Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/pg9L9rqzbtAPbLxRc2vqZxO3Q94.roa
File: pg9L9rqzbtAPbLxRc2vqZxO3Q94.roa (raw, json)
Hash identifier: 7CAN9L8Q+itiS0/t7hfxNT1h+WLCQeP2QsY9KOGPzck=
Subject key identifier: A6:0F:4B:F6:BA:B3:6E:D0:0F:6C:BC:51:73:6B:EA:67:13:B7:43:DE
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018E32BF5A9E0F3D3B46D307AEEE2A3E58FF
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/pg9L9rqzbtAPbLxRc2vqZxO3Q94.roa
Signing time: Tue 12 Mar 2024 12:59:45 +0000
ROA not before: Tue 12 Mar 2024 12:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 217.60.247.0/24 maxlen: 24
217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 08:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:bf:5a:9e:0f:3d:3b:46:d3:07:ae:ee:2a:3e:58:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Mar 12 12:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a60f4bf6bab36ed00f6cbc51736bea6713b743de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:66:1c:9a:46:13:ba:61:1e:56:f2:c6:bb:f0:
03:2e:90:8d:11:67:13:d6:b5:30:e3:09:50:8a:f2:
10:cb:83:45:1a:c4:72:f1:bb:39:1a:b7:24:69:a9:
b0:ec:75:d8:78:9c:4c:2b:a5:db:c3:db:08:9d:b6:
99:4d:0b:d7:33:ba:70:fc:50:61:f5:f9:fd:9b:56:
e2:50:9b:f8:b8:96:a9:13:d2:54:45:43:bd:df:1f:
aa:ba:02:60:da:f1:dd:53:de:97:ff:6e:87:64:e1:
ff:1b:b9:36:52:c4:4f:79:1d:85:e9:3b:27:b5:08:
bb:da:75:e8:65:48:6c:f9:20:1b:5c:cf:39:ea:a8:
cb:a6:30:b9:f9:12:9d:9b:87:7c:13:b8:aa:65:60:
2c:8e:f7:ff:47:21:ca:97:1a:c4:1b:ff:fc:05:8a:
42:38:a5:69:79:f3:1a:6f:41:89:2c:bc:4d:2c:4e:
af:9e:fe:92:b5:67:27:f4:f9:12:2b:85:f8:d0:16:
4e:f8:3b:a7:8a:fa:08:69:78:68:8b:0a:7c:16:a5:
59:9b:06:0a:1e:cc:2c:6a:b3:64:87:b0:e8:fe:6e:
7e:78:da:49:e8:40:d1:28:c9:6f:08:b7:fd:29:d1:
19:1f:8d:bf:da:34:4f:79:68:89:70:48:bd:f5:e2:
17:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0F:4B:F6:BA:B3:6E:D0:0F:6C:BC:51:73:6B:EA:67:13:B7:43:DE
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/pg9L9rqzbtAPbLxRc2vqZxO3Q94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.247.0/24
217.60.249.0/24
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6a:b8:11:77:e1:b2:59:95:d5:de:e7:9a:69:3a:d9:96:16:
d2:c2:97:40:3f:70:d0:d4:ad:9b:ac:26:58:8c:04:94:a0:6f:
b8:d9:04:3c:0c:88:f4:1e:04:e5:f1:b1:aa:3e:dd:00:85:37:
fa:a5:bd:ac:1c:07:06:08:e9:d5:cf:96:e9:67:77:20:a9:fe:
f1:59:3a:ae:af:2e:f8:c5:ef:20:26:72:0d:36:f8:2c:de:95:
bf:85:f9:66:67:d0:6a:34:29:09:c1:61:d3:1c:af:c1:72:71:
fe:37:cf:96:82:fd:01:d1:b6:80:7b:d4:cb:2e:54:69:8e:35:
f0:5b:28:ad:de:e4:91:0c:7d:6c:bf:72:df:4a:2a:c1:7b:42:
a4:29:4b:74:05:24:29:f0:a3:e2:dc:db:ed:7f:79:af:3b:51:
28:1f:23:28:0e:ac:76:04:f5:15:08:00:1d:d4:a3:8e:4f:d6:
60:ca:1f:32:fb:bc:5a:80:4f:16:8b:95:12:b4:08:e8:44:3b:
6d:4a:cc:60:a5:0e:07:d6:14:0d:68:84:23:3f:81:ac:96:84:
da:1e:23:47:49:54:16:a8:60:c9:1e:19:4b:90:8d:44:56:ad:
1c:f9:1d:a3:ec:87:a8:73:91:ec:c1:91:8d:51:6a:9c:05:17:
f7:95:7f:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4yv1qeDz07RtMHru4qPlj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMzEyMTI1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBmNGJmNmJhYjM2ZWQwMGY2Y2JjNTE3MzZiZWE2NzEzYjc0M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mYcmkYTumEeVvLGu/ADLpCNEWcT
1rUw4wlQivIQy4NFGsRy8bs5Grckaamw7HXYeJxMK6Xbw9sInbaZTQvXM7pw/FBh
9fn9m1biUJv4uJapE9JURUO93x+qugJg2vHdU96X/26HZOH/G7k2UsRPeR2F6Tsn
tQi72nXoZUhs+SAbXM856qjLpjC5+RKdm4d8E7iqZWAsjvf/RyHKlxrEG//8BYpC
OKVpefMab0GJLLxNLE6vnv6StWcn9PkSK4X40BZO+DunivoIaXhoiwp8FqVZmwYK
HswsarNkh7Do/m5+eNpJ6EDRKMlvCLf9KdEZH42/2jRPeWiJcEi99eIXVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKYPS/a6s27QD2y8UXNr6mcTt0PeMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvcGc5TDlycXpidEFQYkx4UmMydnFaeE8zUTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2Tz3AwQA
2Tz5AwQA2Tz8MA0GCSqGSIb3DQEBCwUAA4IBAQApargRd+GyWZXV3ueaaTrZlhbS
wpdAP3DQ1K2brCZYjASUoG+42QQ8DIj0HgTl8bGqPt0AhTf6pb2sHAcGCOnVz5bp
Z3cgqf7xWTqury74xe8gJnINNvgs3pW/hflmZ9BqNCkJwWHTHK/BcnH+N8+Wgv0B
0baAe9TLLlRpjjXwWyit3uSRDH1sv3LfSirBe0KkKUt0BSQp8KPi3Nvtf3mvO1Eo
HyMoDqx2BPUVCAAd1KOOT9Zgyh8y+7xagE8Wi5UStAjoRDttSsxgpQ4H1hQNaIQj
P4GsloTaHiNHSVQWqGDJHhlLkI1EVq0c+R2j7Ieoc5HswZGNUWqcBRf3lX8D
-----END CERTIFICATE-----
Generated at Sun Mar 17 12:14:32 2024 by rpki-client on console.sobornost.net