Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rLkFUeEstS4MtQsr0lY6Af7_FDQ.roa
File: rLkFUeEstS4MtQsr0lY6Af7_FDQ.roa (raw, json)
Hash identifier: 15HvOH+HFAoRbRptXIUArsT8fAodnzy9VMaBO2mQE5M=
Subject key identifier: AC:B9:05:51:E1:2C:B5:2E:0C:B5:0B:2B:D2:56:3A:01:FE:FF:14:34
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193B60CA89976A2B95DFE0CBBCFC1B882DC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rLkFUeEstS4MtQsr0lY6Af7_FDQ.roa
Signing time: Wed 11 Dec 2024 14:08:22 +0000
ROA not before: Wed 11 Dec 2024 14:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 09:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:0c:a8:99:76:a2:b9:5d:fe:0c:bb:cf:c1:b8:82:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 11 14:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb90551e12cb52e0cb50b2bd2563a01feff1434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:4b:50:03:64:43:cd:fb:4a:73:db:02:9e:
da:9a:88:f2:ce:d8:2a:39:3e:68:25:67:43:7b:d4:
b7:ff:3e:6c:3d:c2:c4:68:95:6a:20:6c:59:7a:69:
51:31:dc:0a:b7:b4:7d:19:2e:cc:36:7e:9b:1c:02:
82:84:73:ae:c1:38:fa:9d:48:40:96:77:d4:1d:6c:
93:ff:83:9f:35:69:c5:20:ad:0a:97:79:ab:6b:a2:
99:de:41:08:d3:c2:6d:dc:05:19:a4:5b:3b:83:16:
e1:a1:6a:d6:92:54:45:be:3b:f0:29:11:25:e7:c4:
c9:b9:a8:f1:44:7f:cb:79:66:9c:64:48:c3:18:0f:
4d:71:cb:76:67:bc:94:b9:d7:4c:5d:1a:d1:ff:3c:
39:69:0e:2c:52:e4:c1:35:e9:63:05:ea:49:3b:de:
c4:17:d9:d3:88:0d:db:6e:85:ae:37:96:91:ea:fc:
d3:d0:31:dc:f3:67:e5:4d:03:9d:f6:17:e1:bb:55:
97:98:6d:ac:f3:83:a9:5f:b7:a2:69:a3:46:c8:83:
e4:82:1d:fd:76:a0:05:43:1a:b7:95:f4:bb:fa:48:
f4:e0:ca:f4:ac:22:07:11:f9:7f:5c:11:31:e8:d1:
1a:3a:09:04:9c:9a:ef:a2:8c:bd:27:bf:6f:fd:1c:
73:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B9:05:51:E1:2C:B5:2E:0C:B5:0B:2B:D2:56:3A:01:FE:FF:14:34
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rLkFUeEstS4MtQsr0lY6Af7_FDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.237.0-217.60.238.255
217.60.243.0/24
217.60.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:c6:3d:72:02:b3:bc:73:f3:2a:89:4d:ad:6a:0c:08:55:6d:
6e:00:8a:05:b0:4d:98:8b:36:c9:71:09:1d:ca:bf:f4:fa:fc:
8a:bd:a3:34:a5:74:e7:0c:f4:6c:7a:02:79:b2:c4:e4:c9:4b:
38:b0:e2:d3:30:f9:0e:ce:a4:69:ba:4c:7e:98:12:68:55:25:
84:0d:5f:f5:93:bd:be:e0:6e:66:e7:4a:2e:0d:dc:ac:5a:c0:
55:23:9b:b2:5c:cf:ea:33:ba:c6:de:5c:b1:6d:77:b7:1c:55:
cc:f9:80:a1:74:a7:00:83:ee:e0:a3:3c:47:83:9b:ef:18:d5:
55:45:71:35:37:b3:87:94:54:12:fe:ac:f7:fa:73:93:5c:bb:
a5:87:ae:93:bd:af:2f:8b:ed:9d:fa:f7:2b:f5:fe:0f:32:4e:
74:29:f7:57:f1:eb:1f:4d:6e:a9:17:23:c1:38:22:80:85:23:
92:d4:1c:5e:31:a0:1a:d7:a8:37:e4:21:39:86:a2:3b:96:ed:
3f:3b:a8:36:91:ca:23:4a:14:3f:5d:83:ed:c7:f2:48:26:53:
34:ba:a7:0d:6b:27:84:e5:92:13:1f:2b:5a:47:50:b6:09:a7:
31:0c:a3:79:55:08:40:e1:9e:32:77:fb:7c:b2:0c:69:10:c1:
3f:bd:b5:ea
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZO2DKiZdqK5Xf4Mu8/BuILcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjExMTQwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I5MDU1MWUxMmNiNTJlMGNiNTBiMmJkMjU2M2EwMWZlZmYxNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ9LUANkQ837SnPbAp7amojyztgq
OT5oJWdDe9S3/z5sPcLEaJVqIGxZemlRMdwKt7R9GS7MNn6bHAKChHOuwTj6nUhA
lnfUHWyT/4OfNWnFIK0Kl3mra6KZ3kEI08Jt3AUZpFs7gxbhoWrWklRFvjvwKREl
58TJuajxRH/LeWacZEjDGA9Ncct2Z7yUuddMXRrR/zw5aQ4sUuTBNeljBepJO97E
F9nTiA3bboWuN5aR6vzT0DHc82flTQOd9hfhu1WXmG2s84OpX7eiaaNGyIPkgh39
dqAFQxq3lfS7+kj04Mr0rCIHEfl/XBEx6NEaOgkEnJrvooy9J79v/RxzOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKy5BVHhLLUuDLULK9JWOgH+/xQ0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvckxrRlVlRXN0UzRNdFFzcjBsWTZBZjdfRkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADZPO0D
BADZPO4DBADZPPMDBADZPPYwDQYJKoZIhvcNAQELBQADggEBAGzGPXICs7xz8yqJ
Ta1qDAhVbW4AigWwTZiLNslxCR3Kv/T6/Iq9ozSldOcM9Gx6AnmyxOTJSziw4tMw
+Q7OpGm6TH6YEmhVJYQNX/WTvb7gbmbnSi4N3KxawFUjm7Jcz+ozusbeXLFtd7cc
Vcz5gKF0pwCD7uCjPEeDm+8Y1VVFcTU3s4eUVBL+rPf6c5Ncu6WHrpO9ry+L7Z36
9yv1/g8yTnQp91fx6x9NbqkXI8E4IoCFI5LUHF4xoBrXqDfkITmGojuW7T87qDaR
yiNKFD9dg+3H8kgmUzS6pw1rJ4TlkhMfK1pHULYJpzEMo3lVCEDhnjJ3+3yyDGkQ
wT+9teo=
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:25:02 2025 by rpki-client