Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/r4UIkHlHsMFQX9Llj1G8WeLsZbo.roa
File: r4UIkHlHsMFQX9Llj1G8WeLsZbo.roa (raw, json)
Hash identifier: EW7jRB59lbHiZWxW6erlbzKMIH0Yb61oWHYbbhbZaC8=
Subject key identifier: AF:85:08:90:79:47:B0:C1:50:5F:D2:E5:8F:51:BC:59:E2:EC:65:BA
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 018571699FEA613E7597BDCFE8D87FC4064E
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/r4UIkHlHsMFQX9Llj1G8WeLsZbo.roa
Signing time: Mon 02 Jan 2023 07:37:05 +0000
ROA not before: Mon 02 Jan 2023 07:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33567
IP address blocks: 217.15.125.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:9f:ea:61:3e:75:97:bd:cf:e8:d8:7f:c4:06:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 2 07:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af8508907947b0c1505fd2e58f51bc59e2ec65ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3f:aa:5f:04:5e:9c:7e:e7:55:94:72:97:f5:
1e:d2:18:79:12:77:5b:c7:d0:ad:f8:32:e9:32:2d:
da:e8:7c:74:73:71:c8:93:e8:63:85:f4:40:85:07:
e2:90:8c:d4:8f:db:84:9b:ad:fc:d7:00:5d:45:09:
03:a0:2e:24:4c:18:69:2a:83:bc:ea:47:63:66:6d:
1d:08:b9:3d:ed:c2:7d:38:0f:a6:8b:b7:de:e7:e9:
cd:4b:95:3d:cf:1e:d2:43:03:de:6f:5b:16:7e:30:
31:5f:4c:5f:6f:4b:40:ab:38:4e:2e:32:9c:91:5a:
0c:aa:90:4a:7c:2f:ab:f2:6f:6e:06:c2:14:65:6e:
0d:b3:99:bb:41:7d:c7:b7:b9:7b:c2:77:6e:93:7d:
ad:67:cf:c8:3a:9b:5c:ec:3f:d3:e6:f9:2d:52:90:
f8:38:60:12:41:0f:44:5f:a2:54:c5:d1:17:e9:32:
95:8e:fc:c6:19:dc:9d:1b:87:7e:37:18:6c:7d:c6:
f3:20:93:02:74:49:9c:6b:76:b4:b5:56:74:02:b6:
98:dc:2f:82:a8:9c:ad:d2:a6:24:19:f5:61:ea:c2:
5b:1b:27:ed:0f:27:7c:4d:26:1e:ab:92:93:25:74:
0d:95:87:53:75:bb:0d:e5:71:70:22:94:0a:74:3b:
b7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:85:08:90:79:47:B0:C1:50:5F:D2:E5:8F:51:BC:59:E2:EC:65:BA
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/r4UIkHlHsMFQX9Llj1G8WeLsZbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.15.125.0/24
Signature Algorithm: sha256WithRSAEncryption
90:bc:d0:bf:12:58:8c:b9:06:5d:c4:21:f7:43:94:83:3e:ff:
0d:25:94:00:6c:cd:29:96:08:72:15:01:95:66:d0:ce:19:14:
0c:6b:9d:ab:ba:4c:5f:48:bc:2f:1d:8f:75:34:82:30:e2:55:
34:bd:4b:8e:e5:23:3f:09:fd:21:a3:84:2b:0a:51:25:2e:d5:
1b:ae:ff:e4:e0:7d:3c:a9:0f:ef:51:09:79:ce:46:45:aa:8a:
88:84:82:d7:51:cb:40:b8:9b:02:37:85:53:ad:8e:df:1b:03:
bd:6b:bf:ce:81:a2:3c:57:40:ed:fa:0b:2d:ff:0e:10:67:9f:
9b:39:88:02:04:d2:14:5d:83:e4:b7:5a:aa:7e:7e:4c:33:b8:
74:98:9f:a6:e2:0e:fe:0f:e5:82:fe:0d:46:80:68:3b:be:ad:
5a:9c:b9:f3:4f:5e:c0:4c:d3:6f:50:0e:3f:58:f4:26:76:f7:
38:47:09:df:cd:39:7a:81:d1:44:80:b0:9b:9a:15:9d:a8:da:
54:b4:94:38:a8:90:82:dd:c8:d6:f3:37:27:e9:8c:14:96:61:
2d:74:bb:ae:ba:a1:d5:d5:b0:fd:94:f5:84:e3:56:45:5c:d9:
ff:69:ce:69:3c:01:8d:f0:85:1d:44:84:28:e8:17:e2:4f:e3:
76:ad:b4:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaZ/qYT51l73P6Nh/xAZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OTc2NzNjNzhlZmFlNWY2YmQ4MGEyNWFjZTNkM2MzNzE5
M2U3ODkwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg1MDg5MDc5NDdiMGMxNTA1ZmQyZTU4ZjUxYmM1OWUyZWM2NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4j+qXwRenH7nVZRyl/Ue0hh5Endb
x9Ct+DLpMi3a6Hx0c3HIk+hjhfRAhQfikIzUj9uEm6381wBdRQkDoC4kTBhpKoO8
6kdjZm0dCLk97cJ9OA+mi7fe5+nNS5U9zx7SQwPeb1sWfjAxX0xfb0tAqzhOLjKc
kVoMqpBKfC+r8m9uBsIUZW4Ns5m7QX3Ht7l7wnduk32tZ8/IOptc7D/T5vktUpD4
OGASQQ9EX6JUxdEX6TKVjvzGGdydG4d+NxhsfcbzIJMCdEmca3a0tVZ0AraY3C+C
qJyt0qYkGfVh6sJbGyftDyd8TSYeq5KTJXQNlYdTdbsN5XFwIpQKdDu3CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+FCJB5R7DBUF/S5Y9RvFni7GW6MB8GA1UdIwQY
MBaAFPSXZzx4765fa9gKJazj08Nxk+eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYt
NmUwNjk2ZmVlOGU2LzEvcjRVSWtIbEhzTUZRWDlMbGoxRzhXZUxzWmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYtNmUwNjk2ZmVlOGU2
LzEvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Q99MA0G
CSqGSIb3DQEBCwUAA4IBAQCQvNC/EliMuQZdxCH3Q5SDPv8NJZQAbM0plghyFQGV
ZtDOGRQMa52rukxfSLwvHY91NIIw4lU0vUuO5SM/Cf0ho4QrClElLtUbrv/k4H08
qQ/vUQl5zkZFqoqIhILXUctAuJsCN4VTrY7fGwO9a7/OgaI8V0Dt+gst/w4QZ5+b
OYgCBNIUXYPkt1qqfn5MM7h0mJ+m4g7+D+WC/g1GgGg7vq1anLnzT17ATNNvUA4/
WPQmdvc4RwnfzTl6gdFEgLCbmhWdqNpUtJQ4qJCC3cjW8zcn6YwUlmEtdLuuuqHV
1bD9lPWE41ZFXNn/ac5pPAGN8IUdRIQo6BfiT+N2rbRQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:34 2024 by rpki-client on console.sobornost.net