Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/mFtbNp2F9fV4afhVzF5xociKAUo.roa
File: mFtbNp2F9fV4afhVzF5xociKAUo.roa (raw, json)
Hash identifier: HireAwsWRWGKaUn0XQOaqAxLPyzXwRmeE9zHVZV32LE=
Subject key identifier: 98:5B:5B:36:9D:85:F5:F5:78:69:F8:55:CC:5E:71:A1:C8:8A:01:4A
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 01856C53E870F0164175975BE10E925EC4A3
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/mFtbNp2F9fV4afhVzF5xociKAUo.roa
Signing time: Sun 01 Jan 2023 07:55:16 +0000
ROA not before: Sun 01 Jan 2023 07:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16004
IP address blocks: 217.29.72.0/24 maxlen: 24
217.29.72.0/21 maxlen: 21
217.29.76.0/24 maxlen: 24
217.29.77.0/24 maxlen: 24
2001:1ac0::/64 maxlen: 64
2001:1ac0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:e8:70:f0:16:41:75:97:5b:e1:0e:92:5e:c4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Jan 1 07:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=985b5b369d85f5f57869f855cc5e71a1c88a014a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:3a:f8:bc:a8:ca:4e:15:0c:90:8b:97:26:
88:40:a5:0f:8d:fc:ef:c3:2f:b3:f5:e0:87:73:31:
77:3c:a2:45:97:c2:fd:18:5c:a2:73:e1:e7:11:45:
da:aa:6d:df:9e:c9:5d:6d:a6:f5:21:01:85:34:8d:
75:58:cd:8e:25:f5:ad:fc:fb:f0:96:0e:c5:30:c8:
cb:b2:61:72:63:9b:c6:96:64:b8:b7:d3:8d:04:c6:
ad:f1:96:98:6d:20:e8:88:11:e7:d5:c3:51:71:39:
29:73:a3:c2:4f:78:7f:bd:85:e1:cd:a7:5b:2f:5b:
b0:92:13:96:cb:ff:a0:b4:4c:8e:53:4f:c4:31:43:
13:4d:c3:86:1a:3e:0e:bd:4c:6f:81:8c:b1:07:ec:
a9:cb:f3:9d:7a:94:8a:53:dc:c0:a4:2c:a2:41:8c:
9d:33:20:3a:bf:62:de:aa:88:b3:f9:d7:3f:87:cc:
e8:82:91:e0:bc:31:55:30:37:18:32:1a:7e:13:20:
9c:7d:fd:6f:45:af:d8:fb:ea:d6:41:74:85:12:cd:
ec:b0:57:84:2a:e3:dc:78:ae:6c:96:cd:05:d0:ad:
71:f3:49:8f:a1:7e:a2:31:3b:4c:a3:a6:94:82:a2:
f4:95:69:5b:5c:d6:da:40:16:f4:28:83:6a:b1:87:
b1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5B:5B:36:9D:85:F5:F5:78:69:F8:55:CC:5E:71:A1:C8:8A:01:4A
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/mFtbNp2F9fV4afhVzF5xociKAUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.72.0/21
IPv6:
2001:1ac0::/32
Signature Algorithm: sha256WithRSAEncryption
cc:d5:36:d9:c1:81:fa:6d:96:70:ca:3a:3e:31:97:32:90:72:
32:6b:87:88:99:ac:84:77:dd:1c:e8:b3:f6:56:75:92:cd:f7:
54:2d:55:35:56:21:c9:46:ca:ee:57:f0:11:47:16:91:24:6a:
69:73:c7:e6:7a:6c:2f:a8:35:db:39:66:ae:a2:91:1b:0b:b9:
1d:a2:26:4a:73:fa:b3:ab:2d:12:93:11:6c:81:ac:a0:53:a0:
fc:46:a1:9e:ff:17:51:8b:7d:eb:93:1b:77:8c:6e:77:72:42:
58:b8:4d:29:61:17:f6:df:34:11:08:b8:d1:b2:98:a1:a3:d8:
1c:68:db:8c:02:d8:73:85:87:66:6c:1c:35:40:45:7a:05:b5:
4b:46:d8:b6:ba:ea:69:4a:8f:27:5a:97:9d:5a:4a:48:c0:3d:
c4:99:c1:f8:47:ea:8a:87:d5:0f:9b:b5:64:36:9e:9c:e3:65:
02:44:88:f7:2b:ff:e8:c9:c0:26:14:0b:70:bc:5f:7d:d9:95:
a3:b3:71:8f:90:d3:2f:ea:c1:10:77:83:35:d5:9b:2e:53:4b:
70:4f:8c:35:b1:e1:72:67:de:4e:98:73:e9:f2:71:58:fc:67:
d5:22:79:07:f7:0f:92:86:0d:af:60:be:64:b3:f4:2c:57:4f:
fe:05:1c:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsU+hw8BZBdZdb4Q6SXsSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWRhNDY1NjE1YzYwMDk0MzcwODMzODkyZGE4NGM4ODZl
MWM0ZWYwHhcNMjMwMTAxMDc1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODViNWIzNjlkODVmNWY1Nzg2OWY4NTVjYzVlNzFhMWM4OGEwMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluA6+Lyoyk4VDJCLlyaIQKUPjfzv
wy+z9eCHczF3PKJFl8L9GFyic+HnEUXaqm3fnsldbab1IQGFNI11WM2OJfWt/Pvw
lg7FMMjLsmFyY5vGlmS4t9ONBMat8ZaYbSDoiBHn1cNRcTkpc6PCT3h/vYXhzadb
L1uwkhOWy/+gtEyOU0/EMUMTTcOGGj4OvUxvgYyxB+ypy/OdepSKU9zApCyiQYyd
MyA6v2Leqoiz+dc/h8zogpHgvDFVMDcYMhp+EyCcff1vRa/Y++rWQXSFEs3ssFeE
KuPceK5sls0F0K1x80mPoX6iMTtMo6aUgqL0lWlbXNbaQBb0KINqsYexFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJhbWzadhfX1eGn4VcxecaHIigFKMB8GA1UdIwQY
MBaAFNedpGVhXGAJQ3CDOJLahMiG4cTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDkt
ZGFkM2JiMTNjMGEyLzEvbUZ0Yk5wMkY5ZlY0YWZoVnpGNXhvY2lLQVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDktZGFkM2JiMTNjMGEy
LzEvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQD2R1IMA0E
AgACMAcDBQAgARrAMA0GCSqGSIb3DQEBCwUAA4IBAQDM1TbZwYH6bZZwyjo+MZcy
kHIya4eImayEd90c6LP2VnWSzfdULVU1ViHJRsruV/ARRxaRJGppc8fmemwvqDXb
OWauopEbC7kdoiZKc/qzqy0SkxFsgaygU6D8RqGe/xdRi33rkxt3jG53ckJYuE0p
YRf23zQRCLjRspiho9gcaNuMAthzhYdmbBw1QEV6BbVLRti2uuppSo8nWpedWkpI
wD3EmcH4R+qKh9UPm7VkNp6c42UCRIj3K//oycAmFAtwvF992ZWjs3GPkNMv6sEQ
d4M11ZsuU0twT4w1seFyZ95OmHPp8nFY/GfVInkH9w+Shg2vYL5ks/QsV0/+BRwA
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:06 2024 by rpki-client on console-fra.rpki-client.org