Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/17GaNOUz_aMd0KiyKJKGtFrfSeI.roa
File: 17GaNOUz_aMd0KiyKJKGtFrfSeI.roa (raw, json)
Hash identifier: pqJGUfrNUHbDrZjC/wQRKFT1Y/g+v6lPBJPe0JLjwik=
Subject key identifier: D7:B1:9A:34:E5:33:FD:A3:1D:D0:A8:B2:28:92:86:B4:5A:DF:49:E2
Certificate issuer: /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Certificate serial: 01856D0AE29C3F59A36BC757CFAD95698C0A
Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/17GaNOUz_aMd0KiyKJKGtFrfSeI.roa
Signing time: Sun 01 Jan 2023 11:15:07 +0000
ROA not before: Sun 01 Jan 2023 11:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 378
IP address blocks: 132.68.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Tue 04 Apr 2023 22:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e2:9c:3f:59:a3:6b:c7:57:cf:ad:95:69:8c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Validity
Not Before: Jan 1 11:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7b19a34e533fda31dd0a8b2289286b45adf49e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:34:e6:23:d4:4e:e9:bc:d7:60:52:af:e5:
d3:4a:78:0d:67:14:67:bc:1d:81:a1:a3:de:f7:54:
33:01:12:ea:f5:f2:ad:18:69:1d:a2:50:0d:20:ef:
6b:5a:ad:54:7f:3b:61:10:46:00:3f:5d:5f:3f:e2:
af:fc:85:c4:3a:55:e0:f7:ce:02:cf:e4:27:cd:ee:
23:58:61:d5:d3:bc:47:3a:77:ba:ab:f3:e6:f7:4a:
fd:46:fa:91:f9:b7:77:34:e0:6a:28:58:6f:9c:14:
a8:49:c5:a2:f7:ac:b9:24:4e:83:c9:3e:cf:09:be:
14:1b:79:dc:5a:54:e4:8d:07:e4:92:37:70:e5:39:
72:34:f6:96:89:83:aa:06:eb:eb:8c:00:c8:de:bd:
14:e3:9c:88:1c:32:54:6f:8d:f5:5c:65:d7:12:6c:
88:ee:02:52:83:f5:5d:cf:f6:42:b5:07:11:79:6d:
e7:fd:42:db:5f:10:ae:58:b1:fc:13:8b:9b:a0:59:
0c:c4:1e:50:9c:26:3f:60:be:ac:58:b4:70:19:21:
6f:b6:98:0b:04:30:cb:7c:ea:3d:68:09:e1:da:63:
33:b4:23:6b:7e:1c:6a:59:3e:32:01:03:8c:76:75:
94:c9:b6:8d:29:27:fb:a0:97:e9:e4:d3:4a:13:bf:
2c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B1:9A:34:E5:33:FD:A3:1D:D0:A8:B2:28:92:86:B4:5A:DF:49:E2
X509v3 Authority Key Identifier:
keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/17GaNOUz_aMd0KiyKJKGtFrfSeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.68.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a3:14:d8:72:3c:14:af:1d:70:23:b7:06:6c:d3:6c:a6:36:6d:
c4:c2:60:a5:ad:9b:0e:2d:b3:18:76:7c:62:ae:1d:f7:5b:88:
72:2d:99:64:3a:2f:25:5b:6e:46:ce:db:d2:22:5f:da:62:c2:
52:e0:ca:d4:45:9e:a0:2c:55:9a:fa:96:52:fa:61:f8:b6:db:
97:00:51:2a:26:de:ec:fc:1c:6e:e0:ba:42:03:f0:84:43:6e:
d7:60:c7:ad:76:48:58:81:36:c2:2a:c2:e7:b6:2a:4e:d8:5e:
e0:ee:73:c3:8e:74:46:af:00:a1:75:68:ba:22:6b:a6:cb:8d:
54:f6:28:0c:54:f8:ff:76:5b:b1:cb:b5:ea:43:08:05:e7:6c:
47:65:64:47:55:1d:98:0f:58:35:bf:64:28:fe:bc:f1:bd:b4:
86:c1:c6:77:93:72:33:7a:3d:5b:4b:45:21:ec:81:60:fe:d4:
e6:1f:b8:c6:e7:1b:83:9a:7c:e8:2e:4b:88:1e:54:3b:7f:e0:
19:c2:3b:b3:3a:d9:38:76:3e:7a:e6:da:0f:32:a6:43:11:0c:
85:12:0b:32:88:44:8d:93:d8:06:0e:a3:ce:96:63:be:18:0c:
79:e0:ed:01:65:1e:35:b6:91:95:ab:5e:d8:d4:2f:87:e2:44:
e6:9d:c2:97
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVtCuKcP1mja8dXz62VaYwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi
ZWE4ZTUwHhcNMjMwMTAxMTExNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IxOWEzNGU1MzNmZGEzMWRkMGE4YjIyODkyODZiNDVhZGY0OWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPM05iPUTum812BSr+XTSngNZxRn
vB2BoaPe91QzARLq9fKtGGkdolANIO9rWq1UfzthEEYAP11fP+Kv/IXEOlXg984C
z+Qnze4jWGHV07xHOne6q/Pm90r9RvqR+bd3NOBqKFhvnBSoScWi96y5JE6DyT7P
Cb4UG3ncWlTkjQfkkjdw5TlyNPaWiYOqBuvrjADI3r0U45yIHDJUb431XGXXEmyI
7gJSg/Vdz/ZCtQcReW3n/ULbXxCuWLH8E4uboFkMxB5QnCY/YL6sWLRwGSFvtpgL
BDDLfOo9aAnh2mMztCNrfhxqWT4yAQOMdnWUybaNKSf7oJfp5NNKE78sXwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNexmjTlM/2jHdCosiiShrRa30niMB8GA1UdIwQY
MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt
ZGRiOWU0ZGI5OGM2LzEvMTdHYU5PVXpfYU1kMEtpeUtKS0d0RnJmU2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2
LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEQwDQYJ
KoZIhvcNAQELBQADggEBAKMU2HI8FK8dcCO3BmzTbKY2bcTCYKWtmw4tsxh2fGKu
HfdbiHItmWQ6LyVbbkbO29IiX9piwlLgytRFnqAsVZr6llL6Yfi225cAUSom3uz8
HG7gukID8IRDbtdgx612SFiBNsIqwue2Kk7YXuDuc8OOdEavAKF1aLoia6bLjVT2
KAxU+P92W7HLtepDCAXnbEdlZEdVHZgPWDW/ZCj+vPG9tIbBxneTcjN6PVtLRSHs
gWD+1OYfuMbnG4OafOguS4geVDt/4BnCO7M62Th2Pnrm2g8ypkMRDIUSCzKIRI2T
2AYOo86WY74YDHng7QFlHjW2kZWrXtjUL4fiROadwpc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:10 2024 by rpki-client on console-ams.rpki-client.org