Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/0qz_8Z77TfpoPjnZ8t_i9GkBsfM.roa
File: 0qz_8Z77TfpoPjnZ8t_i9GkBsfM.roa (raw, json)
Hash identifier: 0vl67iYmjfYha1aCrUvJDK91V96TDxBsqQNOBeHhDKo=
Subject key identifier: D2:AC:FF:F1:9E:FB:4D:FA:68:3E:39:D9:F2:DF:E2:F4:69:01:B1:F3
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0185711557D8E68CFBE5553888D1D84E43C8
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/0qz_8Z77TfpoPjnZ8t_i9GkBsfM.roa
Signing time: Mon 02 Jan 2023 06:05:02 +0000
ROA not before: Mon 02 Jan 2023 06:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201253
IP address blocks: 217.153.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:57:d8:e6:8c:fb:e5:55:38:88:d1:d8:4e:43:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2acfff19efb4dfa683e39d9f2dfe2f46901b1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:84:14:e9:cd:25:ff:4e:1f:01:8d:39:9a:46:
89:b5:59:d1:19:e2:db:ce:1d:49:d4:8f:51:9d:44:
b5:3c:76:93:77:2b:4f:a2:88:16:12:22:b8:5c:64:
39:40:b8:48:1e:07:63:9a:22:77:e9:21:93:0e:26:
61:33:61:fc:27:c8:5f:cf:34:9f:23:a8:09:da:d1:
ba:4d:ad:0f:f6:61:b1:ea:71:cf:d7:57:30:1c:cd:
4f:d2:4c:19:eb:0c:84:cd:c0:6c:57:90:43:1d:d3:
1f:28:bc:14:1e:ba:82:6e:d2:c8:93:32:c9:b6:13:
04:55:e7:df:bc:8e:52:77:67:3c:e8:79:66:6c:e5:
6c:ed:f5:72:cd:23:14:04:4c:7e:40:6c:4a:58:a4:
cc:14:7a:63:b3:82:46:8e:a3:8b:fa:ce:08:6e:17:
59:63:7f:a2:7e:bc:f4:d5:ed:95:3c:f8:60:08:9c:
fe:47:b7:d0:84:d2:7d:ff:d1:2e:c6:97:30:25:ab:
2a:e5:17:45:50:55:a8:df:70:bd:b2:4d:90:0a:c8:
96:14:e6:08:1a:fc:e4:e9:13:a4:51:22:2a:c0:8f:
41:ed:0a:9b:84:47:64:70:fa:cf:7f:31:a5:3f:23:
2d:0b:98:4f:cd:4d:b7:9b:a9:27:ef:c1:b6:45:31:
17:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AC:FF:F1:9E:FB:4D:FA:68:3E:39:D9:F2:DF:E2:F4:69:01:B1:F3
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/0qz_8Z77TfpoPjnZ8t_i9GkBsfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.153.126.0/24
Signature Algorithm: sha256WithRSAEncryption
45:48:b6:a6:43:1d:87:02:75:ff:04:3e:ab:ff:67:7c:86:92:
ef:61:bd:a3:10:26:f0:14:ac:85:34:d1:5e:fc:b5:c9:a2:b7:
c5:cc:9a:9e:1a:58:24:5c:c2:cd:f6:9e:57:eb:4c:08:09:b3:
1b:f5:73:31:fe:57:47:f6:89:f9:16:1a:6f:f0:17:7f:62:4b:
ed:8b:6b:0e:ad:f5:34:ca:0e:20:16:29:c2:2d:83:c4:b0:65:
20:95:69:4e:01:55:c7:f7:2f:dd:5d:b1:b4:4f:66:9b:61:28:
76:1a:25:56:56:70:68:35:c0:3a:eb:fe:e7:77:f0:f7:74:8a:
77:e0:bc:33:e5:1e:70:ab:79:53:75:17:de:a2:e1:4b:61:aa:
26:9e:88:38:c4:4b:2f:10:1d:8a:d2:ac:8b:b2:e9:56:62:46:
41:06:d0:08:b0:98:01:2c:97:38:a6:28:fb:fe:80:d2:8a:47:
11:47:f8:af:4f:4a:08:d1:f5:4d:83:b4:be:de:a8:2b:56:a1:
2a:a9:bd:b0:32:a8:3b:f1:8e:74:61:05:ed:6d:37:d9:df:61:
1c:7b:71:f0:49:7a:0d:22:fb:3a:83:cc:b0:06:1d:58:b7:75:
12:a2:22:8f:f8:33:03:90:3e:1e:3f:91:fb:a1:3b:95:90:b6:
f7:e5:5d:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVfY5oz75VU4iNHYTkPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFjZmZmMTllZmI0ZGZhNjgzZTM5ZDlmMmRmZTJmNDY5MDFiMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14QU6c0l/04fAY05mkaJtVnRGeLb
zh1J1I9RnUS1PHaTdytPoogWEiK4XGQ5QLhIHgdjmiJ36SGTDiZhM2H8J8hfzzSf
I6gJ2tG6Ta0P9mGx6nHP11cwHM1P0kwZ6wyEzcBsV5BDHdMfKLwUHrqCbtLIkzLJ
thMEVeffvI5Sd2c86HlmbOVs7fVyzSMUBEx+QGxKWKTMFHpjs4JGjqOL+s4IbhdZ
Y3+ifrz01e2VPPhgCJz+R7fQhNJ9/9EuxpcwJasq5RdFUFWo33C9sk2QCsiWFOYI
Gvzk6ROkUSIqwI9B7QqbhEdkcPrPfzGlPyMtC5hPzU23m6kn78G2RTEXPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKs//Ge+036aD452fLf4vRpAbHzMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvMHF6XzhaNzdUZnBvUGpuWjh0X2k5R2tCc2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Zl+MA0G
CSqGSIb3DQEBCwUAA4IBAQBFSLamQx2HAnX/BD6r/2d8hpLvYb2jECbwFKyFNNFe
/LXJorfFzJqeGlgkXMLN9p5X60wICbMb9XMx/ldH9on5Fhpv8Bd/Ykvti2sOrfU0
yg4gFinCLYPEsGUglWlOAVXH9y/dXbG0T2abYSh2GiVWVnBoNcA66/7nd/D3dIp3
4Lwz5R5wq3lTdRfeouFLYaomnog4xEsvEB2K0qyLsulWYkZBBtAIsJgBLJc4pij7
/oDSikcRR/ivT0oI0fVNg7S+3qgrVqEqqb2wMqg78Y50YQXtbTfZ32Ece3HwSXoN
Ivs6g8ywBh1Yt3USoiKP+DMDkD4eP5H7oTuVkLb35V0k
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org