Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/p5hBqbZ7DRWmkgkKngI718xWS2Y.roa
File: p5hBqbZ7DRWmkgkKngI718xWS2Y.roa (raw, json)
Hash identifier: lsAsoWdIJAiJ5SqcHkxj5p/L/ResLIJIpxkUZrxk8cg=
Subject key identifier: A7:98:41:A9:B6:7B:0D:15:A6:92:09:0A:9E:02:3B:D7:CC:56:4B:66
Certificate issuer: /CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Certificate serial: 0185707087F98AACEB13E011EFC46AB92FE6
Authority key identifier: 67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/p5hBqbZ7DRWmkgkKngI718xWS2Y.roa
Signing time: Mon 02 Jan 2023 03:05:01 +0000
ROA not before: Mon 02 Jan 2023 03:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 217.30.3.0/24 maxlen: 24
217.30.0.0/23 maxlen: 23
217.30.0.0/22 maxlen: 22
217.30.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:87:f9:8a:ac:eb:13:e0:11:ef:c4:6a:b9:2f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Validity
Not Before: Jan 2 03:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a79841a9b67b0d15a692090a9e023bd7cc564b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e8:2a:a9:7e:f5:1d:28:c9:1a:98:5b:25:d3:
e6:d3:73:78:40:43:b6:a3:84:1d:33:f4:75:a6:be:
14:88:19:e5:29:f1:c6:e5:ab:41:24:26:b1:1f:e7:
02:e1:17:a3:10:53:de:ad:64:b6:6b:4b:a0:9d:f6:
4d:fb:4f:e1:ba:9e:81:58:bb:37:7b:b0:39:ef:9e:
c2:6c:a7:f8:94:59:22:4e:91:d5:a2:33:90:f6:06:
66:11:e7:85:81:7b:db:4b:8f:38:29:66:da:f4:4f:
4e:57:ca:ba:c6:e5:5d:ca:06:9c:1a:e6:3b:82:ce:
70:2a:14:4b:ba:9e:87:0c:db:16:43:f0:26:5f:eb:
ba:65:29:4e:74:7a:bb:4e:0e:29:07:5b:6d:83:43:
0c:ad:70:c8:f0:5a:db:72:b4:6f:e7:b0:aa:ae:ff:
99:55:78:f5:a9:fc:60:e1:78:bb:a9:48:99:6b:ce:
8e:63:8c:0c:d1:4f:58:17:0f:6f:49:a4:79:e9:af:
03:4f:1c:c8:a0:5a:42:9b:59:ed:63:a9:14:5a:8f:
a5:ac:e1:0b:9b:16:ed:97:fb:71:fd:86:a3:80:b7:
96:9d:5a:b4:7c:3a:58:4c:25:3b:80:61:fc:d5:8a:
37:f3:3d:36:5f:ff:10:4e:9f:0e:17:ae:1e:44:f4:
3b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:98:41:A9:B6:7B:0D:15:A6:92:09:0A:9E:02:3B:D7:CC:56:4B:66
X509v3 Authority Key Identifier:
keyid:67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/p5hBqbZ7DRWmkgkKngI718xWS2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/Z6TsOPL_adJQX39i6Uw715i1hVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.30.0.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:9d:f5:a0:7e:b8:57:af:34:75:27:b4:6a:dc:13:46:24:ac:
f8:b6:07:b7:e0:f7:77:2c:48:ae:8f:be:a0:1b:8c:98:2f:7a:
23:7c:e3:26:7b:73:a8:3b:be:9e:bb:ac:df:8b:b3:1f:66:aa:
a1:0a:34:36:f4:9a:ef:17:b4:af:e5:f0:77:72:b4:9e:e8:c9:
90:37:cb:de:1d:14:5d:70:71:b6:b8:88:a6:81:a2:02:1f:e0:
bd:7e:9e:a1:1c:5e:14:f3:dd:8b:8b:89:fb:72:6d:d5:04:09:
c9:a4:be:02:66:96:53:0d:eb:59:92:a5:02:b2:17:8f:9c:3f:
92:9a:fb:82:f8:2e:de:7d:8b:55:f6:71:4c:17:68:c1:40:f5:
45:5a:b2:8a:9d:0e:69:7e:19:01:dd:80:c4:07:a4:71:62:ff:
d4:d2:1b:26:f6:40:2a:ae:b5:81:3c:c8:e0:c3:a5:13:69:e0:
c0:dc:77:07:93:2e:33:de:94:fb:69:d1:81:09:32:00:b6:a6:
fd:18:54:b0:d6:9f:bb:66:90:cc:12:48:16:a5:5b:61:3c:17:
5a:da:18:b7:44:54:5c:f0:fe:58:e4:bc:96:32:ec:63:9a:6a:
41:5c:3b:0f:cd:89:63:cc:5e:d0:4d:3a:10:ed:1f:48:ea:88:
0d:8e:8d:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcIf5iqzrE+AR78RquS/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YTRlYzM4ZjJmZjY5ZDI1MDVmN2Y2MmU5NGMzYmQ3OThi
NTg1NTIwHhcNMjMwMTAyMDMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk4NDFhOWI2N2IwZDE1YTY5MjA5MGE5ZTAyM2JkN2NjNTY0YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOgqqX71HSjJGphbJdPm03N4QEO2
o4QdM/R1pr4UiBnlKfHG5atBJCaxH+cC4RejEFPerWS2a0ugnfZN+0/hup6BWLs3
e7A5757CbKf4lFkiTpHVojOQ9gZmEeeFgXvbS484KWba9E9OV8q6xuVdygacGuY7
gs5wKhRLup6HDNsWQ/AmX+u6ZSlOdHq7Tg4pB1ttg0MMrXDI8FrbcrRv57Cqrv+Z
VXj1qfxg4Xi7qUiZa86OY4wM0U9YFw9vSaR56a8DTxzIoFpCm1ntY6kUWo+lrOEL
mxbtl/tx/YajgLeWnVq0fDpYTCU7gGH81Yo38z02X/8QTp8OF64eRPQ7qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeYQam2ew0VppIJCp4CO9fMVktmMB8GA1UdIwQY
MBaAFGek7Djy/2nSUF9/YulMO9eYtYVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAt
ZDQyZDRlOWM3NjdkLzEvcDVoQnFiWjdEUldta2drS25nSTcxOHhXUzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAtZDQyZDRlOWM3Njdk
LzEvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2R4AMA0G
CSqGSIb3DQEBCwUAA4IBAQArnfWgfrhXrzR1J7Rq3BNGJKz4tge34Pd3LEiuj76g
G4yYL3ojfOMme3OoO76eu6zfi7MfZqqhCjQ29JrvF7Sv5fB3crSe6MmQN8veHRRd
cHG2uIimgaICH+C9fp6hHF4U892Li4n7cm3VBAnJpL4CZpZTDetZkqUCshePnD+S
mvuC+C7efYtV9nFMF2jBQPVFWrKKnQ5pfhkB3YDEB6RxYv/U0hsm9kAqrrWBPMjg
w6UTaeDA3HcHky4z3pT7adGBCTIAtqb9GFSw1p+7ZpDMEkgWpVthPBda2hi3RFRc
8P5Y5LyWMuxjmmpBXDsPzYljzF7QTToQ7R9I6ogNjo32
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:56 2023 by rpki-client on console.sobornost.net