Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5l9s3c2Gz7MAhMEjrPmJJ7mS1RQ.roa
File: 5l9s3c2Gz7MAhMEjrPmJJ7mS1RQ.roa (raw, json)
Hash identifier: AdUqiV8F6QsI/GpdL6eOeSZJThGnocSU3cPeScGfBUY=
Subject key identifier: E6:5F:6C:DD:CD:86:CF:B3:00:84:C1:23:AC:F9:89:27:B9:92:D5:14
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018677BCA94DDE4FE47971F0343F994C3191
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5l9s3c2Gz7MAhMEjrPmJJ7mS1RQ.roa
Signing time: Wed 22 Feb 2023 06:08:18 +0000
ROA not before: Wed 22 Feb 2023 06:08:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212042
IP address blocks: 217.74.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:bc:a9:4d:de:4f:e4:79:71:f0:34:3f:99:4c:31:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 22 06:08:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e65f6cddcd86cfb30084c123acf98927b992d514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:bf:5c:b4:0c:8c:7e:5b:8d:7c:80:b1:5e:
e1:fb:17:0c:2b:8e:fc:8a:20:58:90:9c:eb:e6:b3:
c3:9f:a2:d8:ab:e9:a3:f9:08:98:28:fa:02:60:29:
dd:56:f2:ab:a9:4d:c8:5b:52:12:c1:7d:86:08:92:
67:0e:db:87:86:93:57:18:0c:41:59:f7:aa:44:7b:
86:c4:8a:45:77:7b:4c:cf:80:ba:d1:54:16:ce:05:
24:1c:f9:3f:2b:e9:19:d1:76:21:62:e1:49:10:a8:
ce:43:de:63:5f:03:8c:4a:52:b5:7d:0b:d5:ee:d3:
fc:78:94:17:a1:f2:40:9d:d7:ce:04:80:25:e3:e1:
b3:8b:18:bd:c1:c6:bd:54:a2:fe:5b:7e:0d:35:81:
2c:26:b7:64:0c:b7:5e:23:b7:e5:af:70:20:cd:eb:
0d:ed:d4:8f:82:ad:0f:9a:8f:c9:25:23:84:92:34:
9c:92:a6:9c:d3:64:62:23:c2:c3:86:42:1c:52:33:
a2:9c:36:de:bd:6f:11:4b:3b:a3:92:9d:8f:89:28:
07:09:1b:85:12:c6:f1:7f:fd:5a:18:d2:eb:33:87:
5e:06:d3:c9:7f:4b:61:35:12:45:b3:d8:81:e6:6e:
04:98:39:7e:f4:84:dd:90:8a:d4:45:63:68:ad:90:
b2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:5F:6C:DD:CD:86:CF:B3:00:84:C1:23:AC:F9:89:27:B9:92:D5:14
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5l9s3c2Gz7MAhMEjrPmJJ7mS1RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.74.17.0/24
Signature Algorithm: sha256WithRSAEncryption
22:8b:c4:c8:cf:8b:50:df:75:49:a2:28:2f:47:ed:47:e7:81:
93:fb:69:fb:81:25:9d:0b:d4:52:d6:fb:48:8a:2d:ac:6a:39:
5e:b7:a5:11:5a:9a:a7:50:45:8f:25:e4:87:cd:77:c9:61:bc:
06:e7:06:8b:f2:67:30:87:64:b7:53:53:1e:af:05:c4:1e:9b:
83:39:3d:3e:47:75:f6:c9:29:1d:6a:f1:19:19:13:ed:07:06:
70:0b:ff:28:9a:5c:a1:5f:f2:ef:ec:c9:2e:6a:36:74:97:06:
af:be:7e:4e:a6:57:8f:7a:7b:7f:73:3f:58:20:eb:d4:c4:d3:
9c:94:cf:20:2b:c6:5f:e2:48:13:20:56:6e:76:83:49:de:d4:
61:f1:22:b3:0b:f9:53:6e:25:43:6b:6e:de:0a:8a:65:46:63:
a1:24:90:d9:32:04:85:72:d3:68:fa:7a:07:c9:da:29:85:08:
0a:55:56:c2:f6:50:a8:0e:6f:15:18:52:54:6f:8d:f2:05:8a:
a8:05:60:39:1c:c3:57:48:01:72:bc:87:21:2a:e0:a3:c2:69:
18:49:af:e5:82:ee:a7:ac:4d:a2:44:fa:28:cc:1d:f7:9b:ef:
6b:f0:f5:2a:02:f1:c9:1c:99:90:0c:45:e2:23:20:8e:06:3f:
ef:d5:4a:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ3vKlN3k/keXHwND+ZTDGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIyMDYwODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjVmNmNkZGNkODZjZmIzMDA4NGMxMjNhY2Y5ODkyN2I5OTJkNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlei/XLQMjH5bjXyAsV7h+xcMK478
iiBYkJzr5rPDn6LYq+mj+QiYKPoCYCndVvKrqU3IW1ISwX2GCJJnDtuHhpNXGAxB
WfeqRHuGxIpFd3tMz4C60VQWzgUkHPk/K+kZ0XYhYuFJEKjOQ95jXwOMSlK1fQvV
7tP8eJQXofJAndfOBIAl4+Gzixi9wca9VKL+W34NNYEsJrdkDLdeI7flr3AgzesN
7dSPgq0Pmo/JJSOEkjSckqac02RiI8LDhkIcUjOinDbevW8RSzujkp2PiSgHCRuF
Esbxf/1aGNLrM4deBtPJf0thNRJFs9iB5m4EmDl+9ITdkIrURWNorZCyCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZfbN3Nhs+zAITBI6z5iSe5ktUUMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNWw5czNjMkd6N01BaE1FanJQbUpKN21TMVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UoRMA0G
CSqGSIb3DQEBCwUAA4IBAQAii8TIz4tQ33VJoigvR+1H54GT+2n7gSWdC9RS1vtI
ii2sajlet6URWpqnUEWPJeSHzXfJYbwG5waL8mcwh2S3U1MerwXEHpuDOT0+R3X2
ySkdavEZGRPtBwZwC/8omlyhX/Lv7MkuajZ0lwavvn5OplePent/cz9YIOvUxNOc
lM8gK8Zf4kgTIFZudoNJ3tRh8SKzC/lTbiVDa27eCoplRmOhJJDZMgSFctNo+noH
ydophQgKVVbC9lCoDm8VGFJUb43yBYqoBWA5HMNXSAFyvIchKuCjwmkYSa/lgu6n
rE2iRPoozB33m+9r8PUqAvHJHJmQDEXiIyCOBj/v1Up2
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org