Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/171G2WJ6hgBU3n42CTQF-8ww23s.roa
File: 171G2WJ6hgBU3n42CTQF-8ww23s.roa (raw, json)
Hash identifier: pouG8UkqdTmlDfxU9o0arRiWsgVZvWNqijHwhxnJzh8=
Subject key identifier: D7:BD:46:D9:62:7A:86:00:54:DE:7E:36:09:34:05:FB:CC:30:DB:7B
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018DCF826F8658B6D9A9E57905DF743D438D
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/171G2WJ6hgBU3n42CTQF-8ww23s.roa
Signing time: Thu 22 Feb 2024 06:30:48 +0000
ROA not before: Thu 22 Feb 2024 06:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 217.60.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 04:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:82:6f:86:58:b6:d9:a9:e5:79:05:df:74:3d:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 22 06:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7bd46d9627a860054de7e36093405fbcc30db7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cf:3d:7f:a9:2c:d2:c4:26:8a:bc:8a:a3:8c:
79:2b:72:9f:99:07:f1:80:c2:be:95:ab:46:67:8b:
20:bd:21:b3:b0:46:50:a9:ee:a9:7a:fc:5c:f4:fd:
fe:bb:a1:e5:e1:ec:5f:52:74:c8:56:35:a4:d9:1d:
1a:85:d8:bf:b0:76:bb:81:67:f4:76:08:bb:fc:43:
32:67:65:a1:9e:44:4a:32:3a:4e:10:5e:a6:a6:3b:
33:20:f0:a5:ae:ee:98:e5:fe:08:22:65:15:3e:74:
ec:fa:1c:11:16:74:3d:6b:4a:50:cf:a7:14:bf:8a:
56:b3:f2:c3:37:5c:ea:97:ab:64:c4:31:b9:ff:81:
41:91:93:8b:56:02:59:27:95:fe:93:39:b9:71:ba:
bf:59:0d:e2:e0:0f:97:cb:81:1f:92:d4:ef:f2:6d:
f9:7a:99:a0:7a:96:30:bf:f1:81:66:7b:84:d1:8d:
1d:a7:b4:f0:c5:04:0a:da:99:8d:24:de:c3:79:57:
4f:58:7a:25:a9:b3:17:65:b7:a6:57:43:b3:55:a0:
42:26:dc:5a:41:68:aa:dd:1d:7f:fd:13:60:1a:f4:
72:6a:d7:47:86:ee:3c:3e:dd:72:e7:f9:2b:d0:ae:
d4:9c:b4:0c:84:b0:b8:30:bd:8b:20:3c:0c:58:67:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BD:46:D9:62:7A:86:00:54:DE:7E:36:09:34:05:FB:CC:30:DB:7B
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/171G2WJ6hgBU3n42CTQF-8ww23s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:4e:19:a7:c6:51:d8:4c:93:b2:6d:e0:4b:26:f5:8b:5b:66:
33:74:6a:0c:9b:4e:8a:e5:1a:45:06:a9:90:e8:c2:3b:e8:3c:
a9:12:90:b2:18:3e:39:22:b1:9b:16:a2:87:90:da:c6:91:6e:
3c:23:e5:ef:50:5d:42:69:c6:cf:80:fc:a6:4e:9a:5d:34:ec:
04:0d:02:af:66:32:57:a5:d9:f3:64:66:22:a9:5e:99:bc:12:
d6:05:c5:c7:75:0c:a4:f4:8d:ec:7a:c0:cb:e4:2f:e5:2e:ba:
e4:78:6d:bc:42:33:e8:ac:60:25:3d:c7:ca:5d:e8:33:67:61:
b2:eb:99:6e:35:62:31:2f:e2:9a:25:75:eb:49:cd:44:a1:82:
49:79:2a:a7:fe:ba:73:19:c4:28:d9:70:4a:d0:33:ee:d2:1a:
90:a9:72:7f:f8:46:8e:1a:3b:d1:41:ad:14:79:44:97:71:99:
5c:ac:eb:79:25:cd:2f:9d:c2:92:f6:ed:ad:3a:86:48:9a:46:
c6:ce:8a:0a:95:94:01:2d:c8:ad:92:b6:6e:07:dd:8c:f5:21:
fd:ec:57:a3:8e:77:5f:5d:0d:42:d0:e4:a7:c4:cc:45:0f:65:
e2:d5:f3:7a:b0:d6:97:3d:68:b7:88:26:01:e4:ac:36:8e:5b:
1f:49:b8:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3Pgm+GWLbZqeV5Bd90PUONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMjIyMDYzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2JkNDZkOTYyN2E4NjAwNTRkZTdlMzYwOTM0MDVmYmNjMzBkYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk889f6ks0sQmiryKo4x5K3KfmQfx
gMK+latGZ4sgvSGzsEZQqe6pevxc9P3+u6Hl4exfUnTIVjWk2R0ahdi/sHa7gWf0
dgi7/EMyZ2WhnkRKMjpOEF6mpjszIPClru6Y5f4IImUVPnTs+hwRFnQ9a0pQz6cU
v4pWs/LDN1zql6tkxDG5/4FBkZOLVgJZJ5X+kzm5cbq/WQ3i4A+Xy4EfktTv8m35
epmgepYwv/GBZnuE0Y0dp7TwxQQK2pmNJN7DeVdPWHolqbMXZbemV0OzVaBCJtxa
QWiq3R1//RNgGvRyatdHhu48Pt1y5/kr0K7UnLQMhLC4ML2LIDwMWGc+zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNe9RtlieoYAVN5+Ngk0BfvMMNt7MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvMTcxRzJXSjZoZ0JVM240MkNUUUYtOHd3MjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Tz8MA0G
CSqGSIb3DQEBCwUAA4IBAQBLThmnxlHYTJOybeBLJvWLW2YzdGoMm06K5RpFBqmQ
6MI76DypEpCyGD45IrGbFqKHkNrGkW48I+XvUF1CacbPgPymTppdNOwEDQKvZjJX
pdnzZGYiqV6ZvBLWBcXHdQyk9I3sesDL5C/lLrrkeG28QjPorGAlPcfKXegzZ2Gy
65luNWIxL+KaJXXrSc1EoYJJeSqn/rpzGcQo2XBK0DPu0hqQqXJ/+EaOGjvRQa0U
eUSXcZlcrOt5Jc0vncKS9u2tOoZImkbGzooKlZQBLcitkrZuB92M9SH97Fejjndf
XQ1C0OSnxMxFD2Xi1fN6sNaXPWi3iCYB5Kw2jlsfSbht
-----END CERTIFICATE-----
Generated at Sat Mar 9 07:50:02 2024 by rpki-client on console.sobornost.net