Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b07a4-5c00-4140-9896-62dc447fe438/1/ClMwMN0_3mKg4-N9J_YkJuKD8U0.roa
File: ClMwMN0_3mKg4-N9J_YkJuKD8U0.roa (raw, json)
Hash identifier: DbsQJsRlQdEvBmM5M0VYHAB5RQWTlzkMFlEegkRTjks=
Subject key identifier: 0A:53:30:30:DD:3F:DE:62:A0:E3:E3:7D:27:F6:24:26:E2:83:F1:4D
Certificate issuer: /CN=d8215b57d33cb2f34c17c0e8103bb051ff801ebf
Certificate serial: 01877A42A916D4BF82FCC72E66298A10C3C6
Authority key identifier: D8:21:5B:57:D3:3C:B2:F3:4C:17:C0:E8:10:3B:B0:51:FF:80:1E:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CFbV9M8svNMF8DoEDuwUf-AHr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b07a4-5c00-4140-9896-62dc447fe438/1/ClMwMN0_3mKg4-N9J_YkJuKD8U0.roa
Signing time: Thu 13 Apr 2023 10:56:41 +0000
ROA not before: Thu 13 Apr 2023 10:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29672
IP address blocks: 217.21.224.0/20 maxlen: 20
217.21.237.0/24 maxlen: 24
2a03:c780::/32 maxlen: 32
2a03:c780:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:42:a9:16:d4:bf:82:fc:c7:2e:66:29:8a:10:c3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8215b57d33cb2f34c17c0e8103bb051ff801ebf
Validity
Not Before: Apr 13 10:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a533030dd3fde62a0e3e37d27f62426e283f14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5f:a3:93:05:88:7a:e0:ba:9b:8b:49:29:e3:
5e:27:4e:64:a2:d2:8d:8c:4f:54:fe:8f:52:96:f2:
98:7b:29:8c:31:51:e1:0b:b1:ee:7c:92:bf:24:a4:
71:11:51:c3:ea:5d:64:dd:51:3c:31:1f:b9:34:94:
5c:95:11:17:e8:c2:8f:ee:fb:73:f9:40:96:d5:c9:
f8:bb:73:b9:ec:b7:5b:43:63:f8:c7:6b:c9:a6:06:
12:93:de:f0:b3:6d:69:5e:27:56:54:5c:6f:6b:9d:
dc:d5:67:da:37:c8:a2:3c:d8:58:f2:03:ef:bb:8b:
df:fb:89:9c:90:7f:ec:b4:6f:3f:f1:dc:32:6f:94:
e0:73:f8:03:99:8f:5c:ba:2d:4c:cd:b5:eb:82:e4:
02:bb:f7:a9:79:b9:47:5a:aa:56:18:c5:dd:d7:cd:
16:8f:74:77:86:55:f2:95:9c:e5:7b:f2:8b:18:14:
41:99:50:f4:0d:4f:59:89:af:fe:6b:3d:2b:f4:2c:
0d:16:46:6a:c3:29:46:0a:8e:ca:21:05:4e:fb:f7:
ad:1f:7c:cb:6d:dc:ba:e7:44:30:e4:27:d6:ff:7c:
93:32:fc:e1:57:b3:9e:30:f4:6f:d2:40:23:68:b3:
fd:58:32:c5:8c:c0:54:54:0c:6d:e9:73:97:d4:43:
12:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:53:30:30:DD:3F:DE:62:A0:E3:E3:7D:27:F6:24:26:E2:83:F1:4D
X509v3 Authority Key Identifier:
keyid:D8:21:5B:57:D3:3C:B2:F3:4C:17:C0:E8:10:3B:B0:51:FF:80:1E:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CFbV9M8svNMF8DoEDuwUf-AHr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b07a4-5c00-4140-9896-62dc447fe438/1/ClMwMN0_3mKg4-N9J_YkJuKD8U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b07a4-5c00-4140-9896-62dc447fe438/1/2CFbV9M8svNMF8DoEDuwUf-AHr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.21.224.0/20
IPv6:
2a03:c780::/32
Signature Algorithm: sha256WithRSAEncryption
07:83:4f:03:c8:31:71:88:9f:2a:27:43:c7:03:76:f0:71:b7:
15:c5:a5:31:88:5e:70:c6:a1:00:8b:dd:fd:c9:24:da:0f:7f:
fc:6b:fb:84:3e:2d:a5:f2:15:01:fb:a5:2e:34:9d:42:c3:8c:
31:4c:77:9d:e8:c1:da:ae:03:f3:6e:6b:22:31:35:5b:9d:79:
4a:8f:85:b6:2c:8e:e0:69:d1:54:5b:00:ae:a3:ec:4c:81:20:
e2:86:67:59:48:a2:35:ad:d3:59:20:a7:99:a4:72:f3:d6:99:
0f:0f:d9:56:fe:30:16:cc:b2:bb:83:8b:fe:3e:7e:5f:b6:8f:
d9:39:e2:4e:74:d6:3c:56:5c:0d:71:56:14:51:47:57:0d:50:
bb:66:cf:31:da:6a:30:22:92:2d:24:cb:e7:4a:8d:1c:d9:e6:
f2:1f:cf:6e:f2:b1:c0:b7:18:54:61:9d:e8:b3:5d:1b:4b:d5:
81:79:d5:3a:9c:98:65:43:59:75:2b:a2:ee:e1:cd:c4:e3:b3:
31:e3:eb:fb:81:ac:bf:4e:23:f8:70:c3:95:2a:e7:1a:4d:57:
62:03:6f:82:4a:55:3f:24:b3:c0:7a:ef:d5:21:00:9e:5e:df:
99:11:09:a5:0f:20:2f:19:c6:67:4a:ae:8e:8d:07:4e:6e:c0:
dd:e2:7c:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd6QqkW1L+C/McuZimKEMPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MjE1YjU3ZDMzY2IyZjM0YzE3YzBlODEwM2JiMDUxZmY4
MDFlYmYwHhcNMjMwNDEzMTA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTUzMzAzMGRkM2ZkZTYyYTBlM2UzN2QyN2Y2MjQyNmUyODNmMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl+jkwWIeuC6m4tJKeNeJ05kotKN
jE9U/o9SlvKYeymMMVHhC7HufJK/JKRxEVHD6l1k3VE8MR+5NJRclREX6MKP7vtz
+UCW1cn4u3O57LdbQ2P4x2vJpgYSk97ws21pXidWVFxva53c1WfaN8iiPNhY8gPv
u4vf+4mckH/stG8/8dwyb5Tgc/gDmY9cui1MzbXrguQCu/epeblHWqpWGMXd180W
j3R3hlXylZzle/KLGBRBmVD0DU9Zia/+az0r9CwNFkZqwylGCo7KIQVO+/etH3zL
bdy650Qw5CfW/3yTMvzhV7OeMPRv0kAjaLP9WDLFjMBUVAxt6XOX1EMSrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFApTMDDdP95ioOPjfSf2JCbig/FNMB8GA1UdIwQY
MBaAFNghW1fTPLLzTBfA6BA7sFH/gB6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNGYlY5TThzdk5NRjhEb0VEdXdVZi1BSHI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjA3YTQtNWMwMC00MTQwLTk4OTYt
NjJkYzQ0N2ZlNDM4LzEvQ2xNd01OMF8zbUtnNC1OOUpfWWtKdUtEOFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjA3YTQtNWMwMC00MTQwLTk4OTYtNjJkYzQ0N2ZlNDM4
LzEvMkNGYlY5TThzdk5NRjhEb0VEdXdVZi1BSHI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RXgMA0E
AgACMAcDBQAqA8eAMA0GCSqGSIb3DQEBCwUAA4IBAQAHg08DyDFxiJ8qJ0PHA3bw
cbcVxaUxiF5wxqEAi939ySTaD3/8a/uEPi2l8hUB+6UuNJ1Cw4wxTHed6MHargPz
bmsiMTVbnXlKj4W2LI7gadFUWwCuo+xMgSDihmdZSKI1rdNZIKeZpHLz1pkPD9lW
/jAWzLK7g4v+Pn5fto/ZOeJOdNY8VlwNcVYUUUdXDVC7Zs8x2mowIpItJMvnSo0c
2ebyH89u8rHAtxhUYZ3os10bS9WBedU6nJhlQ1l1K6Lu4c3E47Mx4+v7gay/TiP4
cMOVKucaTVdiA2+CSlU/JLPAeu/VIQCeXt+ZEQmlDyAvGcZnSq6OjQdObsDd4nxd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:50 2023 by rpki-client on console-fra.rpki-client.org