Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/x-RCdPX9ggAm2abmqW5Ctb7HfFI.roa
File: x-RCdPX9ggAm2abmqW5Ctb7HfFI.roa (raw, json)
Hash identifier: SI7lsDr7uhKPscv2WPFrJWTYbomjilGw3QOqt1n3APs=
Subject key identifier: C7:E4:42:74:F5:FD:82:00:26:D9:A6:E6:A9:6E:42:B5:BE:C7:7C:52
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018C3A2AD66FB31238B1E80C9BD452F75465
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/x-RCdPX9ggAm2abmqW5Ctb7HfFI.roa
Signing time: Tue 05 Dec 2023 13:28:54 +0000
ROA not before: Tue 05 Dec 2023 13:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 217.25.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:2a:d6:6f:b3:12:38:b1:e8:0c:9b:d4:52:f7:54:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Dec 5 13:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7e44274f5fd820026d9a6e6a96e42b5bec77c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9f:5a:30:72:f2:ae:ff:69:28:ae:24:55:95:
71:7b:51:f6:da:a1:0c:d2:4a:07:49:96:1a:b6:46:
1b:c9:13:73:2f:6b:03:e3:a7:71:bb:08:0b:37:d1:
77:c4:21:27:57:d9:49:9e:e1:d9:59:1d:22:48:e4:
4b:9a:36:67:91:f5:0a:47:8e:6b:88:c3:f9:bc:d8:
0c:5a:18:08:5f:76:28:af:5f:8e:06:2e:d2:23:a9:
25:a8:07:58:7b:f0:20:c5:39:ef:91:e3:52:61:3c:
dd:a2:5a:75:8c:ea:34:ea:2f:8b:1a:fa:cd:69:1e:
84:f5:01:f9:b2:6f:6d:3c:5c:86:c7:0a:8a:bc:b2:
3f:84:67:3c:68:72:e3:97:46:42:4e:13:3f:66:5e:
f9:68:15:35:86:8d:fd:4a:7d:27:35:fa:49:8a:f0:
b6:b7:4a:3b:17:e3:46:e2:62:7e:2c:72:3f:53:27:
44:cd:fb:05:5e:11:1f:73:43:86:e8:a0:54:ea:06:
40:f9:ac:58:af:9b:7f:8b:ca:e3:7c:fc:c5:3c:7e:
30:58:3c:db:e5:4a:52:f1:59:01:04:17:9f:ee:5c:
6c:ab:2f:c7:a4:63:a1:9a:40:18:82:00:93:35:2b:
14:94:0b:5a:ad:8f:77:a9:3e:b9:d0:da:a0:2f:a4:
f3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E4:42:74:F5:FD:82:00:26:D9:A6:E6:A9:6E:42:B5:BE:C7:7C:52
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/x-RCdPX9ggAm2abmqW5Ctb7HfFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ab:40:d4:c6:d8:e0:84:d5:90:7d:25:97:32:f1:b6:1f:8f:
81:a9:11:e2:cd:c1:45:9c:d8:21:39:f7:3a:56:c1:0e:1e:63:
f3:86:35:e5:62:3c:90:9d:b3:27:7c:af:9f:b5:f1:1a:2c:db:
de:fc:38:a5:47:46:db:88:03:73:e5:44:1a:0b:b6:56:6c:1b:
4d:36:cf:3a:60:47:8c:b2:cd:f0:94:a5:c3:61:9c:1d:3a:43:
c2:ef:cc:75:12:66:b0:9c:9d:b8:2d:de:37:65:e9:15:3a:b9:
60:d6:5d:14:db:b4:f0:3a:07:53:f5:c5:ba:65:34:90:d4:27:
a3:39:83:3f:df:68:47:76:ef:9b:63:26:9d:99:25:2b:53:54:
f8:e7:e3:0c:fd:e1:96:ec:fb:de:39:f1:eb:2a:c3:42:c4:21:
1f:ee:d6:c9:d5:b4:4e:aa:89:f4:76:cf:8e:73:fa:50:d5:2f:
a9:fd:8e:3f:98:f7:c7:4a:56:97:09:d4:4b:62:44:d8:a3:8a:
c6:23:8c:52:e4:02:2f:bf:8d:16:71:bc:bb:89:6f:62:bb:37:
4a:71:12:93:7f:ce:85:48:4f:dc:41:f5:06:24:e2:31:12:19:
ee:c9:a8:cc:02:ef:c6:11:b3:d5:36:a0:01:90:aa:77:9d:55:
ef:bc:56:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw6KtZvsxI4segMm9RS91RlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMjA1MTMyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U0NDI3NGY1ZmQ4MjAwMjZkOWE2ZTZhOTZlNDJiNWJlYzc3YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg59aMHLyrv9pKK4kVZVxe1H22qEM
0koHSZYatkYbyRNzL2sD46dxuwgLN9F3xCEnV9lJnuHZWR0iSORLmjZnkfUKR45r
iMP5vNgMWhgIX3Yor1+OBi7SI6klqAdYe/AgxTnvkeNSYTzdolp1jOo06i+LGvrN
aR6E9QH5sm9tPFyGxwqKvLI/hGc8aHLjl0ZCThM/Zl75aBU1ho39Sn0nNfpJivC2
t0o7F+NG4mJ+LHI/UydEzfsFXhEfc0OG6KBU6gZA+axYr5t/i8rjfPzFPH4wWDzb
5UpS8VkBBBef7lxsqy/HpGOhmkAYggCTNSsUlAtarY93qT650NqgL6TzTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfkQnT1/YIAJtmm5qluQrW+x3xSMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEveC1SQ2RQWDlnZ0FtMmFibXFXNUN0YjdIZkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkDMA0G
CSqGSIb3DQEBCwUAA4IBAQByq0DUxtjghNWQfSWXMvG2H4+BqRHizcFFnNghOfc6
VsEOHmPzhjXlYjyQnbMnfK+ftfEaLNve/DilR0bbiANz5UQaC7ZWbBtNNs86YEeM
ss3wlKXDYZwdOkPC78x1EmawnJ24Ld43ZekVOrlg1l0U27TwOgdT9cW6ZTSQ1Cej
OYM/32hHdu+bYyadmSUrU1T45+MM/eGW7PveOfHrKsNCxCEf7tbJ1bROqon0ds+O
c/pQ1S+p/Y4/mPfHSlaXCdRLYkTYo4rGI4xS5AIvv40Wcby7iW9iuzdKcRKTf86F
SE/cQfUGJOIxEhnuyajMAu/GEbPVNqABkKp3nVXvvFZz
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:48 2024 by rpki-client on console-fra.rpki-client.org