8:29:3c:d6:00:00:42:77:a1:18:f3:c8:34:
47:83:03:75:46:47:ae:7c:7d:6b:7c:db:82:47:e1:
1e:45:9c:57:de:d6:f6:67:0d:17:d0:82:d9:af:f7:
44:fc:3c:1b:0a:e1:1f:e7:fd:cd:94:7f:bd:e6:2c:
98:92:e6:a7:43:65:4b:3e:99:1a:1f:66:25:57:ac:
db:bc:d4:f2:cb:70:29:24:d4:52:dd:70:d3:34:4c:
16:98:8a:8d:ef:a0:61:88:a2:ca:e8:c7:7b:47:48:
f1:fb:6b:4d:74:7a:2e:2b:d0:98:2c:7b:8b:18:45:
03:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:61:D3:A4:3B:68:17:09:C5:1D:54:19:3E:02:8F:3E:9F:33:03:B4
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/zGHTpDtoFwnFHVQZPgKPPp8zA7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.102.0/24
Signature Algorithm: sha256WithRSAEncryption
06:4f:7d:92:ef:c3:9a:7c:3e:62:de:dd:fa:a9:71:0d:a1:1e:
f9:e2:38:55:9d:cd:2d:fb:8a:41:d7:75:fd:cf:e2:e9:c7:6e:
a3:58:b2:19:87:73:0d:74:16:6d:83:43:f0:55:f6:37:63:5b:
5d:94:8a:2d:c6:0d:ec:7f:e8:5c:5f:49:ce:22:a6:19:5b:62:
7f:eb:b0:b7:cb:2f:db:e5:5b:24:f6:5a:da:c7:6f:e0:0e:31:
65:32:51:dd:4c:9f:b8:34:77:60:57:54:a0:70:88:65:6f:b2:
d1:9f:b2:de:e5:33:a3:09:ee:74:9a:28:5d:c8:7d:74:27:d0:
aa:e9:ed:86:c0:2f:fb:fc:78:dc:16:11:f4:e2:8d:56:9c:83:
f2:2f:6c:59:cf:6f:36:88:36:31:24:28:64:c3:33:4e:d1:e3:
0d:0c:7c:af:18:60:3c:4d:a1:12:4d:64:be:07:9e:51:8d:37:
26:3b:a5:94:af:32:fa:9e:9d:f4:3f:b8:2a:0e:dd:7f:59:42:
5c:e1:a8:8d:5e:7a:c4:b4:62:f4:a7:e9:27:5d:c6:8f:d6:94:
53:9d:13:ce:47:2d:97:c7:a4:9c:e1:3f:fd:4a:d5:67:f8:6d:
d8:17:89:71:d7:fd:2d:77:c5:30:c2:2e:35:3f:ba:ae:90:d1:
d3:aa:0e:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbmMUZltimFNWR85WuEKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwMTAxMTQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzYxZDNhNDNiNjgxNzA5YzUxZDU0MTkzZTAyOGYzZTlmMzMwM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmj16+X5krpGHdZVHUCQGLPI6/hJ
3lstWSvh6Ia1ay6ihYPEdChzVmS2hw00Ev3zK2QNj5mQ6hClO2xoa7915L8vAuul
20cu75WeHMfsFXE9m3fu8L7XIy4TsygOYPeVnTNzx+ho5tFvEzmaQuAnQ/bmwvBH
vT5+3EnnkjRdgnnf9AAkGm6Fp7gpPNYAAEJ3oRjzyDRHgwN1RkeufH1rfNuCR+Ee
RZxX3tb2Zw0X0ILZr/dE/DwbCuEf5/3NlH+95iyYkuanQ2VLPpkaH2YlV6zbvNTy
y3ApJNRS3XDTNEwWmIqN76BhiKLK6Md7R0jx+2tNdHouK9CYLHuLGEUDtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxh06Q7aBcJxR1UGT4Cjz6fMwO0MB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvekdIVHBEdG9Gd25GSFZRWlBnS1BQcDh6QTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cRmMA0G
CSqGSIb3DQEBCwUAA4IBAQAGT32S78OafD5i3t36qXENoR754jhVnc0t+4pB13X9
z+Lpx26jWLIZh3MNdBZtg0PwVfY3Y1tdlIotxg3sf+hcX0nOIqYZW2J/67C3yy/b
5Vsk9lrax2/gDjFlMlHdTJ+4NHdgV1SgcIhlb7LRn7Le5TOjCe50mihdyH10J9Cq
6e2GwC/7/HjcFhH04o1WnIPyL2xZz282iDYxJChkwzNO0eMNDHyvGGA8TaESTWS+
B55RjTcmO6WUrzL6np30P7gqDt1/WUJc4aiNXnrEtGL0p+knXcaP1pRTnRPORy2X
x6Sc4T/9StVn+G3YF4lx1/0td8Uwwi41P7qukNHTqg4Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:15 2025 by rpki-client