Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/5yEQMYjnuyuLd0mOwfBeSlj8Z1Y.roa
File: 5yEQMYjnuyuLd0mOwfBeSlj8Z1Y.roa (raw, json)
Hash identifier: j4JdYc2IMSTZRlMVn3Cocfa74Yn7OGeOmmH5svNymtU=
Subject key identifier: E7:21:10:31:88:E7:BB:2B:8B:77:49:8E:C1:F0:5E:4A:58:FC:67:56
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 018CC2DAF828477397E3D2F44300501F0D8E
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/5yEQMYjnuyuLd0mOwfBeSlj8Z1Y.roa
Signing time: Mon 01 Jan 2024 02:29:39 +0000
ROA not before: Mon 01 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43145
IP address blocks: 217.66.101.0/24 maxlen: 24
217.66.102.0/24 maxlen: 24
217.66.103.0/24 maxlen: 24
217.66.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f8:28:47:73:97:e3:d2:f4:43:00:50:1f:0d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e721103188e7bb2b8b77498ec1f05e4a58fc6756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ea:a8:12:4c:d4:c2:d1:24:c4:ee:f8:3e:c9:
9c:15:8e:9c:7a:4a:53:cf:b0:31:53:00:f1:ec:51:
2c:c9:99:f8:e3:5e:95:6a:fb:02:cc:c0:07:8e:9f:
f2:14:7c:0d:9d:1b:47:66:a9:03:99:65:d7:89:ed:
4d:58:d5:9e:f9:e3:64:2c:7f:2f:6f:0a:48:24:98:
ec:61:23:d9:2b:b7:af:64:e6:7b:15:39:50:a5:56:
20:15:e9:23:d4:aa:2c:48:b8:fc:30:af:7e:66:2f:
7f:c1:cf:b6:fb:c1:89:1c:06:0c:fd:21:5b:4c:a2:
bb:c6:52:97:58:7b:6d:b2:e9:af:4b:4c:b2:11:fa:
fe:fb:5c:49:90:d3:a5:4e:11:a1:73:53:a7:76:53:
2c:bd:e2:a2:68:bb:ea:c5:db:8d:b4:04:1c:7c:5e:
4d:82:6c:ea:0c:9b:69:56:e7:88:1d:f4:22:4a:d2:
2c:7d:59:1e:ac:d0:66:c6:ad:42:e1:87:89:db:d2:
b6:b6:e7:00:9d:72:50:b2:7d:8e:4d:83:13:36:53:
e1:e1:bc:c1:20:74:ca:b7:27:8b:00:7d:e6:5f:c8:
6d:c1:e1:8e:02:20:a7:57:9e:4b:02:6e:27:54:8a:
f5:79:c5:4d:0a:09:7e:6b:24:ea:a6:26:12:be:5c:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:21:10:31:88:E7:BB:2B:8B:77:49:8E:C1:F0:5E:4A:58:FC:67:56
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/5yEQMYjnuyuLd0mOwfBeSlj8Z1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.100.0/22
Signature Algorithm: sha256WithRSAEncryption
13:8f:c9:70:4a:64:c2:12:d5:53:22:21:93:77:63:90:43:55:
7e:c2:d9:22:34:07:58:3c:93:90:64:c5:dc:e0:31:d5:09:33:
67:6f:d0:73:78:ab:8b:ae:dd:80:2d:23:ad:c0:8e:47:e4:59:
53:7e:02:ad:7a:99:19:eb:20:52:d5:fc:0b:10:c2:cf:a0:b8:
93:7c:55:a1:a0:1a:f1:d5:6f:22:22:98:e2:a6:4f:a3:16:3d:
84:b9:2c:28:dc:8a:43:87:95:1e:2d:ce:2e:86:11:d7:eb:11:
77:02:b6:53:35:67:46:ce:55:de:11:0e:f1:e5:de:06:2d:d5:
7b:8e:d4:32:9f:75:73:d4:cb:9c:bb:80:d5:94:53:0b:9c:19:
a3:ed:05:4e:63:f7:b7:bc:99:a9:77:7e:29:50:21:31:37:c0:
73:b0:fa:82:7f:42:2a:59:d9:c5:87:ee:ed:ad:67:bf:87:d4:
37:e2:df:9a:87:e3:8d:36:b5:b9:c8:76:b4:0d:71:03:28:72:
a6:f3:5e:8b:b4:c6:97:29:97:33:c9:70:10:e3:0f:be:d3:2e:
18:29:94:de:14:4c:eb:29:f4:4b:9b:ba:ab:7b:9c:e0:b2:59:
c0:ca:1f:ce:9c:f0:10:b9:d3:96:76:04:a9:12:dc:58:f5:d6:
96:89:a3:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2vgoR3OX49L0QwBQHw2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmNiNjQzZTZhMjFlMmZiNmUyMWNkMDY1M2FiMDk1ZTll
YmVmMTMwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzIxMTAzMTg4ZTdiYjJiOGI3NzQ5OGVjMWYwNWU0YTU4ZmM2NzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuqoEkzUwtEkxO74PsmcFY6cekpT
z7AxUwDx7FEsyZn4416VavsCzMAHjp/yFHwNnRtHZqkDmWXXie1NWNWe+eNkLH8v
bwpIJJjsYSPZK7evZOZ7FTlQpVYgFekj1KosSLj8MK9+Zi9/wc+2+8GJHAYM/SFb
TKK7xlKXWHttsumvS0yyEfr++1xJkNOlThGhc1OndlMsveKiaLvqxduNtAQcfF5N
gmzqDJtpVueIHfQiStIsfVkerNBmxq1C4YeJ29K2tucAnXJQsn2OTYMTNlPh4bzB
IHTKtyeLAH3mX8htweGOAiCnV55LAm4nVIr1ecVNCgl+ayTqpiYSvlykFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOchEDGI57sri3dJjsHwXkpY/GdWMB8GA1UdIwQY
MBaAFNr8tkPmoh4vtuIc0GU6sJXp6+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2Ut
ZGUyZGUxNWY5MGVkLzEvNXlFUU1Zam51eXVMZDBtT3dmQmVTbGo4WjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2UtZGUyZGUxNWY5MGVk
LzEvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UJkMA0G
CSqGSIb3DQEBCwUAA4IBAQATj8lwSmTCEtVTIiGTd2OQQ1V+wtkiNAdYPJOQZMXc
4DHVCTNnb9BzeKuLrt2ALSOtwI5H5FlTfgKtepkZ6yBS1fwLEMLPoLiTfFWhoBrx
1W8iIpjipk+jFj2EuSwo3IpDh5UeLc4uhhHX6xF3ArZTNWdGzlXeEQ7x5d4GLdV7
jtQyn3Vz1Mucu4DVlFMLnBmj7QVOY/e3vJmpd34pUCExN8BzsPqCf0IqWdnFh+7t
rWe/h9Q34t+ah+ONNrW5yHa0DXEDKHKm816LtMaXKZczyXAQ4w++0y4YKZTeFEzr
KfRLm7qre5zgslnAyh/OnPAQudOWdgSpEtxY9daWiaMz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:46 2025 by rpki-client