Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/as4XisYAFaaKf8RkGD7BGsgtrq4.roa
File: as4XisYAFaaKf8RkGD7BGsgtrq4.roa (raw, json)
Hash identifier: zlDC5yzz5JTAQHNMasT+GJyEJcNhLYoF4IG9/eNmgY8=
Subject key identifier: 6A:CE:17:8A:C6:00:15:A6:8A:7F:C4:64:18:3E:C1:1A:C8:2D:AE:AE
Certificate issuer: /CN=33fbdbb20c2d97073c0de8b7caa75ec1eeb191b8
Certificate serial: 01856D13DE4261BD6770C61AA30D1F93763A
Authority key identifier: 33:FB:DB:B2:0C:2D:97:07:3C:0D:E8:B7:CA:A7:5E:C1:EE:B1:91:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_vbsgwtlwc8Dei3yqdewe6xkbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/as4XisYAFaaKf8RkGD7BGsgtrq4.roa
Signing time: Sun 01 Jan 2023 11:24:56 +0000
ROA not before: Sun 01 Jan 2023 11:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20571
IP address blocks: 217.169.64.0/20 maxlen: 24
2a0a:b7c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:de:42:61:bd:67:70:c6:1a:a3:0d:1f:93:76:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fbdbb20c2d97073c0de8b7caa75ec1eeb191b8
Validity
Not Before: Jan 1 11:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ace178ac60015a68a7fc464183ec11ac82daeae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:35:20:46:45:36:49:50:1b:f5:f9:4d:ab:
8b:4d:bc:17:50:17:21:1c:86:96:9f:41:f2:09:07:
26:b8:04:15:08:63:ae:42:90:17:4c:5a:0b:9f:83:
f7:eb:15:ea:ce:9a:f5:8c:d4:39:b2:fd:83:ed:51:
c9:63:3b:70:2f:c2:b3:83:bf:90:a1:f4:5c:0e:dd:
22:99:47:ad:59:06:47:50:96:2e:2e:26:04:b0:75:
a4:2e:26:2a:2a:b4:24:62:f9:04:e2:78:17:f4:2e:
6f:19:21:ad:91:b2:7c:47:b4:5c:19:24:c1:fb:d1:
0e:a7:92:be:11:4f:b7:34:5a:23:60:1f:39:0e:05:
6c:e8:13:85:bf:d9:f1:a1:9c:04:5f:b1:a7:2d:f8:
68:ed:55:4a:e9:99:17:f6:31:74:f3:29:19:61:98:
33:0e:78:c1:47:f5:66:5e:37:16:95:90:02:58:3f:
86:92:e9:bb:95:16:ae:b4:6b:52:c6:1b:9b:50:c3:
8c:3d:f9:57:fa:3b:4c:d6:e8:7e:3e:28:07:3f:dc:
22:92:d6:94:5f:e6:d5:27:e9:8c:82:89:6b:41:35:
91:b0:f1:d8:6b:e0:0e:24:8d:2e:3a:eb:b5:5c:ae:
d2:46:eb:1d:5b:07:bd:ec:a0:4b:64:7d:dd:c4:38:
d6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CE:17:8A:C6:00:15:A6:8A:7F:C4:64:18:3E:C1:1A:C8:2D:AE:AE
X509v3 Authority Key Identifier:
keyid:33:FB:DB:B2:0C:2D:97:07:3C:0D:E8:B7:CA:A7:5E:C1:EE:B1:91:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_vbsgwtlwc8Dei3yqdewe6xkbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/as4XisYAFaaKf8RkGD7BGsgtrq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/M_vbsgwtlwc8Dei3yqdewe6xkbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.64.0/20
IPv6:
2a0a:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
25:78:d7:9e:f8:d5:3a:44:c8:18:c2:37:78:9f:36:bb:6a:a8:
65:73:84:9b:db:0a:01:d4:80:b6:26:0c:ba:13:7d:6e:d9:1d:
36:98:97:4c:f5:2d:11:8f:67:6f:58:d2:86:d5:c1:cf:bf:be:
77:37:09:11:a1:54:e4:c4:ff:65:e5:bd:b8:f0:2c:e1:54:f9:
e8:50:6e:59:28:a2:ff:d9:fa:ec:fb:8d:cd:6e:e4:67:29:ed:
e8:c8:57:50:a2:09:32:fb:f2:6f:35:c9:29:43:da:56:64:21:
68:2b:43:e5:b6:80:87:ba:b2:d0:18:cc:23:7c:33:ad:d4:29:
fc:c9:c1:7d:3b:1a:49:77:62:31:44:80:0a:5b:c8:f8:e5:34:
a0:18:04:7e:76:d0:e5:7c:34:d4:7b:02:eb:9a:53:f6:c9:23:
5e:22:83:8f:8c:f8:23:b2:11:56:2d:07:10:7c:25:32:64:ff:
98:3a:8a:dd:85:00:ad:5d:42:e9:e6:39:05:08:ef:39:a7:be:
ff:27:b1:bf:1d:69:42:8b:80:2e:c5:9b:7d:2b:3a:31:57:94:
e6:79:3a:39:2e:92:af:64:e7:b3:8a:d2:44:cf:66:88:bf:aa:
0f:ee:7d:7e:86:69:12:19:46:90:69:2c:b0:4c:d9:e3:a5:87:
34:2b:35:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtE95CYb1ncMYaow0fk3Y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZmJkYmIyMGMyZDk3MDczYzBkZThiN2NhYTc1ZWMxZWVi
MTkxYjgwHhcNMjMwMTAxMTEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWNlMTc4YWM2MDAxNWE2OGE3ZmM0NjQxODNlYzExYWM4MmRhZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigA1IEZFNklQG/X5TauLTbwXUBch
HIaWn0HyCQcmuAQVCGOuQpAXTFoLn4P36xXqzpr1jNQ5sv2D7VHJYztwL8Kzg7+Q
ofRcDt0imUetWQZHUJYuLiYEsHWkLiYqKrQkYvkE4ngX9C5vGSGtkbJ8R7RcGSTB
+9EOp5K+EU+3NFojYB85DgVs6BOFv9nxoZwEX7GnLfho7VVK6ZkX9jF08ykZYZgz
DnjBR/VmXjcWlZACWD+Gkum7lRautGtSxhubUMOMPflX+jtM1uh+PigHP9wiktaU
X+bVJ+mMgolrQTWRsPHYa+AOJI0uOuu1XK7SRusdWwe97KBLZH3dxDjWkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGrOF4rGABWmin/EZBg+wRrILa6uMB8GA1UdIwQY
MBaAFDP727IMLZcHPA3ot8qnXsHusZG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV92YnNnd3Rsd2M4RGVpM3lxZGV3ZTZ4a2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zYTM2MmQtNDE5OC00YjA4LWJiMGEt
ZGJlNDFmYzgzOTllLzEvYXM0WGlzWUFGYWFLZjhSa0dEN0JHc2d0cnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8zYTM2MmQtNDE5OC00YjA4LWJiMGEtZGJlNDFmYzgzOTll
LzEvTV92YnNnd3Rsd2M4RGVpM3lxZGV3ZTZ4a2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2alAMA0E
AgACMAcDBQAqCrfAMA0GCSqGSIb3DQEBCwUAA4IBAQAleNee+NU6RMgYwjd4nza7
aqhlc4Sb2woB1IC2Jgy6E31u2R02mJdM9S0Rj2dvWNKG1cHPv753NwkRoVTkxP9l
5b248CzhVPnoUG5ZKKL/2frs+43NbuRnKe3oyFdQogky+/JvNckpQ9pWZCFoK0Pl
toCHurLQGMwjfDOt1Cn8ycF9OxpJd2IxRIAKW8j45TSgGAR+dtDlfDTUewLrmlP2
ySNeIoOPjPgjshFWLQcQfCUyZP+YOordhQCtXULp5jkFCO85p77/J7G/HWlCi4Au
xZt9KzoxV5TmeTo5LpKvZOezitJEz2aIv6oP7n1+hmkSGUaQaSywTNnjpYc0KzXx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:57 2024 by rpki-client on console-ams.rpki-client.org