Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/ngawrYqSGlycOmS4WQTqOdbkRfc.roa
File: ngawrYqSGlycOmS4WQTqOdbkRfc.roa (raw, json)
Hash identifier: P24l9bdtSASU8KYfzxlnDERL8dN0DJ69jZDvq7xDpBo=
Subject key identifier: 9E:06:B0:AD:8A:92:1A:5C:9C:3A:64:B8:59:04:EA:39:D6:E4:45:F7
Certificate issuer: /CN=bc75052b50256ba562904e6f134350d3e75ded58
Certificate serial: 01856BCA43309DF7E1F1943B3B0E455AFE38
Authority key identifier: BC:75:05:2B:50:25:6B:A5:62:90:4E:6F:13:43:50:D3:E7:5D:ED:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vHUFK1Ala6VikE5vE0NQ0-dd7Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/ngawrYqSGlycOmS4WQTqOdbkRfc.roa
Signing time: Sun 01 Jan 2023 05:24:55 +0000
ROA not before: Sun 01 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16356
IP address blocks: 217.144.33.0/24 maxlen: 24
217.144.34.0/24 maxlen: 24
217.144.32.0/20 maxlen: 20
217.144.32.0/21 maxlen: 21
217.144.40.0/22 maxlen: 22
217.144.44.0/24 maxlen: 24
217.144.47.0/24 maxlen: 24
217.144.45.0/24 maxlen: 24
217.144.46.0/24 maxlen: 24
2a02:2a10::/64 maxlen: 64
2a02:2a10::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:43:30:9d:f7:e1:f1:94:3b:3b:0e:45:5a:fe:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc75052b50256ba562904e6f134350d3e75ded58
Validity
Not Before: Jan 1 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e06b0ad8a921a5c9c3a64b85904ea39d6e445f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:14:41:81:be:71:4e:dd:d0:8a:21:56:35:7c:
c5:ee:8f:22:5f:3e:48:e0:91:b9:b8:23:82:e3:66:
f6:a7:41:d4:11:ff:34:13:3b:8e:60:f5:0f:33:8b:
f7:6e:44:2b:b2:33:91:49:8a:bd:60:f0:fa:57:87:
19:06:c6:3b:6e:ce:11:8b:a3:01:ab:e7:2f:c3:7f:
dc:1a:d6:4f:fd:79:be:7f:c0:c3:ff:42:5f:a3:3f:
f4:14:91:b9:ac:8c:44:75:ed:d1:3e:b8:00:b2:ea:
a4:7b:35:51:fd:60:8d:13:4f:39:d8:5a:37:f7:9c:
72:f3:da:1a:c4:bf:f6:94:9f:4b:ab:0c:66:e2:3e:
a8:e6:c0:19:f4:2b:da:83:fe:25:f3:df:4b:98:51:
af:1e:9f:3e:96:d2:56:39:2c:08:92:77:e3:51:a5:
9c:25:09:42:5f:f9:43:86:dd:71:a8:7e:8c:20:dd:
f4:03:85:ef:40:54:c9:7a:59:f6:95:44:c3:76:38:
d2:58:e5:88:43:db:36:97:67:c7:a4:53:14:72:c5:
05:02:d9:bb:d3:2f:1b:5c:26:18:c4:2f:3c:bf:72:
00:88:31:ed:0d:e8:14:61:d9:b2:57:09:01:7f:4b:
da:77:63:9c:7a:ee:50:41:84:d7:4e:de:9c:a5:ce:
a9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:06:B0:AD:8A:92:1A:5C:9C:3A:64:B8:59:04:EA:39:D6:E4:45:F7
X509v3 Authority Key Identifier:
keyid:BC:75:05:2B:50:25:6B:A5:62:90:4E:6F:13:43:50:D3:E7:5D:ED:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vHUFK1Ala6VikE5vE0NQ0-dd7Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/ngawrYqSGlycOmS4WQTqOdbkRfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/vHUFK1Ala6VikE5vE0NQ0-dd7Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.32.0/20
IPv6:
2a02:2a10::/32
Signature Algorithm: sha256WithRSAEncryption
48:ef:fa:9d:23:33:9a:74:8a:ef:02:2c:28:79:18:3a:97:24:
e4:a3:21:14:5b:70:01:26:c0:29:39:a9:a5:9d:5c:10:19:45:
8c:e6:95:5e:5f:43:0f:b8:c0:2f:c1:47:98:60:11:e1:4e:30:
ac:81:33:ad:b5:9a:2e:de:d8:e7:66:97:df:89:46:1c:90:97:
3f:12:ae:b1:da:5b:29:9c:a5:69:e2:b2:f4:86:af:da:94:fd:
80:0c:59:1f:45:9c:cd:e0:4b:32:23:66:63:64:29:e1:53:db:
a4:db:be:61:20:65:0c:50:73:15:5f:79:9b:76:88:71:06:50:
ed:c9:ce:15:09:d1:7d:9c:56:94:be:7f:ae:e4:2c:30:28:a3:
ad:b4:ff:ad:56:ef:f7:56:02:24:4e:c9:ad:79:bb:24:1d:45:
89:1e:a0:a3:2e:b4:f5:fa:c2:fa:25:12:85:bf:74:0e:5f:9f:
db:33:2f:b0:8c:49:49:c3:67:b9:98:cb:6e:fb:04:35:74:1e:
99:df:74:3d:f5:45:6d:0c:3b:3e:9e:01:bc:9d:c4:9a:dd:91:
86:3e:40:b4:f2:0e:68:4e:87:3e:2f:03:a1:75:b8:53:01:46:
dd:e6:c8:9b:ce:d2:20:81:8d:44:7f:2a:6f:59:89:21:57:da:
af:a6:7b:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrykMwnffh8ZQ7Ow5FWv44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNzUwNTJiNTAyNTZiYTU2MjkwNGU2ZjEzNDM1MGQzZTc1
ZGVkNTgwHhcNMjMwMTAxMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA2YjBhZDhhOTIxYTVjOWMzYTY0Yjg1OTA0ZWEzOWQ2ZTQ0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhRBgb5xTt3QiiFWNXzF7o8iXz5I
4JG5uCOC42b2p0HUEf80EzuOYPUPM4v3bkQrsjORSYq9YPD6V4cZBsY7bs4Ri6MB
q+cvw3/cGtZP/Xm+f8DD/0Jfoz/0FJG5rIxEde3RPrgAsuqkezVR/WCNE0852Fo3
95xy89oaxL/2lJ9Lqwxm4j6o5sAZ9Cvag/4l899LmFGvHp8+ltJWOSwIknfjUaWc
JQlCX/lDht1xqH6MIN30A4XvQFTJeln2lUTDdjjSWOWIQ9s2l2fHpFMUcsUFAtm7
0y8bXCYYxC88v3IAiDHtDegUYdmyVwkBf0vad2Oceu5QQYTXTt6cpc6pPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ4GsK2KkhpcnDpkuFkE6jnW5EX3MB8GA1UdIwQY
MBaAFLx1BStQJWulYpBObxNDUNPnXe1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkhVRksxQWxhNlZpa0U1dkUwTlEwLWRkN1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84ZmU4MmYtZTZjZi00YTYyLTg3ZGQt
ZWExM2ViNzk3ZThjLzEvbmdhd3JZcVNHbHljT21TNFdRVHFPZGJrUmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84ZmU4MmYtZTZjZi00YTYyLTg3ZGQtZWExM2ViNzk3ZThj
LzEvdkhVRksxQWxhNlZpa0U1dkUwTlEwLWRkN1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2ZAgMA0E
AgACMAcDBQAqAioQMA0GCSqGSIb3DQEBCwUAA4IBAQBI7/qdIzOadIrvAiwoeRg6
lyTkoyEUW3ABJsApOamlnVwQGUWM5pVeX0MPuMAvwUeYYBHhTjCsgTOttZou3tjn
ZpffiUYckJc/Eq6x2lspnKVp4rL0hq/alP2ADFkfRZzN4EsyI2ZjZCnhU9uk275h
IGUMUHMVX3mbdohxBlDtyc4VCdF9nFaUvn+u5CwwKKOttP+tVu/3VgIkTsmtebsk
HUWJHqCjLrT1+sL6JRKFv3QOX5/bMy+wjElJw2e5mMtu+wQ1dB6Z33Q99UVtDDs+
ngG8ncSa3ZGGPkC08g5oToc+LwOhdbhTAUbd5sibztIggY1EfypvWYkhV9qvpnu5
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:44 2024 by rpki-client on console-fra.rpki-client.org