Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/iVdHUBGY7AFSa0d6QrwYJllGlnQ.roa
File: iVdHUBGY7AFSa0d6QrwYJllGlnQ.roa (raw, json)
Hash identifier: mQB9zLaIQgjwbAmqlEFqEGKE0+snZeIyGwYFcNYrpTU=
Subject key identifier: 89:57:47:50:11:98:EC:01:52:6B:47:7A:42:BC:18:26:59:46:96:74
Certificate issuer: /CN=556c9a9c61980a90b5d0c51f86d7cbac9ff142da
Certificate serial: 018CC26D72272730952BC626E5F4E16E65D7
Authority key identifier: 55:6C:9A:9C:61:98:0A:90:B5:D0:C5:1F:86:D7:CB:AC:9F:F1:42:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWyanGGYCpC10MUfhtfLrJ_xQto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/iVdHUBGY7AFSa0d6QrwYJllGlnQ.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20553
IP address blocks: 217.168.192.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:72:27:27:30:95:2b:c6:26:e5:f4:e1:6e:65:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556c9a9c61980a90b5d0c51f86d7cbac9ff142da
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895747501198ec01526b477a42bc182659469674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:65:8d:e7:6f:a4:72:ef:1e:50:5d:44:7b:c4:
3a:6a:37:66:a1:82:4a:10:b8:d0:94:37:b6:a5:e6:
ea:0f:f2:02:a5:5b:fd:88:74:0f:e9:6f:8a:58:42:
e4:d4:e0:28:7b:8e:08:bf:1c:0c:3e:ad:3f:38:cd:
3f:84:f0:7b:78:1f:71:79:cf:47:bf:ad:24:8a:84:
92:2d:07:99:ce:19:7c:ec:6a:7d:e4:dd:ca:27:3c:
62:76:85:fb:30:b9:9a:db:b2:5d:a6:41:83:b0:6b:
b0:83:c4:13:b0:1b:9a:46:c5:4e:89:f1:d4:ac:ec:
90:ba:6a:40:04:52:48:d8:dd:ed:17:0b:cc:8e:16:
9d:84:01:51:3d:9f:17:ab:69:93:31:14:88:88:bc:
90:8b:b2:fe:e8:0b:89:b8:5b:74:1c:ef:24:e0:ee:
66:e1:e4:71:26:87:ad:56:5d:07:df:44:a3:a1:f2:
4c:a4:6f:b4:61:db:bd:34:d2:e8:80:ee:0c:06:ef:
8d:33:85:72:e7:17:43:d8:1b:94:61:9f:45:56:23:
78:7d:39:f9:52:96:96:e5:1e:70:2c:3d:1c:cf:f9:
b7:ab:bc:06:26:1b:83:53:13:ed:e5:c6:72:53:28:
91:66:69:9f:b3:ba:90:36:c8:41:4e:b3:32:f5:b6:
fb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:57:47:50:11:98:EC:01:52:6B:47:7A:42:BC:18:26:59:46:96:74
X509v3 Authority Key Identifier:
keyid:55:6C:9A:9C:61:98:0A:90:B5:D0:C5:1F:86:D7:CB:AC:9F:F1:42:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWyanGGYCpC10MUfhtfLrJ_xQto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/iVdHUBGY7AFSa0d6QrwYJllGlnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/VWyanGGYCpC10MUfhtfLrJ_xQto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.168.192.0/20
Signature Algorithm: sha256WithRSAEncryption
74:b9:2f:10:a9:51:1a:2d:72:a6:41:2e:18:dc:12:2e:b1:c1:
f8:e7:65:ef:79:4d:a1:8e:1e:21:47:e7:61:8b:e8:e1:de:4a:
ef:40:3b:f9:12:07:a8:d0:14:0b:be:23:85:32:18:98:0c:72:
9b:2b:9b:1b:47:17:e1:dd:6d:d6:16:4a:52:91:23:ca:77:d2:
cf:1a:50:04:fe:bf:5c:66:3f:a6:e7:15:c6:e4:a5:7c:e7:ab:
9e:9f:7c:52:28:b2:f1:89:02:c7:d7:b5:c2:2b:74:90:fc:34:
68:22:d2:e3:8d:fc:d6:9d:70:7a:b9:53:e5:63:63:25:b6:d0:
96:71:07:6b:df:e8:aa:2b:68:46:5f:aa:2a:24:fd:80:29:c2:
f4:04:28:ef:b8:c0:c4:5b:c8:7b:2b:82:52:8b:c2:d6:0b:8f:
35:af:49:d7:55:c2:2d:92:5c:29:5c:f9:9e:dd:50:71:b8:47:
1e:c0:a7:74:ae:f1:7e:da:af:bb:22:4d:fb:62:47:ab:f9:5b:
ac:a0:e2:c2:5d:d1:de:a4:53:81:6c:47:21:be:11:f3:24:1c:
d5:4a:71:fd:32:72:fa:fe:11:c7:60:64:73:b5:8b:2e:c3:24:
12:26:9e:34:ca:10:5a:87:23:14:db:12:2a:65:88:4d:68:53:
ea:17:44:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXInJzCVK8Ym5fThbmXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmM5YTljNjE5ODBhOTBiNWQwYzUxZjg2ZDdjYmFjOWZm
MTQyZGEwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU3NDc1MDExOThlYzAxNTI2YjQ3N2E0MmJjMTgyNjU5NDY5Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWWN52+kcu8eUF1Ee8Q6ajdmoYJK
ELjQlDe2pebqD/ICpVv9iHQP6W+KWELk1OAoe44IvxwMPq0/OM0/hPB7eB9xec9H
v60kioSSLQeZzhl87Gp95N3KJzxidoX7MLma27JdpkGDsGuwg8QTsBuaRsVOifHU
rOyQumpABFJI2N3tFwvMjhadhAFRPZ8Xq2mTMRSIiLyQi7L+6AuJuFt0HO8k4O5m
4eRxJoetVl0H30SjofJMpG+0Ydu9NNLogO4MBu+NM4Vy5xdD2BuUYZ9FViN4fTn5
UpaW5R5wLD0cz/m3q7wGJhuDUxPt5cZyUyiRZmmfs7qQNshBTrMy9bb7PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlXR1ARmOwBUmtHekK8GCZZRpZ0MB8GA1UdIwQY
MBaAFFVsmpxhmAqQtdDFH4bXy6yf8ULaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVld5YW5HR1lDcEMxME1VZmh0ZkxySl94UXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yNWE3NDctODQyNi00MzBhLTllMzAt
NDViMzQ0M2E3NmY5LzEvaVZkSFVCR1k3QUZTYTBkNlFyd1lKbGxHbG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yNWE3NDctODQyNi00MzBhLTllMzAtNDViMzQ0M2E3NmY5
LzEvVld5YW5HR1lDcEMxME1VZmh0ZkxySl94UXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ajAMA0G
CSqGSIb3DQEBCwUAA4IBAQB0uS8QqVEaLXKmQS4Y3BIuscH452XveU2hjh4hR+dh
i+jh3krvQDv5Egeo0BQLviOFMhiYDHKbK5sbRxfh3W3WFkpSkSPKd9LPGlAE/r9c
Zj+m5xXG5KV856uen3xSKLLxiQLH17XCK3SQ/DRoItLjjfzWnXB6uVPlY2MlttCW
cQdr3+iqK2hGX6oqJP2AKcL0BCjvuMDEW8h7K4JSi8LWC481r0nXVcItklwpXPme
3VBxuEcewKd0rvF+2q+7Ik37Yker+VusoOLCXdHepFOBbEchvhHzJBzVSnH9MnL6
/hHHYGRztYsuwyQSJp40yhBahyMU2xIqZYhNaFPqF0Q8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:04 2025 by rpki-client