Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/68Qrg2AvLFCCI4kedNmr1NS2U5k.roa
File: 68Qrg2AvLFCCI4kedNmr1NS2U5k.roa (raw, json)
Hash identifier: Knuhp1VHaosiEBeBaiuvPjr8+A/caTvj80Khdx4B510=
Subject key identifier: EB:C4:2B:83:60:2F:2C:50:82:23:89:1E:74:D9:AB:D4:D4:B6:53:99
Certificate issuer: /CN=858e95622fd5445d6ed343f80e053eaffb118b2c
Certificate serial: 0185703969794A2BCDF0868931581896F48E
Authority key identifier: 85:8E:95:62:2F:D5:44:5D:6E:D3:43:F8:0E:05:3E:AF:FB:11:8B:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hY6VYi_VRF1u00P4DgU-r_sRiyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/68Qrg2AvLFCCI4kedNmr1NS2U5k.roa
Signing time: Mon 02 Jan 2023 02:04:48 +0000
ROA not before: Mon 02 Jan 2023 02:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25389
IP address blocks: 217.12.81.0/24 maxlen: 24
217.12.85.0/24 maxlen: 24
217.12.80.0/24 maxlen: 24
217.12.84.0/24 maxlen: 24
217.12.83.0/24 maxlen: 24
217.12.82.0/24 maxlen: 24
217.12.88.0/24 maxlen: 24
217.12.87.0/24 maxlen: 24
217.12.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:69:79:4a:2b:cd:f0:86:89:31:58:18:96:f4:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=858e95622fd5445d6ed343f80e053eaffb118b2c
Validity
Not Before: Jan 2 02:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebc42b83602f2c508223891e74d9abd4d4b65399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8d:43:0b:1d:33:17:0a:1c:30:6b:e9:64:71:
22:e4:25:aa:7f:8c:89:81:d3:9e:01:1d:14:b4:94:
f9:b5:9a:ae:82:11:38:d5:eb:3f:a5:26:fc:80:03:
78:52:c3:65:3b:cb:ab:01:fe:98:06:4c:02:b1:99:
95:89:b5:13:dd:4b:f4:d0:a9:ae:db:17:04:62:7b:
89:bc:56:bb:e5:13:e4:65:07:9e:ba:41:c6:58:50:
71:a6:b4:9c:b7:02:ae:1d:38:0e:15:bd:39:f1:3e:
66:08:91:23:76:14:23:5b:de:b9:8f:e9:b8:79:9a:
c3:b7:1d:de:54:04:d5:d6:69:28:ce:ed:7b:bc:7b:
1d:f2:46:97:a3:09:79:3d:5c:4b:e2:b4:99:60:e6:
aa:37:2b:1e:2d:ec:09:0a:ba:ef:8a:0c:8b:ca:0e:
2f:d2:a2:8c:34:8d:52:a4:43:c8:c7:5b:5d:46:4a:
cc:21:7b:b7:f8:4f:fc:de:d9:bd:96:8b:5e:1e:c7:
7b:d3:93:92:e3:a5:8e:21:e9:97:31:2e:58:3f:35:
4e:b1:8c:fc:f9:db:95:3e:43:3e:a6:ec:37:25:a9:
3d:c3:37:10:21:bc:b6:0c:a2:8d:8e:d3:53:61:79:
9c:51:25:6a:0f:3f:1d:d3:68:04:6b:16:6a:d3:ed:
3f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C4:2B:83:60:2F:2C:50:82:23:89:1E:74:D9:AB:D4:D4:B6:53:99
X509v3 Authority Key Identifier:
keyid:85:8E:95:62:2F:D5:44:5D:6E:D3:43:F8:0E:05:3E:AF:FB:11:8B:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hY6VYi_VRF1u00P4DgU-r_sRiyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/68Qrg2AvLFCCI4kedNmr1NS2U5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/hY6VYi_VRF1u00P4DgU-r_sRiyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.80.0-217.12.88.255
Signature Algorithm: sha256WithRSAEncryption
19:09:53:86:4b:9f:c8:28:4e:e3:af:a4:ae:ec:27:9d:e5:00:
04:b8:e3:b4:fd:0c:2e:61:a7:e8:be:eb:c1:a4:34:21:d7:73:
cc:c8:e1:66:b7:b9:ed:04:98:cf:66:eb:87:42:79:74:eb:66:
36:e2:70:ef:53:5c:e4:ce:74:a6:10:9e:81:9e:9f:d2:35:02:
dc:34:8a:8e:99:ec:71:32:8d:2e:23:57:61:ed:c9:7e:f1:f4:
77:21:7e:12:16:81:b5:14:ae:da:2d:55:f5:01:e6:a5:c7:15:
52:dd:59:07:08:96:ab:07:13:98:d7:63:c8:7c:4a:15:9a:0e:
ec:11:a8:27:62:ad:e1:8f:b1:ce:c7:13:78:e8:da:32:e2:cc:
29:8b:c2:67:67:23:f5:28:ad:f0:e9:01:f8:73:43:69:8c:cb:
af:4c:98:92:b0:ea:d0:14:c8:1c:41:9c:70:f6:ad:8c:e8:85:
c1:2f:fc:c8:76:5e:bc:c0:d6:6b:7a:2c:95:86:ac:0f:06:db:
f6:73:5a:39:f6:c3:30:80:35:5c:a3:49:27:35:eb:43:28:a7:
04:2e:0b:9a:2d:e3:c1:a0:d1:ab:a1:78:8d:76:9a:b8:71:1d:
41:ec:44:1f:2d:18:2d:02:14:7b:ec:18:d0:49:b2:27:a7:53:
7a:8d:53:59
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwOWl5SivN8IaJMVgYlvSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OGU5NTYyMmZkNTQ0NWQ2ZWQzNDNmODBlMDUzZWFmZmIx
MThiMmMwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmM0MmI4MzYwMmYyYzUwODIyMzg5MWU3NGQ5YWJkNGQ0YjY1Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI1DCx0zFwocMGvpZHEi5CWqf4yJ
gdOeAR0UtJT5tZqughE41es/pSb8gAN4UsNlO8urAf6YBkwCsZmVibUT3Uv00Kmu
2xcEYnuJvFa75RPkZQeeukHGWFBxprSctwKuHTgOFb058T5mCJEjdhQjW965j+m4
eZrDtx3eVATV1mkozu17vHsd8kaXowl5PVxL4rSZYOaqNyseLewJCrrvigyLyg4v
0qKMNI1SpEPIx1tdRkrMIXu3+E/83tm9loteHsd705OS46WOIemXMS5YPzVOsYz8
+duVPkM+puw3Jak9wzcQIby2DKKNjtNTYXmcUSVqDz8d02gEaxZq0+0/jwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOvEK4NgLyxQgiOJHnTZq9TUtlOZMB8GA1UdIwQY
MBaAFIWOlWIv1URdbtND+A4FPq/7EYssMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFk2VllpX1ZSRjF1MDBQNERnVS1yX3NSaXl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9kN2IwMDYtMjUyNy00NGU1LWE0MDEt
NWJkNGRjYzVkNmVkLzEvNjhRcmcyQXZMRkNDSTRrZWRObXIxTlMyVTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9kN2IwMDYtMjUyNy00NGU1LWE0MDEtNWJkNGRjYzVkNmVk
LzEvaFk2VllpX1ZSRjF1MDBQNERnVS1yX3NSaXl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATZDFAD
BADZDFgwDQYJKoZIhvcNAQELBQADggEBABkJU4ZLn8goTuOvpK7sJ53lAAS447T9
DC5hp+i+68GkNCHXc8zI4Wa3ue0EmM9m64dCeXTrZjbicO9TXOTOdKYQnoGen9I1
Atw0io6Z7HEyjS4jV2HtyX7x9HchfhIWgbUUrtotVfUB5qXHFVLdWQcIlqsHE5jX
Y8h8ShWaDuwRqCdireGPsc7HE3jo2jLizCmLwmdnI/UorfDpAfhzQ2mMy69MmJKw
6tAUyBxBnHD2rYzohcEv/Mh2XrzA1mt6LJWGrA8G2/ZzWjn2wzCANVyjSSc160Mo
pwQuC5ot48Gg0auheI12mrhxHUHsRB8tGC0CFHvsGNBJsienU3qNU1k=
-----END CERTIFICATE-----
Generated at Tue Sep 19 02:55:06 2023 by rpki-client on console-ams.rpki-client.org