Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/VWfx2THDEXc2WJerquBovP3losk.roa
File: VWfx2THDEXc2WJerquBovP3losk.roa (raw, json)
Hash identifier: vT1FPeDBPwY5GstUoV23eM5+Dzb4Iqvj4784x8UJXZw=
Subject key identifier: 55:67:F1:D9:31:C3:11:77:36:58:97:AB:AA:E0:68:BC:FD:E5:A2:C9
Certificate issuer: /CN=1ea0a9eb47d824b51f154442481a257168394551
Certificate serial: 01857002708F19FBC9A9BFB7DF613526E4E3
Authority key identifier: 1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/VWfx2THDEXc2WJerquBovP3losk.roa
Signing time: Mon 02 Jan 2023 01:04:46 +0000
ROA not before: Mon 02 Jan 2023 01:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204887
IP address blocks: 217.113.192.0/23 maxlen: 23
217.113.192.0/24 maxlen: 24
217.113.195.0/24 maxlen: 24
217.113.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:70:8f:19:fb:c9:a9:bf:b7:df:61:35:26:e4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea0a9eb47d824b51f154442481a257168394551
Validity
Not Before: Jan 2 01:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5567f1d931c31177365897abaae068bcfde5a2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:3a:72:f0:83:bf:51:12:99:17:ad:7e:0a:
d2:3e:65:72:6d:a1:da:21:5e:eb:24:b5:99:1e:18:
ee:d7:3f:68:8e:80:c8:24:8c:24:81:a4:ad:45:7b:
9e:d6:ba:f3:30:20:9f:dd:6b:60:3e:8d:01:17:10:
63:7b:ba:18:f8:14:0d:af:7b:24:10:ca:5c:82:95:
87:a0:de:8e:40:85:86:42:3a:63:36:a4:ea:86:da:
06:63:88:84:a6:d4:16:01:cd:b9:fc:97:b1:6a:74:
e1:e0:bb:e8:8c:fd:c6:45:e6:0b:d0:f8:b5:6f:9b:
ae:ef:6f:a0:1c:62:71:00:bd:7e:24:90:fb:3f:12:
8a:dc:72:93:c1:ad:4e:57:83:a2:74:ff:29:33:1f:
2b:43:37:5f:cc:7b:2d:9a:6e:16:71:b4:25:67:90:
0e:51:78:8a:33:53:d6:82:e8:94:67:32:c4:32:ef:
43:5c:73:4e:86:0e:0b:87:5a:a0:66:62:8e:d9:5f:
8c:61:ce:90:f1:7d:41:b5:44:55:94:b4:b3:ef:c9:
a3:4d:13:ae:03:9a:42:9b:1f:d9:1b:d6:83:b1:12:
34:76:96:c4:5b:89:a1:26:55:33:f9:ec:1c:e9:5b:
8f:11:9d:4f:83:2f:ed:fb:4c:0f:49:e2:c1:1b:be:
fd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:67:F1:D9:31:C3:11:77:36:58:97:AB:AA:E0:68:BC:FD:E5:A2:C9
X509v3 Authority Key Identifier:
keyid:1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/VWfx2THDEXc2WJerquBovP3losk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.192.0/23
217.113.195.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ac:82:42:e1:a1:33:5a:50:23:91:aa:09:52:13:69:aa:75:
e4:3c:17:28:fe:64:2b:5a:7b:b3:9f:ae:2b:f9:62:e3:44:d8:
74:be:a0:27:31:83:b2:bb:37:c5:ad:c4:a5:51:dd:e4:49:56:
e3:e4:4b:5f:5b:0e:37:3a:fb:ee:d4:b0:c7:c3:49:87:55:ec:
10:d6:7d:e3:67:0b:ef:44:4c:7e:03:23:c5:1a:6c:cf:97:3b:
ca:ff:b6:39:49:80:bc:c0:f6:66:81:b0:08:6d:e1:b8:91:eb:
9f:86:a7:c1:d2:06:7f:18:93:07:75:7c:f5:51:ec:20:ee:2d:
c3:d8:ca:a1:d5:c7:1e:70:30:9f:ff:9e:7d:27:a2:a1:0e:fe:
ae:13:38:2f:71:5a:30:7f:49:3c:d2:ec:be:88:f8:7e:69:d9:
62:f5:79:03:c2:8f:19:50:75:7b:d8:ca:5b:e2:0b:8b:d8:65:
a3:a2:25:e9:51:0f:a6:8e:58:16:79:0f:37:c0:4c:0d:e9:dc:
b3:8a:ee:de:fa:13:d1:d5:3b:82:45:b3:f6:9e:86:7f:f2:4f:
bc:2a:b2:b3:49:37:48:eb:3e:2f:18:82:33:9f:2f:99:ba:96:
80:03:c9:60:24:22:19:3a:07:ba:7d:75:8a:75:a4:e7:61:1c:
9c:86:e7:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAnCPGfvJqb+332E1JuTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTBhOWViNDdkODI0YjUxZjE1NDQ0MjQ4MWEyNTcxNjgz
OTQ1NTEwHhcNMjMwMTAyMDEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY3ZjFkOTMxYzMxMTc3MzY1ODk3YWJhYWUwNjhiY2ZkZTVhMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyg6cvCDv1ESmRetfgrSPmVybaHa
IV7rJLWZHhju1z9ojoDIJIwkgaStRXue1rrzMCCf3WtgPo0BFxBje7oY+BQNr3sk
EMpcgpWHoN6OQIWGQjpjNqTqhtoGY4iEptQWAc25/JexanTh4LvojP3GReYL0Pi1
b5uu72+gHGJxAL1+JJD7PxKK3HKTwa1OV4OidP8pMx8rQzdfzHstmm4WcbQlZ5AO
UXiKM1PWguiUZzLEMu9DXHNOhg4Lh1qgZmKO2V+MYc6Q8X1BtURVlLSz78mjTROu
A5pCmx/ZG9aDsRI0dpbEW4mhJlUz+ewc6VuPEZ1Pgy/t+0wPSeLBG779MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVn8dkxwxF3NliXq6rgaLz95aLJMB8GA1UdIwQY
MBaAFB6gqetH2CS1HxVEQkgaJXFoOUVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzkt
ODQxOGE5NmY2Nzk1LzEvVldmeDJUSERFWGMyV0plcnF1Qm92UDNsb3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1
LzEvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB2XHAAwQA
2XHDMA0GCSqGSIb3DQEBCwUAA4IBAQARrIJC4aEzWlAjkaoJUhNpqnXkPBco/mQr
Wnuzn64r+WLjRNh0vqAnMYOyuzfFrcSlUd3kSVbj5EtfWw43Ovvu1LDHw0mHVewQ
1n3jZwvvREx+AyPFGmzPlzvK/7Y5SYC8wPZmgbAIbeG4keufhqfB0gZ/GJMHdXz1
Uewg7i3D2Mqh1ccecDCf/559J6KhDv6uEzgvcVowf0k80uy+iPh+adli9XkDwo8Z
UHV72Mpb4guL2GWjoiXpUQ+mjlgWeQ83wEwN6dyziu7e+hPR1TuCRbP2noZ/8k+8
KrKzSTdI6z4vGIIzny+ZupaAA8lgJCIZOge6fXWKdaTnYRychud1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:31 2024 by rpki-client on console-ams.rpki-client.org