Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/yNITVD9FyOu8Ov9cL0hngbhgkEo.roa
File: yNITVD9FyOu8Ov9cL0hngbhgkEo.roa (raw, json)
Hash identifier: yqGJwNLWFbKA/tZBy01pud6UAoDsOUj98oiaPyF/MLA=
Subject key identifier: C8:D2:13:54:3F:45:C8:EB:BC:3A:FF:5C:2F:48:67:81:B8:60:90:4A
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018570707D5A2E5530CE5E9864A1A356A817
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/yNITVD9FyOu8Ov9cL0hngbhgkEo.roa
Signing time: Mon 02 Jan 2023 03:04:58 +0000
ROA not before: Mon 02 Jan 2023 03:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 217.25.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:7d:5a:2e:55:30:ce:5e:98:64:a1:a3:56:a8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 03:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8d213543f45c8ebbc3aff5c2f486781b860904a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:08:7c:4e:29:8d:37:f6:e2:bf:87:15:6c:be:
eb:5f:28:a6:dc:c7:35:33:3e:15:b7:0a:ac:4e:14:
fa:32:d7:2d:ab:74:59:86:0d:7b:1a:02:d9:9c:c9:
76:62:76:bf:8d:32:09:e4:70:a0:04:0e:ab:7b:21:
3b:80:be:1e:d1:a0:c3:db:67:8f:75:da:23:91:2c:
73:3f:59:4a:4d:49:fd:95:9d:39:89:2a:ff:35:9e:
d5:a9:29:86:2c:0a:cd:cd:a3:e2:e7:aa:7d:52:13:
cc:3a:14:37:70:27:07:1f:87:ff:72:2d:dc:a6:30:
39:6e:62:3b:0f:56:29:2f:42:a5:62:b8:69:24:41:
82:fb:bd:82:a6:cd:ac:65:d2:1d:3a:3e:9e:6d:06:
68:5f:55:cf:59:57:fd:27:37:d3:c2:47:e9:e2:01:
9d:ab:ff:18:59:cb:9d:9c:0a:ab:d3:f9:c0:8f:74:
5a:b1:ec:6a:ea:26:46:0c:29:c4:75:d9:4b:b4:11:
c0:00:ae:d4:6b:b9:24:9e:5b:5a:09:1f:ee:19:39:
b1:ce:c4:99:2e:da:e1:04:b4:ca:d1:95:fe:e5:18:
2b:5f:ac:8c:c3:66:bd:20:18:3f:06:6c:da:37:43:
ba:ca:a8:55:5f:98:fe:36:a5:b7:db:92:da:57:94:
5c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D2:13:54:3F:45:C8:EB:BC:3A:FF:5C:2F:48:67:81:B8:60:90:4A
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/yNITVD9FyOu8Ov9cL0hngbhgkEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f0:94:12:0f:dd:fe:56:54:fd:47:8f:57:73:62:af:bd:1d:
8d:60:9e:b1:ef:ed:eb:31:b0:9c:b5:80:22:88:f7:26:31:f3:
ae:57:45:77:0f:90:dc:e6:4a:00:08:4a:db:e3:96:c3:db:80:
34:e0:f5:41:d0:c8:16:7d:e7:4d:15:51:bb:1a:7e:07:37:6c:
16:70:e5:05:a3:67:e1:e0:32:0f:9e:8c:6f:ee:9a:4f:62:c5:
57:67:9c:65:8f:61:b0:74:27:ed:15:7d:6b:c9:db:7d:49:83:
e6:58:3e:d6:f5:01:d6:5c:10:cc:14:6e:20:1b:1f:c4:8e:6b:
77:3b:30:34:41:46:5d:e0:87:c2:4c:83:06:2b:c3:d0:21:97:
d2:eb:53:3b:6a:d7:c6:17:22:c0:ec:38:33:14:4e:9e:b2:6a:
1f:cc:ab:3b:e7:c6:68:e8:7e:ae:00:a9:5f:f7:14:1f:a5:b2:
15:57:d0:13:4b:9f:61:14:71:86:cb:c8:19:67:39:58:ee:69:
07:5b:c2:83:af:b9:6b:bd:d2:86:f4:e0:fc:23:09:9b:89:e8:
57:29:d3:bc:07:4b:6f:39:d4:f0:7e:5b:e3:8d:fa:8c:12:44:
c6:9b:8c:39:32:1f:4a:96:c7:a8:fa:83:4d:75:09:68:50:43:
10:41:2b:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcH1aLlUwzl6YZKGjVqgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMTAyMDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQyMTM1NDNmNDVjOGViYmMzYWZmNWMyZjQ4Njc4MWI4NjA5MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwh8TimNN/biv4cVbL7rXyim3Mc1
Mz4VtwqsThT6Mtctq3RZhg17GgLZnMl2Yna/jTIJ5HCgBA6reyE7gL4e0aDD22eP
ddojkSxzP1lKTUn9lZ05iSr/NZ7VqSmGLArNzaPi56p9UhPMOhQ3cCcHH4f/ci3c
pjA5bmI7D1YpL0KlYrhpJEGC+72Cps2sZdIdOj6ebQZoX1XPWVf9JzfTwkfp4gGd
q/8YWcudnAqr0/nAj3Rasexq6iZGDCnEddlLtBHAAK7Ua7kknltaCR/uGTmxzsSZ
LtrhBLTK0ZX+5RgrX6yMw2a9IBg/BmzaN0O6yqhVX5j+NqW325LaV5RcrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjSE1Q/RcjrvDr/XC9IZ4G4YJBKMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEveU5JVFZEOUZ5T3U4T3Y5Y0wwaG5nYmhna0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G
CSqGSIb3DQEBCwUAA4IBAQBG8JQSD93+VlT9R49Xc2KvvR2NYJ6x7+3rMbCctYAi
iPcmMfOuV0V3D5Dc5koACErb45bD24A04PVB0MgWfedNFVG7Gn4HN2wWcOUFo2fh
4DIPnoxv7ppPYsVXZ5xlj2GwdCftFX1rydt9SYPmWD7W9QHWXBDMFG4gGx/Ejmt3
OzA0QUZd4IfCTIMGK8PQIZfS61M7atfGFyLA7DgzFE6esmofzKs758Zo6H6uAKlf
9xQfpbIVV9ATS59hFHGGy8gZZzlY7mkHW8KDr7lrvdKG9OD8IwmbiehXKdO8B0tv
OdTwflvjjfqMEkTGm4w5Mh9Klseo+oNNdQloUEMQQSs+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:39 2023 by rpki-client on console-ams.rpki-client.org