Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8VP2oS41h4XExoUe9CwZAzvT79U.roa
File: 8VP2oS41h4XExoUe9CwZAzvT79U.roa (raw, json)
Hash identifier: tY6GyD2tppaUIV+dVwG7Yt2+3nOw55Zug8WMuw0h4vQ=
Subject key identifier: F1:53:F6:A1:2E:35:87:85:C4:C6:85:1E:F4:2C:19:03:3B:D3:EF:D5
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01918EEA906BB239DA3CEB3249BC10EC8E6F
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8VP2oS41h4XExoUe9CwZAzvT79U.roa
Signing time: Mon 26 Aug 2024 13:40:22 +0000
ROA not before: Mon 26 Aug 2024 13:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5591
IP address blocks: 217.22.172.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 28 Aug 2024 10:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:ea:90:6b:b2:39:da:3c:eb:32:49:bc:10:ec:8e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 26 13:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f153f6a12e358785c4c6851ef42c19033bd3efd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:b9:55:79:ea:25:18:11:52:31:09:9d:cc:
6e:4c:35:6f:97:0e:ec:e6:fd:c0:6f:b2:26:48:6e:
fa:ef:a0:00:3b:82:fd:55:bc:4f:4f:ed:c6:c7:fd:
a8:7e:43:bd:df:ea:fe:15:86:d9:5f:3b:e6:44:9c:
cb:1e:52:84:d0:0d:68:a1:87:38:54:70:65:2a:a1:
34:17:6f:f1:04:c7:45:90:22:72:7d:c5:2d:06:34:
77:81:e0:a0:fe:78:95:42:ee:ed:9c:da:6c:bb:85:
b5:07:04:38:9f:9a:1e:a1:e4:6e:6a:93:90:26:2b:
f7:4b:46:13:6a:09:e0:36:33:62:f6:e5:f5:27:aa:
32:36:40:1f:52:34:c0:2d:e3:bc:ce:e7:f0:b6:89:
dd:f4:d0:af:96:24:85:06:e2:a7:eb:fd:94:b2:b3:
69:29:a0:e1:82:f6:80:a8:c2:18:e1:6c:62:de:90:
23:b8:24:be:7c:53:bd:62:b5:bf:4c:cf:b2:dc:b4:
42:60:fe:ee:cb:44:6b:8d:03:ac:99:e8:42:c6:13:
98:60:11:43:8d:c5:5c:79:3b:5e:f0:f8:d3:83:f5:
a7:1c:fb:38:20:df:2b:6d:fb:e9:e3:68:39:f5:b7:
0e:50:fd:73:81:1c:09:52:58:67:b0:5a:f7:c2:af:
37:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:53:F6:A1:2E:35:87:85:C4:C6:85:1E:F4:2C:19:03:3B:D3:EF:D5
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8VP2oS41h4XExoUe9CwZAzvT79U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.172.0/23
Signature Algorithm: sha256WithRSAEncryption
84:3e:93:7a:c3:eb:66:90:d9:4c:72:56:88:5b:75:f2:43:78:
0e:55:6d:85:82:bc:19:b6:b8:d0:3f:10:ad:12:44:68:42:c1:
52:dd:9b:52:22:e2:af:ec:0e:d6:25:2a:e5:70:18:6a:47:53:
00:e7:a9:4d:9f:d9:68:5a:27:13:1a:4f:94:1f:61:72:df:39:
21:36:5c:43:b1:e5:f8:96:ce:3b:91:e1:36:6d:dc:80:f7:ed:
57:eb:55:d3:c8:02:a4:28:3d:fb:77:88:13:e9:18:32:ff:b4:
07:39:de:66:aa:22:0e:3f:86:b7:1f:72:a7:b2:54:d4:10:ee:
88:e6:db:31:56:3d:d7:09:8d:f2:cf:2d:be:48:20:8f:65:98:
6e:db:4c:f8:a9:1d:99:83:98:92:c0:e6:fa:37:70:af:f5:d7:
f4:86:29:1a:59:e4:7f:98:01:7e:3f:96:bd:65:c6:21:74:6f:
fe:16:8e:22:fd:88:f6:55:e8:f2:31:aa:89:3b:0b:70:ca:57:
aa:7f:90:fa:49:b5:56:9b:0e:cc:64:72:3d:10:3e:60:58:a3:
a5:e3:8f:42:ed:cb:c3:8d:ec:d2:15:d3:b5:6c:85:cd:da:78:
8a:7e:69:25:1c:0c:cd:07:09:b6:b1:8e:1d:10:7d:8b:60:ba:
70:68:10:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGO6pBrsjnaPOsySbwQ7I5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI2MTM0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTUzZjZhMTJlMzU4Nzg1YzRjNjg1MWVmNDJjMTkwMzNiZDNlZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXW5VXnqJRgRUjEJncxuTDVvlw7s
5v3Ab7ImSG7676AAO4L9VbxPT+3Gx/2ofkO93+r+FYbZXzvmRJzLHlKE0A1ooYc4
VHBlKqE0F2/xBMdFkCJyfcUtBjR3geCg/niVQu7tnNpsu4W1BwQ4n5oeoeRuapOQ
Jiv3S0YTagngNjNi9uX1J6oyNkAfUjTALeO8zufwtond9NCvliSFBuKn6/2UsrNp
KaDhgvaAqMIY4Wxi3pAjuCS+fFO9YrW/TM+y3LRCYP7uy0RrjQOsmehCxhOYYBFD
jcVceTte8PjTg/WnHPs4IN8rbfvp42g59bcOUP1zgRwJUlhnsFr3wq83HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFT9qEuNYeFxMaFHvQsGQM70+/VMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOFZQMm9TNDFoNFhFeG9VZTlDd1pBenZUNzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2RasMA0G
CSqGSIb3DQEBCwUAA4IBAQCEPpN6w+tmkNlMclaIW3XyQ3gOVW2FgrwZtrjQPxCt
EkRoQsFS3ZtSIuKv7A7WJSrlcBhqR1MA56lNn9loWicTGk+UH2Fy3zkhNlxDseX4
ls47keE2bdyA9+1X61XTyAKkKD37d4gT6Rgy/7QHOd5mqiIOP4a3H3KnslTUEO6I
5tsxVj3XCY3yzy2+SCCPZZhu20z4qR2Zg5iSwOb6N3Cv9df0hikaWeR/mAF+P5a9
ZcYhdG/+Fo4i/Yj2VejyMaqJOwtwyleqf5D6SbVWmw7MZHI9ED5gWKOl449C7cvD
jezSFdO1bIXN2niKfmklHAzNBwm2sY4dEH2LYLpwaBAq
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:58:14 2025 by rpki-client