Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/iYtXKQLvRC9qd3M_aY8Q_d09q38.roa
File: iYtXKQLvRC9qd3M_aY8Q_d09q38.roa (raw, json)
Hash identifier: iTGdq6c9OJgY3gyXx6W9rPGueBCZ24PUrgKdXcH+yVI=
Subject key identifier: 89:8B:57:29:02:EF:44:2F:6A:77:73:3F:69:8F:10:FD:DD:3D:AB:7F
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01867AEB7798B952F22BD11CD0223CC6A7FB
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/iYtXKQLvRC9qd3M_aY8Q_d09q38.roa
Signing time: Wed 22 Feb 2023 20:58:17 +0000
ROA not before: Wed 22 Feb 2023 20:58:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 217.25.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:eb:77:98:b9:52:f2:2b:d1:1c:d0:22:3c:c6:a7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Feb 22 20:58:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=898b572902ef442f6a77733f698f10fddd3dab7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fc:45:d3:53:2f:61:90:63:7e:59:1c:6c:3e:
ed:51:ff:d8:e5:f4:7c:de:0a:58:4a:ab:f3:b9:9b:
6b:f3:91:2b:cf:dc:28:d7:b7:70:a2:6e:a0:5a:4f:
f8:5c:4f:7a:18:22:eb:f3:79:c9:ae:bb:3d:2d:be:
02:23:a7:c5:71:f2:22:a2:9a:48:54:a5:63:84:73:
54:0c:46:b7:78:25:cc:77:53:2c:bc:52:1b:55:71:
87:be:c7:b8:66:77:4d:b4:c2:50:36:c1:24:53:0a:
e7:30:d8:86:de:6e:42:fb:ea:51:8c:69:ec:5a:fc:
29:de:83:51:34:92:17:c7:96:40:80:7b:02:76:ae:
f8:cf:c0:9c:cc:ee:80:e8:99:bf:28:a6:f3:ab:0c:
ca:7f:f2:db:02:43:df:e4:db:1e:98:bb:2c:65:d8:
ad:49:27:16:93:36:0a:cc:98:ee:f2:3a:2b:4c:66:
41:5a:a7:d0:a2:3e:1c:86:b7:fc:a1:a8:f3:7e:a0:
1e:c2:dd:d6:c1:3b:a5:e5:b4:17:47:a1:58:96:40:
63:33:dc:93:3c:d1:b5:9b:1c:dc:27:95:2b:8f:c7:
8c:e4:6d:82:32:49:f8:16:20:80:49:c8:93:9e:ed:
dd:89:00:96:66:9e:d9:6e:fa:95:48:d4:3c:1b:2c:
bf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8B:57:29:02:EF:44:2F:6A:77:73:3F:69:8F:10:FD:DD:3D:AB:7F
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/iYtXKQLvRC9qd3M_aY8Q_d09q38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:f4:9f:2f:0a:f4:48:9c:a4:59:dd:e7:8e:3b:60:62:0b:bb:
34:27:84:66:28:67:1c:2f:0c:f5:68:75:11:40:23:01:b1:99:
03:78:28:a4:4d:8e:1d:e8:b8:c4:fd:b9:20:1c:23:07:d4:09:
7a:31:93:d2:c7:d1:81:80:3e:a0:20:10:f6:ce:0c:c3:4f:08:
95:87:7c:ae:97:8d:f4:f7:bf:33:eb:01:92:f6:50:e3:b0:be:
bd:1e:eb:fd:2e:6c:c3:20:6b:26:cb:1b:43:aa:27:e5:7b:30:
5b:5b:bf:a0:90:99:09:dc:6e:56:8f:62:3a:0d:33:c1:59:70:
d2:21:51:21:c0:de:5c:18:28:f3:9e:95:95:5b:1b:bc:71:e9:
68:5a:3b:e6:30:90:b0:08:ad:8d:15:c0:60:19:72:58:cf:a0:
d3:6e:2e:57:37:65:5d:72:18:89:e5:d9:56:fb:e0:ed:37:24:
2e:8f:d3:ef:d7:5f:f4:95:4d:f3:c7:2c:bb:55:90:b3:a0:e1:
c4:11:f6:9b:01:b9:3b:06:d4:ad:41:ea:ed:39:49:23:ee:0a:
88:86:11:7f:d6:7d:f3:bf:1e:b8:55:40:08:56:74:cc:e7:28:
79:c2:10:ef:e3:99:f2:d2:5c:04:77:90:af:82:df:7e:e0:3c:
50:aa:25:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ663eYuVLyK9Ec0CI8xqf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMjIyMjA1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThiNTcyOTAyZWY0NDJmNmE3NzczM2Y2OThmMTBmZGRkM2RhYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfxF01MvYZBjflkcbD7tUf/Y5fR8
3gpYSqvzuZtr85Erz9wo17dwom6gWk/4XE96GCLr83nJrrs9Lb4CI6fFcfIioppI
VKVjhHNUDEa3eCXMd1MsvFIbVXGHvse4ZndNtMJQNsEkUwrnMNiG3m5C++pRjGns
Wvwp3oNRNJIXx5ZAgHsCdq74z8CczO6A6Jm/KKbzqwzKf/LbAkPf5NsemLssZdit
SScWkzYKzJju8jorTGZBWqfQoj4chrf8oajzfqAewt3WwTul5bQXR6FYlkBjM9yT
PNG1mxzcJ5Urj8eM5G2CMkn4FiCASciTnu3diQCWZp7ZbvqVSNQ8Gyy/3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImLVykC70QvandzP2mPEP3dPat/MB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvaVl0WEtRTHZSQzlxZDNNX2FZOFFfZDA5cTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G
CSqGSIb3DQEBCwUAA4IBAQBK9J8vCvRInKRZ3eeOO2BiC7s0J4RmKGccLwz1aHUR
QCMBsZkDeCikTY4d6LjE/bkgHCMH1Al6MZPSx9GBgD6gIBD2zgzDTwiVh3yul430
978z6wGS9lDjsL69Huv9LmzDIGsmyxtDqiflezBbW7+gkJkJ3G5Wj2I6DTPBWXDS
IVEhwN5cGCjznpWVWxu8celoWjvmMJCwCK2NFcBgGXJYz6DTbi5XN2VdchiJ5dlW
++DtNyQuj9Pv11/0lU3zxyy7VZCzoOHEEfabAbk7BtStQertOUkj7gqIhhF/1n3z
vx64VUAIVnTM5yh5whDv45ny0lwEd5Cvgt9+4DxQqiVi
-----END CERTIFICATE-----
Generated at Sat Jul 22 12:33:42 2023 by rpki-client on console-fra.rpki-client.org