Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/ptM7dUX5zvQAOKZAYJfDOTwncT0.roa
File: ptM7dUX5zvQAOKZAYJfDOTwncT0.roa (raw, json)
Hash identifier: hu78VgBReCbOWPQePbtLcWHqeOeGfOZgLVDGJiCTZzs=
Subject key identifier: A6:D3:3B:75:45:F9:CE:F4:00:38:A6:40:60:97:C3:39:3C:27:71:3D
Certificate issuer: /CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Certificate serial: 018698CCD303D10904A90DA1B8772F704B75
Authority key identifier: 6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/ptM7dUX5zvQAOKZAYJfDOTwncT0.roa
Signing time: Tue 28 Feb 2023 16:13:25 +0000
ROA not before: Tue 28 Feb 2023 16:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29488
IP address blocks: 217.74.176.0/20 maxlen: 20
2001:1a30::/33 maxlen: 33
2001:1a30:8000::/34 maxlen: 34
2001:1a30::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Feb 2023 18:19:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:cc:d3:03:d1:09:04:a9:0d:a1:b8:77:2f:70:4b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Validity
Not Before: Feb 28 16:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6d33b7545f9cef40038a6406097c3393c27713d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a3:a7:71:38:e3:2f:17:90:43:32:c4:24:47:
f5:fd:8a:b2:31:4a:dc:6a:02:fe:2a:f5:05:12:01:
87:45:07:30:b4:bd:1c:24:f7:00:54:09:c0:b8:e7:
6f:0e:66:26:46:ee:fa:37:53:e2:20:2b:aa:ba:51:
e3:39:43:97:36:9d:5c:fb:c1:02:e8:2c:e5:d9:78:
39:42:97:a5:22:9c:11:0f:7e:50:7d:68:e7:d1:98:
b0:5e:79:21:eb:a0:2e:98:8d:1c:f3:ea:b4:1c:b6:
df:f5:07:c4:d2:67:03:b2:a0:cc:25:1a:46:8d:41:
d8:37:03:46:46:7c:c1:21:12:eb:cf:14:87:97:89:
2a:37:d9:31:93:a1:6b:35:13:f7:68:5c:2f:ff:f3:
df:ca:e2:41:c5:bb:7a:b2:b0:2c:af:c8:a1:bb:d7:
d5:bd:33:12:94:c6:6b:e4:a2:da:7e:a5:a2:5d:c9:
7e:49:ff:e8:b9:ed:ce:76:e1:42:f2:38:c8:51:d5:
9d:3b:ba:5a:5e:14:db:fb:39:8e:96:39:b8:7d:f7:
1f:15:d6:e7:b9:dc:11:1a:53:25:fb:1c:0a:d2:17:
00:50:93:c6:4d:31:89:60:34:e0:78:a2:6c:8a:1e:
34:78:a4:ad:cf:12:08:80:5e:a9:6c:e7:b5:52:37:
b2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D3:3B:75:45:F9:CE:F4:00:38:A6:40:60:97:C3:39:3C:27:71:3D
X509v3 Authority Key Identifier:
keyid:6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/ptM7dUX5zvQAOKZAYJfDOTwncT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.74.176.0/20
IPv6:
2001:1a30::/32
Signature Algorithm: sha256WithRSAEncryption
2a:3e:8f:8b:7b:49:db:41:3b:61:2d:df:53:10:8e:97:d1:f1:
97:ef:f3:f4:bc:0c:8d:5d:e9:a4:61:e5:ae:b7:d9:df:22:ca:
01:e7:c4:57:13:b9:b7:36:9b:43:be:1b:59:aa:3a:78:dd:d5:
9a:d6:cd:3f:44:1c:91:67:40:93:d2:03:98:19:b6:93:5a:f9:
a3:9d:73:97:f0:f5:1c:75:24:d1:92:a5:82:24:9d:07:31:39:
02:cf:5a:16:d5:ad:9c:ae:b2:f0:f2:0c:6a:f7:96:fa:fb:92:
33:70:80:3f:f6:64:eb:f8:7e:41:c8:8b:0e:32:71:5c:cd:fa:
d3:6a:34:d6:20:90:60:cb:11:50:01:e6:7e:b0:a3:3c:c8:e1:
6b:24:e1:2b:70:25:05:ae:b7:66:45:74:1e:1f:0d:d0:e7:e5:
ba:5a:1e:8b:44:35:3c:4b:25:33:7e:50:45:1b:30:12:80:b7:
d0:95:82:2a:24:16:28:f5:3d:30:32:a2:50:14:f7:f1:cc:96:
a4:e6:ab:7b:25:00:03:4d:2a:50:97:46:dd:77:5b:fc:0a:34:
49:7f:31:84:3e:65:57:a2:e0:be:01:b6:62:48:d3:d7:bf:37:
a8:fa:b7:c0:4c:40:d6:4c:22:8b:47:98:28:41:f1:1d:82:c8:
f1:28:ea:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaYzNMD0QkEqQ2huHcvcEt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYWFlNTU2MTNmYzg5NTg2ZjdiZDZkZTBlZGNhMDk3Yjg2
MTVhNmEwHhcNMjMwMjI4MTYxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmQzM2I3NTQ1ZjljZWY0MDAzOGE2NDA2MDk3YzMzOTNjMjc3MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqOncTjjLxeQQzLEJEf1/YqyMUrc
agL+KvUFEgGHRQcwtL0cJPcAVAnAuOdvDmYmRu76N1PiICuqulHjOUOXNp1c+8EC
6Czl2Xg5QpelIpwRD35QfWjn0ZiwXnkh66AumI0c8+q0HLbf9QfE0mcDsqDMJRpG
jUHYNwNGRnzBIRLrzxSHl4kqN9kxk6FrNRP3aFwv//PfyuJBxbt6srAsr8ihu9fV
vTMSlMZr5KLafqWiXcl+Sf/oue3OduFC8jjIUdWdO7paXhTb+zmOljm4ffcfFdbn
udwRGlMl+xwK0hcAUJPGTTGJYDTgeKJsih40eKStzxIIgF6pbOe1UjeyXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKbTO3VF+c70ADimQGCXwzk8J3E9MB8GA1UdIwQY
MBaAFG+q5VYT/IlYb3vW3g7coJe4YVpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUt
MWIxMjY0MWY0OTNiLzEvcHRNN2RVWDV6dlFBT0taQVlKZkRPVHduY1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUtMWIxMjY0MWY0OTNi
LzEvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UqwMA0E
AgACMAcDBQAgARowMA0GCSqGSIb3DQEBCwUAA4IBAQAqPo+Le0nbQTthLd9TEI6X
0fGX7/P0vAyNXemkYeWut9nfIsoB58RXE7m3NptDvhtZqjp43dWa1s0/RByRZ0CT
0gOYGbaTWvmjnXOX8PUcdSTRkqWCJJ0HMTkCz1oW1a2crrLw8gxq95b6+5IzcIA/
9mTr+H5ByIsOMnFczfrTajTWIJBgyxFQAeZ+sKM8yOFrJOErcCUFrrdmRXQeHw3Q
5+W6Wh6LRDU8SyUzflBFGzASgLfQlYIqJBYo9T0wMqJQFPfxzJak5qt7JQADTSpQ
l0bdd1v8CjRJfzGEPmVXouC+AbZiSNPXvzeo+rfATEDWTCKLR5goQfEdgsjxKOrE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:34 2024 by rpki-client on console-ams.rpki-client.org