Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/83PV7SAeq3l7Gvuo6ReGz2NmC2A.roa
File: 83PV7SAeq3l7Gvuo6ReGz2NmC2A.roa (raw, json)
Hash identifier: kYeOH7DACbqndP8BiLtBVwoRICo31SR0I+GnblWhgTQ=
Subject key identifier: F3:73:D5:ED:20:1E:AB:79:7B:1A:FB:A8:E9:17:86:CF:63:66:0B:60
Certificate issuer: /CN=858e95622fd5445d6ed343f80e053eaffb118b2c
Certificate serial: 018AAB44D76A2DFD2600BF4B0A84FDD4D19A
Authority key identifier: 85:8E:95:62:2F:D5:44:5D:6E:D3:43:F8:0E:05:3E:AF:FB:11:8B:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hY6VYi_VRF1u00P4DgU-r_sRiyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/83PV7SAeq3l7Gvuo6ReGz2NmC2A.roa
Signing time: Tue 19 Sep 2023 02:28:50 +0000
ROA not before: Tue 19 Sep 2023 02:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25389
IP address blocks: 217.12.81.0/24 maxlen: 24
217.12.85.0/24 maxlen: 24
217.12.80.0/24 maxlen: 24
217.12.84.0/24 maxlen: 24
217.12.83.0/24 maxlen: 24
217.12.82.0/24 maxlen: 24
217.12.88.0/24 maxlen: 24
217.12.87.0/24 maxlen: 24
217.12.89.0/24 maxlen: 24
217.12.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ab:44:d7:6a:2d:fd:26:00:bf:4b:0a:84:fd:d4:d1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=858e95622fd5445d6ed343f80e053eaffb118b2c
Validity
Not Before: Sep 19 02:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f373d5ed201eab797b1afba8e91786cf63660b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:13:d3:cb:e4:69:d6:d5:60:df:b7:af:ad:d8:
7a:1d:f6:5a:9c:2a:60:ca:6e:a8:2b:7a:b0:62:91:
e4:c2:1a:8a:80:4d:cd:c9:73:aa:db:5c:1d:25:5a:
18:5d:d3:d7:bb:62:48:e1:54:95:09:3d:b5:32:50:
32:cf:d0:69:d4:d3:a2:1d:2e:0f:04:45:5a:37:24:
3d:02:1a:43:2f:e9:4a:33:73:a8:63:26:5b:d9:a8:
a4:55:0c:21:da:22:3c:fe:bb:68:a7:d9:2f:18:a4:
5f:cd:a3:5a:52:67:be:98:16:0b:13:b1:7a:e2:b4:
65:6d:b2:b2:01:ce:63:c9:1a:24:2f:4a:60:03:f0:
b6:c6:39:ec:ce:ce:39:2d:6e:d2:d4:58:9b:7a:73:
87:ca:57:5a:60:89:53:63:30:fb:70:cf:fa:23:75:
35:ec:75:15:f6:27:42:15:14:c3:55:43:cb:f6:c3:
40:48:47:f6:51:d7:94:2d:5e:85:0c:52:b1:99:90:
06:55:2f:f4:f6:15:39:45:a5:ab:0a:3f:70:4e:c4:
06:d6:d2:bb:1d:5a:71:f2:d0:1f:7f:40:31:91:63:
c4:dd:d5:f6:50:8e:7b:b0:67:01:8c:63:f7:54:07:
e1:da:92:c0:d4:a0:27:5a:c3:c9:39:12:11:f6:05:
3e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:73:D5:ED:20:1E:AB:79:7B:1A:FB:A8:E9:17:86:CF:63:66:0B:60
X509v3 Authority Key Identifier:
keyid:85:8E:95:62:2F:D5:44:5D:6E:D3:43:F8:0E:05:3E:AF:FB:11:8B:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hY6VYi_VRF1u00P4DgU-r_sRiyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/83PV7SAeq3l7Gvuo6ReGz2NmC2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/d7b006-2527-44e5-a401-5bd4dcc5d6ed/1/hY6VYi_VRF1u00P4DgU-r_sRiyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.80.0-217.12.89.255
Signature Algorithm: sha256WithRSAEncryption
20:58:10:ec:3f:e1:f0:1b:c7:4b:74:52:f7:64:92:42:f2:c0:
7d:11:f7:32:9a:03:23:44:f8:b1:66:44:f5:2f:4f:c4:b6:7f:
6d:66:cd:80:1d:b0:bb:f6:eb:93:4c:64:85:29:d3:c7:89:55:
71:f9:96:44:23:1d:6c:d7:01:19:08:7e:be:cf:55:45:e8:49:
2b:2e:11:84:c2:55:f6:be:b2:a4:de:4f:7a:0f:6c:85:32:93:
a6:06:6a:65:a3:40:d9:df:2e:ae:34:94:8e:e8:e2:10:74:f7:
47:1f:7a:f0:2e:eb:ec:c6:5d:51:db:53:19:10:c6:62:60:2f:
2a:ea:6c:81:83:65:86:95:f8:3d:77:ce:8a:5e:27:05:39:40:
46:f5:3c:d9:7e:33:69:93:9a:8b:94:98:ca:16:07:95:c6:c9:
a4:9c:ae:95:65:75:4b:a8:e0:ff:8e:af:5c:17:b9:1e:ff:f5:
7f:a4:b7:72:86:ef:b3:bc:75:bc:6e:7b:ad:96:32:2b:48:bf:
f6:50:69:d9:2b:7e:c9:7d:83:8c:8c:26:f4:ae:89:0e:b2:94:
0a:d7:06:e2:76:15:54:94:1d:09:c9:14:c1:af:da:bc:5c:5b:
9f:88:a8:25:eb:f9:59:ba:9b:cf:77:9a:6e:98:cc:bc:7f:61:
f5:a8:cb:5c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqrRNdqLf0mAL9LCoT91NGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OGU5NTYyMmZkNTQ0NWQ2ZWQzNDNmODBlMDUzZWFmZmIx
MThiMmMwHhcNMjMwOTE5MDIyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzczZDVlZDIwMWVhYjc5N2IxYWZiYThlOTE3ODZjZjYzNjYwYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBPTy+Rp1tVg37evrdh6HfZanCpg
ym6oK3qwYpHkwhqKgE3NyXOq21wdJVoYXdPXu2JI4VSVCT21MlAyz9Bp1NOiHS4P
BEVaNyQ9AhpDL+lKM3OoYyZb2aikVQwh2iI8/rtop9kvGKRfzaNaUme+mBYLE7F6
4rRlbbKyAc5jyRokL0pgA/C2xjnszs45LW7S1FibenOHyldaYIlTYzD7cM/6I3U1
7HUV9idCFRTDVUPL9sNASEf2UdeULV6FDFKxmZAGVS/09hU5RaWrCj9wTsQG1tK7
HVpx8tAff0AxkWPE3dX2UI57sGcBjGP3VAfh2pLA1KAnWsPJORIR9gU+JQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPNz1e0gHqt5exr7qOkXhs9jZgtgMB8GA1UdIwQY
MBaAFIWOlWIv1URdbtND+A4FPq/7EYssMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFk2VllpX1ZSRjF1MDBQNERnVS1yX3NSaXl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9kN2IwMDYtMjUyNy00NGU1LWE0MDEt
NWJkNGRjYzVkNmVkLzEvODNQVjdTQWVxM2w3R3Z1bzZSZUd6Mk5tQzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9kN2IwMDYtMjUyNy00NGU1LWE0MDEtNWJkNGRjYzVkNmVk
LzEvaFk2VllpX1ZSRjF1MDBQNERnVS1yX3NSaXl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATZDFAD
BAHZDFgwDQYJKoZIhvcNAQELBQADggEBACBYEOw/4fAbx0t0UvdkkkLywH0R9zKa
AyNE+LFmRPUvT8S2f21mzYAdsLv265NMZIUp08eJVXH5lkQjHWzXARkIfr7PVUXo
SSsuEYTCVfa+sqTeT3oPbIUyk6YGamWjQNnfLq40lI7o4hB090cfevAu6+zGXVHb
UxkQxmJgLyrqbIGDZYaV+D13zopeJwU5QEb1PNl+M2mTmouUmMoWB5XGyaScrpVl
dUuo4P+Or1wXuR7/9X+kt3KG77O8dbxue62WMitIv/ZQadkrfsl9g4yMJvSuiQ6y
lArXBuJ2FVSUHQnJFMGv2rxcW5+IqCXr+Vm6m893mm6YzLx/YfWoy1w=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:34 2024 by rpki-client on console-fra.rpki-client.org