Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/8q2xFTOwXIoMvMcddKfb9a6EuhU.roa
File: 8q2xFTOwXIoMvMcddKfb9a6EuhU.roa (raw, json)
Hash identifier: WIrysLAsJKzP8lbjRU5Wh9BMyT6XnWs1uxbFWaSPX0E=
Subject key identifier: F2:AD:B1:15:33:B0:5C:8A:0C:BC:C7:1D:74:A7:DB:F5:AE:84:BA:15
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018577221A306B304431E558CA25FCE73499
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/8q2xFTOwXIoMvMcddKfb9a6EuhU.roa
Signing time: Tue 03 Jan 2023 10:16:41 +0000
ROA not before: Tue 03 Jan 2023 10:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 217.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:22:1a:30:6b:30:44:31:e5:58:ca:25:fc:e7:34:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 3 10:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2adb11533b05c8a0cbcc71d74a7dbf5ae84ba15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:02:f0:6a:84:df:25:6d:59:9b:b3:37:f0:
9f:59:60:ad:61:4c:fb:16:91:e0:6a:04:fd:60:f3:
d3:4c:6f:ad:72:f8:d3:b6:85:da:ad:e0:cc:94:1f:
04:c9:b6:d7:22:b1:e3:73:69:e9:23:b9:91:2b:72:
7c:89:f8:77:5e:d5:bb:ac:34:10:ec:35:a9:5b:de:
05:79:c8:d1:7c:0f:4a:c6:f0:bd:38:85:e9:80:af:
9a:4f:e3:f9:4f:1a:f4:e5:6a:91:8d:76:44:91:43:
b1:0d:f1:9b:39:c3:5e:af:ba:ae:d8:c2:10:72:cd:
94:5f:3f:ea:da:87:81:e7:2f:2f:7d:48:cb:40:93:
4b:e6:23:1d:62:60:19:39:15:0e:aa:a9:d3:8d:e0:
08:d9:be:29:8e:7e:ae:99:b9:41:82:d7:83:b4:91:
60:eb:a1:ac:0d:98:66:79:bf:7d:ac:5d:da:1c:4b:
48:18:74:67:dd:e7:b8:0c:dc:df:6a:f1:21:18:4c:
d7:dd:5a:4c:7a:0a:1a:31:a7:fb:5d:30:2b:c7:01:
88:1f:54:24:2f:18:4d:e4:11:28:f8:80:c3:f8:6d:
ef:ce:16:9f:26:6d:fc:78:11:c6:c2:39:5d:f3:21:
b7:e9:5f:df:f8:3c:45:23:cf:26:56:b1:86:dd:4e:
c6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AD:B1:15:33:B0:5C:8A:0C:BC:C7:1D:74:A7:DB:F5:AE:84:BA:15
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/8q2xFTOwXIoMvMcddKfb9a6EuhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:62:2d:b5:72:41:1f:84:cf:9c:02:aa:59:b0:1d:27:fa:17:
7a:e7:ad:e2:ec:4d:ed:46:ef:30:5c:a2:2d:fa:05:06:cc:57:
3c:ef:18:6c:90:32:ec:08:4a:8a:95:04:f7:7c:74:bc:33:75:
a4:20:40:40:55:73:a6:37:b6:2e:80:75:af:86:d3:01:7e:ab:
2a:3b:3d:1a:61:e9:30:b6:b7:7f:b6:1e:54:2f:ec:3e:2e:8d:
a9:25:61:27:dd:64:80:cc:f5:ab:e4:a0:0c:15:cc:4f:c2:5d:
8d:f2:c7:ab:79:0f:bb:f0:54:8b:ff:7e:0d:39:d4:b4:fd:25:
e0:fc:31:a8:45:58:d4:58:20:43:9b:c7:7d:6c:38:95:fc:8b:
11:0b:fe:fa:92:12:ee:bf:1c:6a:a9:41:cc:34:ef:9b:cf:f4:
92:d3:9c:3e:ce:a7:fb:21:47:c8:17:cc:0b:96:37:62:6d:73:
18:a5:f0:99:9c:7c:7f:a0:04:4c:29:8d:a3:67:c3:97:88:ec:
57:d4:fd:eb:76:37:19:f0:e3:1f:8a:12:8c:4f:d6:f1:2c:15:
d9:f0:93:67:a5:0d:e8:6a:f0:d4:29:a8:17:e9:da:b6:4e:b8:
78:76:2c:8b:ae:8e:a4:21:c6:28:28:2e:06:f0:29:28:76:9b:
87:a2:d5:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV3IhowazBEMeVYyiX85zSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMTAzMTAxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFkYjExNTMzYjA1YzhhMGNiY2M3MWQ3NGE3ZGJmNWFlODRiYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpkC8GqE3yVtWZuzN/CfWWCtYUz7
FpHgagT9YPPTTG+tcvjTtoXareDMlB8EybbXIrHjc2npI7mRK3J8ifh3XtW7rDQQ
7DWpW94FecjRfA9KxvC9OIXpgK+aT+P5Txr05WqRjXZEkUOxDfGbOcNer7qu2MIQ
cs2UXz/q2oeB5y8vfUjLQJNL5iMdYmAZORUOqqnTjeAI2b4pjn6umblBgteDtJFg
66GsDZhmeb99rF3aHEtIGHRn3ee4DNzfavEhGEzX3VpMegoaMaf7XTArxwGIH1Qk
LxhN5BEo+IDD+G3vzhafJm38eBHGwjld8yG36V/f+DxFI88mVrGG3U7G7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKtsRUzsFyKDLzHHXSn2/WuhLoVMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvOHEyeEZUT3dYSW9Ndk1jZGRLZmI5YTZFdWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkBMA0G
CSqGSIb3DQEBCwUAA4IBAQBtYi21ckEfhM+cAqpZsB0n+hd6563i7E3tRu8wXKIt
+gUGzFc87xhskDLsCEqKlQT3fHS8M3WkIEBAVXOmN7YugHWvhtMBfqsqOz0aYekw
trd/th5UL+w+Lo2pJWEn3WSAzPWr5KAMFcxPwl2N8sereQ+78FSL/34NOdS0/SXg
/DGoRVjUWCBDm8d9bDiV/IsRC/76khLuvxxqqUHMNO+bz/SS05w+zqf7IUfIF8wL
ljdibXMYpfCZnHx/oARMKY2jZ8OXiOxX1P3rdjcZ8OMfihKMT9bxLBXZ8JNnpQ3o
avDUKagX6dq2Trh4diyLro6kIcYoKC4G8CkodpuHotUB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org