Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/gCgnD_OKP8x3NYUcazLIyGp7mHU.roa
File: gCgnD_OKP8x3NYUcazLIyGp7mHU.roa (raw, json)
Hash identifier: a+JS0iGdpRs+xFZboylkCwyPIU3FCUD6+SEDr38ovkc=
Subject key identifier: 80:28:27:0F:F3:8A:3F:CC:77:35:85:1C:6B:32:C8:C8:6A:7B:98:75
Certificate issuer: /CN=7470dfc0bb5ce06d86df24fe3caa4b4ef34178f4
Certificate serial: 0191364607C69B1E88B76E0165FD308ACE59
Authority key identifier: 74:70:DF:C0:BB:5C:E0:6D:86:DF:24:FE:3C:AA:4B:4E:F3:41:78:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHDfwLtc4G2G3yT-PKpLTvNBePQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/gCgnD_OKP8x3NYUcazLIyGp7mHU.roa
Signing time: Fri 09 Aug 2024 08:34:04 +0000
ROA not before: Fri 09 Aug 2024 08:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34141
IP address blocks: 217.198.16.0/20 maxlen: 20
217.198.16.0/21 maxlen: 21
217.198.24.0/22 maxlen: 22
217.198.28.0/23 maxlen: 23
2a02:7d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Aug 2024 11:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:46:07:c6:9b:1e:88:b7:6e:01:65:fd:30:8a:ce:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7470dfc0bb5ce06d86df24fe3caa4b4ef34178f4
Validity
Not Before: Aug 9 08:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8028270ff38a3fcc7735851c6b32c8c86a7b9875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f1:14:a7:60:7e:06:77:3f:68:82:dc:8e:87:
6e:1a:7a:5b:02:f3:38:de:07:1a:43:41:5a:bd:5f:
8b:a1:88:46:bb:c6:ec:19:0a:56:af:69:8d:59:cd:
28:e2:b0:9a:cf:88:f7:06:aa:bf:80:b8:6c:6b:81:
52:af:38:b9:aa:7e:30:65:61:64:7f:d9:a8:17:7a:
5f:06:41:ca:36:07:eb:ff:ad:93:75:8f:c4:d9:15:
b5:6e:0b:37:b7:f3:01:12:3b:cf:f4:21:af:16:ca:
81:8f:3c:f1:34:7c:b6:e8:3c:4c:76:08:e3:b3:81:
e6:ea:ed:2b:6f:e1:f0:db:71:f1:85:8d:9c:b4:19:
3d:78:d4:ef:a7:58:58:1d:23:b1:7e:e0:5b:bb:f5:
05:e6:e3:31:9f:f6:93:c4:88:70:0d:78:75:44:79:
b2:e7:04:3f:df:4a:40:8e:89:da:8f:13:09:67:1f:
92:bd:01:a8:ff:50:4c:d9:72:d9:37:a5:ec:a2:64:
69:4b:52:46:9a:53:38:6c:fe:b6:11:11:27:5f:26:
5c:4c:44:7c:6c:6a:88:22:99:a9:85:7d:f6:88:13:
12:6a:20:a9:80:42:4d:92:5e:e1:81:88:c3:19:d5:
8e:8e:00:a6:2e:37:81:54:c3:df:14:3d:6b:01:88:
78:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:28:27:0F:F3:8A:3F:CC:77:35:85:1C:6B:32:C8:C8:6A:7B:98:75
X509v3 Authority Key Identifier:
keyid:74:70:DF:C0:BB:5C:E0:6D:86:DF:24:FE:3C:AA:4B:4E:F3:41:78:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHDfwLtc4G2G3yT-PKpLTvNBePQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/gCgnD_OKP8x3NYUcazLIyGp7mHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/dHDfwLtc4G2G3yT-PKpLTvNBePQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.16.0/20
IPv6:
2a02:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:e6:1a:94:77:41:d1:05:0b:fe:b2:5d:de:e1:5a:cd:f0:81:
34:89:10:b7:8b:e8:31:84:f2:38:ee:33:4a:22:89:aa:7d:4e:
f1:64:bc:fd:70:29:8c:76:44:c3:ba:05:78:48:c6:a6:7d:d9:
90:37:e0:06:28:e2:8d:75:04:f8:8a:70:43:00:b0:0b:ab:e8:
71:6e:b8:d0:fa:ee:39:26:29:13:6d:32:2e:6c:5e:54:85:bd:
bb:1c:90:7b:51:f0:d1:43:76:1e:de:8f:59:2c:34:9f:17:ff:
aa:6d:66:31:75:db:95:4a:73:ae:28:ec:91:38:73:a9:07:94:
a4:91:22:3e:64:dc:a4:fb:5d:48:36:e8:6d:53:8f:21:d2:4d:
38:ae:6a:2d:e0:7c:c0:09:7d:b5:76:db:33:b0:b3:f1:66:c9:
b4:3e:f4:b3:76:dd:43:87:95:d7:32:4f:53:91:54:19:49:cb:
18:04:82:fe:17:98:af:95:fd:26:5f:b6:bd:42:7c:0f:36:3b:
09:f7:90:6d:3e:b0:01:b7:4b:67:6a:83:1b:41:3a:77:2d:6d:
80:2b:ee:5d:53:90:05:2a:6b:c8:0c:35:6c:fd:a4:ca:9b:63:
4e:bc:41:88:39:88:a6:4e:7f:8b:cd:d2:4c:1d:fe:41:a8:23:
06:ac:85:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZE2RgfGmx6It24BZf0wis5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzBkZmMwYmI1Y2UwNmQ4NmRmMjRmZTNjYWE0YjRlZjM0
MTc4ZjQwHhcNMjQwODA5MDgzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDI4MjcwZmYzOGEzZmNjNzczNTg1MWM2YjMyYzhjODZhN2I5ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfEUp2B+Bnc/aILcjoduGnpbAvM4
3gcaQ0FavV+LoYhGu8bsGQpWr2mNWc0o4rCaz4j3Bqq/gLhsa4FSrzi5qn4wZWFk
f9moF3pfBkHKNgfr/62TdY/E2RW1bgs3t/MBEjvP9CGvFsqBjzzxNHy26DxMdgjj
s4Hm6u0rb+Hw23HxhY2ctBk9eNTvp1hYHSOxfuBbu/UF5uMxn/aTxIhwDXh1RHmy
5wQ/30pAjonajxMJZx+SvQGo/1BM2XLZN6XsomRpS1JGmlM4bP62EREnXyZcTER8
bGqIIpmphX32iBMSaiCpgEJNkl7hgYjDGdWOjgCmLjeBVMPfFD1rAYh40wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIAoJw/zij/MdzWFHGsyyMhqe5h1MB8GA1UdIwQY
MBaAFHRw38C7XOBtht8k/jyqS07zQXj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhEZndMdGM0RzJHM3lULVBLcExUdk5CZVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8wYzYxMTEtNThmNy00Yjc1LWJjYWIt
OTBiYzQ2MjRjN2IyLzEvZ0NnbkRfT0tQOHgzTllVY2F6TEl5R3A3bUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8wYzYxMTEtNThmNy00Yjc1LWJjYWItOTBiYzQ2MjRjN2Iy
LzEvZEhEZndMdGM0RzJHM3lULVBLcExUdk5CZVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2cYQMA0E
AgACMAcDBQAqAgfQMA0GCSqGSIb3DQEBCwUAA4IBAQCd5hqUd0HRBQv+sl3e4VrN
8IE0iRC3i+gxhPI47jNKIomqfU7xZLz9cCmMdkTDugV4SMamfdmQN+AGKOKNdQT4
inBDALALq+hxbrjQ+u45JikTbTIubF5Uhb27HJB7UfDRQ3Ye3o9ZLDSfF/+qbWYx
dduVSnOuKOyROHOpB5SkkSI+ZNyk+11INuhtU48h0k04rmot4HzACX21dtszsLPx
Zsm0PvSzdt1Dh5XXMk9TkVQZScsYBIL+F5ivlf0mX7a9QnwPNjsJ95BtPrABt0tn
aoMbQTp3LW2AK+5dU5AFKmvIDDVs/aTKm2NOvEGIOYimTn+LzdJMHf5BqCMGrIVt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:29 2025 by rpki-client