Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/0qtgsFMfaak1nrl9BPcEFNtyg3Y.roa
File: 0qtgsFMfaak1nrl9BPcEFNtyg3Y.roa (raw, json)
Hash identifier: P4aBE9cZNWbKwDgQFpCad9LNvPnB6uUVqHqVET7EMzo=
Subject key identifier: D2:AB:60:B0:53:1F:69:A9:35:9E:B9:7D:04:F7:04:14:DB:72:83:76
Certificate issuer: /CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Certificate serial: 018573E86FEFECD4C1C0E808CE331A4D97CD
Authority key identifier: AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/0qtgsFMfaak1nrl9BPcEFNtyg3Y.roa
Signing time: Mon 02 Jan 2023 19:14:50 +0000
ROA not before: Mon 02 Jan 2023 19:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201160
IP address blocks: 217.8.123.0/24 maxlen: 24
217.8.122.0/24 maxlen: 24
217.8.121.0/24 maxlen: 24
217.8.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:e8:6f:ef:ec:d4:c1:c0:e8:08:ce:33:1a:4d:97:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Validity
Not Before: Jan 2 19:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2ab60b0531f69a9359eb97d04f70414db728376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a0:4f:3d:7e:20:bb:a1:25:72:ec:dd:ed:cf:
d8:94:be:74:79:69:ff:c9:2a:cc:7b:8c:89:e3:6d:
27:0b:5a:73:3a:3b:03:35:f4:de:ee:b9:eb:22:f6:
93:1b:83:a8:c0:44:aa:a4:00:19:83:54:71:98:b9:
51:27:a2:a2:f7:ee:2b:69:2c:88:5c:2c:1b:36:d2:
36:f7:f1:a7:3e:d7:b9:75:8e:aa:e9:cd:88:94:a1:
c1:98:b5:81:66:8f:0b:59:c2:49:7b:f6:67:ac:aa:
15:54:1c:d3:25:53:f6:dd:3c:81:48:a9:c2:10:f6:
06:51:ea:6e:20:47:af:09:ff:ad:b1:b1:53:59:e3:
ef:1f:b5:00:cc:81:7a:a1:23:cf:a9:06:87:9c:92:
f1:45:72:5a:26:7f:da:f1:ea:d1:dc:54:0d:9b:47:
91:6f:4d:ff:4b:2e:c7:30:00:3b:53:54:c4:82:7a:
1b:e3:f8:7b:93:85:2b:b4:b9:0c:be:6c:76:3d:5e:
8a:9a:30:c4:e7:7e:69:1a:b0:9c:dd:eb:59:3d:b6:
39:8c:92:39:97:fd:a8:94:e0:42:3e:ed:9f:1d:4f:
15:1c:0c:75:59:86:95:3e:fe:5e:4f:84:b7:ef:cd:
a1:c5:04:06:ab:34:74:ce:53:71:73:a3:a6:b0:c3:
ce:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AB:60:B0:53:1F:69:A9:35:9E:B9:7D:04:F7:04:14:DB:72:83:76
X509v3 Authority Key Identifier:
keyid:AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/0qtgsFMfaak1nrl9BPcEFNtyg3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:de:51:a2:88:04:ef:12:fd:4b:94:b9:b9:72:ef:b2:36:68:
63:f9:20:99:35:c9:57:95:c9:39:b1:57:80:6c:b0:4b:d5:4f:
6c:10:ec:f8:9e:df:36:40:42:4c:fd:f5:e5:d7:ba:34:0d:27:
c3:d1:92:e1:c4:b6:1e:01:57:81:88:f4:14:cb:11:f4:2a:ad:
71:2e:db:de:cd:42:9e:5f:e3:8f:c8:9e:b5:ba:18:d2:39:89:
ea:0a:62:53:12:fa:99:2f:6b:7c:7b:df:27:75:0a:29:7c:73:
f3:ec:44:ff:64:ff:97:62:de:4b:e7:6b:b8:04:68:ce:ca:39:
2f:5c:0b:dc:16:fc:d9:b0:67:b3:78:85:5c:36:04:61:1d:be:
fc:93:72:9d:b9:af:2d:f5:e5:40:52:da:1c:e6:3e:3b:c6:61:
f1:af:31:de:e8:28:da:68:d6:7c:d2:a0:b8:cc:c0:3c:3d:78:
d1:bd:b1:28:2f:1c:73:a8:76:9a:cd:f2:d8:22:86:77:7b:c7:
b9:0d:91:22:1d:41:de:e4:e8:8e:9a:2c:31:25:df:47:d5:43:
26:c2:8b:89:b2:dc:82:92:12:31:ab:96:f2:35:3d:1e:4b:27:
c2:db:a1:07:62:17:14:fb:3d:9d:cc:b3:18:bb:6b:f1:4c:1a:
71:41:db:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVz6G/v7NTBwOgIzjMaTZfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTVkNTJiM2NhODc0NTQ1NzViNjViNzIwZWVmODFhMjYy
YTVmM2EwHhcNMjMwMTAyMTkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFiNjBiMDUzMWY2OWE5MzU5ZWI5N2QwNGY3MDQxNGRiNzI4Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqBPPX4gu6Elcuzd7c/YlL50eWn/
ySrMe4yJ420nC1pzOjsDNfTe7rnrIvaTG4OowESqpAAZg1RxmLlRJ6Ki9+4raSyI
XCwbNtI29/GnPte5dY6q6c2IlKHBmLWBZo8LWcJJe/ZnrKoVVBzTJVP23TyBSKnC
EPYGUepuIEevCf+tsbFTWePvH7UAzIF6oSPPqQaHnJLxRXJaJn/a8erR3FQNm0eR
b03/Sy7HMAA7U1TEgnob4/h7k4UrtLkMvmx2PV6KmjDE535pGrCc3etZPbY5jJI5
l/2olOBCPu2fHU8VHAx1WYaVPv5eT4S3782hxQQGqzR0zlNxc6OmsMPO6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKrYLBTH2mpNZ65fQT3BBTbcoN2MB8GA1UdIwQY
MBaAFK2l1Ss8qHRUV1tltyDu+BomKl86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMt
ZDE4YWI0ZjdmNWRmLzEvMHF0Z3NGTWZhYWsxbnJsOUJQY0VGTnR5ZzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMtZDE4YWI0ZjdmNWRm
LzEvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2Qh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCl3lGiiATvEv1LlLm5cu+yNmhj+SCZNclXlck5sVeA
bLBL1U9sEOz4nt82QEJM/fXl17o0DSfD0ZLhxLYeAVeBiPQUyxH0Kq1xLtvezUKe
X+OPyJ61uhjSOYnqCmJTEvqZL2t8e98ndQopfHPz7ET/ZP+XYt5L52u4BGjOyjkv
XAvcFvzZsGezeIVcNgRhHb78k3Kdua8t9eVAUtoc5j47xmHxrzHe6CjaaNZ80qC4
zMA8PXjRvbEoLxxzqHaazfLYIoZ3e8e5DZEiHUHe5OiOmiwxJd9H1UMmwouJstyC
khIxq5byNT0eSyfC26EHYhcU+z2dzLMYu2vxTBpxQdsr
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:57 2024 by rpki-client on console.sobornost.net