Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/Aok9IG8VnO2UQtYiOg8GHpZuGcU.roa
File: Aok9IG8VnO2UQtYiOg8GHpZuGcU.roa (raw, json)
Hash identifier: zRu/eBHgoeZrEngBn03eT4ZgulRMZfxxm9IZp0tlQwg=
Subject key identifier: 02:89:3D:20:6F:15:9C:ED:94:42:D6:22:3A:0F:06:1E:96:6E:19:C5
Certificate issuer: /CN=1ea0a9eb47d824b51f154442481a257168394551
Certificate serial: 0185700270F0556EF321F7221EC0989134B8
Authority key identifier: 1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/Aok9IG8VnO2UQtYiOg8GHpZuGcU.roa
Signing time: Mon 02 Jan 2023 01:04:46 +0000
ROA not before: Mon 02 Jan 2023 01:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210743
IP address blocks: 217.113.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:70:f0:55:6e:f3:21:f7:22:1e:c0:98:91:34:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea0a9eb47d824b51f154442481a257168394551
Validity
Not Before: Jan 2 01:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02893d206f159ced9442d6223a0f061e966e19c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:71:2a:1e:ae:d0:6d:76:01:85:e5:1c:54:
19:65:6d:c1:15:c7:de:4a:3e:d0:fe:b4:ac:9b:6d:
6a:56:04:02:19:d2:ae:34:8d:f1:75:0a:40:e7:7d:
6d:2c:45:bb:ad:ce:5c:bb:cc:f5:a1:7f:14:a6:b7:
25:fd:f2:d7:1e:1b:23:20:05:9d:12:c1:78:5f:7a:
e5:b1:e3:ad:3c:32:2a:7d:d5:13:f6:7f:c0:73:80:
83:7e:29:46:ae:c0:a3:76:57:6b:e0:cc:df:e1:24:
ba:e4:05:ee:db:40:c6:ef:4e:86:52:a4:dc:28:c0:
cc:1a:6b:0c:70:52:f1:9b:35:ea:15:f9:fd:eb:7b:
b7:ec:60:2a:ba:d2:19:09:fe:e2:5e:85:7e:0e:24:
9f:60:f7:c3:db:5b:69:d3:95:9c:88:34:9e:95:ed:
11:06:2b:2a:33:c3:d5:2f:6f:12:9f:92:b3:f6:33:
93:91:c6:e0:a8:a5:98:5c:cf:c9:8b:03:4f:a5:c4:
62:0e:7d:b5:0e:16:dd:4b:58:b7:40:19:51:40:33:
24:e0:e3:71:00:8b:cd:0b:a3:d6:1b:3c:6c:ca:56:
4d:69:29:f7:fc:2b:76:e4:02:1f:fb:ae:4b:b8:e1:
85:39:80:99:c3:b0:f1:86:0d:4f:93:fa:c9:3f:39:
65:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:89:3D:20:6F:15:9C:ED:94:42:D6:22:3A:0F:06:1E:96:6E:19:C5
X509v3 Authority Key Identifier:
keyid:1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/Aok9IG8VnO2UQtYiOg8GHpZuGcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.194.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c4:3d:b1:04:f9:e5:74:6e:19:3f:98:8d:d9:75:e5:bf:15:
ad:00:1c:48:f3:c8:03:29:ff:86:23:b4:cd:5a:50:9f:05:43:
b5:f3:94:a4:1a:c4:cb:51:d9:8d:a4:49:9c:29:bf:c2:27:5e:
39:43:cb:61:95:23:8f:ca:18:82:78:2a:4d:6e:b3:e8:b7:6b:
6b:99:62:e5:40:71:30:22:c2:29:39:b2:01:9d:36:47:94:52:
69:95:6f:6b:4c:94:7e:53:83:b5:75:15:45:80:fe:7e:82:60:
0d:c4:39:9c:87:f3:9e:20:02:db:e7:52:e9:20:f1:66:dc:af:
61:c8:07:93:68:da:f8:79:d7:52:fb:0b:45:63:40:9f:d3:fb:
eb:2d:9c:f4:54:6e:b7:d3:c0:96:69:d9:b9:7c:d4:09:eb:86:
c0:7d:03:ef:32:09:ad:93:b1:96:52:44:f1:0a:3a:8a:7f:6a:
5a:7f:92:59:bb:8e:63:7c:ce:75:46:be:c2:72:45:db:c6:51:
ec:a0:13:0e:9c:f0:80:5b:85:b6:49:b5:33:95:e6:d9:a2:d1:
7d:e6:a7:df:36:45:b3:fa:5a:b6:3b:8b:c2:0f:38:4d:72:2c:
d7:6a:d7:07:8e:43:0a:05:e2:96:0c:d3:6d:89:82:6c:0c:4d:
8e:13:71:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnDwVW7zIfciHsCYkTS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTBhOWViNDdkODI0YjUxZjE1NDQ0MjQ4MWEyNTcxNjgz
OTQ1NTEwHhcNMjMwMTAyMDEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg5M2QyMDZmMTU5Y2VkOTQ0MmQ2MjIzYTBmMDYxZTk2NmUxOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnlxKh6u0G12AYXlHFQZZW3BFcfe
Sj7Q/rSsm21qVgQCGdKuNI3xdQpA531tLEW7rc5cu8z1oX8Uprcl/fLXHhsjIAWd
EsF4X3rlseOtPDIqfdUT9n/Ac4CDfilGrsCjdldr4Mzf4SS65AXu20DG706GUqTc
KMDMGmsMcFLxmzXqFfn963u37GAqutIZCf7iXoV+DiSfYPfD21tp05WciDSele0R
BisqM8PVL28Sn5Kz9jOTkcbgqKWYXM/JiwNPpcRiDn21DhbdS1i3QBlRQDMk4ONx
AIvNC6PWGzxsylZNaSn3/Ct25AIf+65LuOGFOYCZw7Dxhg1Pk/rJPzllDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKJPSBvFZztlELWIjoPBh6WbhnFMB8GA1UdIwQY
MBaAFB6gqetH2CS1HxVEQkgaJXFoOUVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzkt
ODQxOGE5NmY2Nzk1LzEvQW9rOUlHOFZuTzJVUXRZaU9nOEdIcFp1R2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1
LzEvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XHCMA0G
CSqGSIb3DQEBCwUAA4IBAQA/xD2xBPnldG4ZP5iN2XXlvxWtABxI88gDKf+GI7TN
WlCfBUO185SkGsTLUdmNpEmcKb/CJ145Q8thlSOPyhiCeCpNbrPot2trmWLlQHEw
IsIpObIBnTZHlFJplW9rTJR+U4O1dRVFgP5+gmANxDmch/OeIALb51LpIPFm3K9h
yAeTaNr4eddS+wtFY0Cf0/vrLZz0VG6308CWadm5fNQJ64bAfQPvMgmtk7GWUkTx
CjqKf2paf5JZu45jfM51Rr7CckXbxlHsoBMOnPCAW4W2SbUzlebZotF95qffNkWz
+lq2O4vCDzhNcizXatcHjkMKBeKWDNNtiYJsDE2OE3Go
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org