Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/6eNH99hRB7M81_tkn2krfSY5JyY.roa
File: 6eNH99hRB7M81_tkn2krfSY5JyY.roa (raw, json)
Hash identifier: U0KEeTkhYtYSSonhAQ3u2KVB5BiCYFLj+lKVKmaq5kg=
Subject key identifier: E9:E3:47:F7:D8:51:07:B3:3C:D7:FB:64:9F:69:2B:7D:26:39:27:26
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 0191E5F9A4E1B20AEB0AD51533E41368B4BA
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/6eNH99hRB7M81_tkn2krfSY5JyY.roa
Signing time: Thu 12 Sep 2024 11:23:48 +0000
ROA not before: Thu 12 Sep 2024 11:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 217.147.180.0/23 maxlen: 24
217.147.180.0/24 maxlen: 24
217.147.181.0/24 maxlen: 24
2a0b:2900:1100::/40 maxlen: 48
2a0b:2900:1f00::/40 maxlen: 40
2a0b:2900:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Sep 2024 12:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:f9:a4:e1:b2:0a:eb:0a:d5:15:33:e4:13:68:b4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Sep 12 11:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9e347f7d85107b33cd7fb649f692b7d26392726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6d:81:61:80:34:e5:2a:86:ea:77:3e:32:19:
61:5b:78:dc:40:af:3e:58:d2:7a:53:ae:58:7d:f5:
d0:4b:cf:d0:e2:3a:c8:04:da:a6:92:2f:cc:92:9f:
a1:1b:da:79:ae:78:82:b4:b6:9b:8c:40:2a:46:de:
43:33:43:6d:4c:9d:d8:b8:ff:44:49:72:8c:d2:77:
53:3e:13:00:e7:6b:ca:4a:d0:4e:f8:7c:1b:cd:cb:
97:e9:68:18:21:55:ca:a8:d9:6b:18:dc:c5:1b:6f:
38:66:83:ed:29:42:7a:90:5d:c2:fd:ac:e0:41:f6:
b0:90:7c:26:9f:60:02:26:76:fd:d2:b4:4f:b1:0b:
6e:d4:97:1a:8d:4e:f8:17:f7:e0:67:e6:c9:e3:36:
43:58:7b:0e:ff:d9:2b:04:ca:c9:63:d3:e3:56:ce:
08:8e:51:df:ba:1b:21:1b:30:bc:e4:ea:10:ce:c7:
fd:87:1c:e1:62:e7:08:75:1f:a1:49:2e:e7:fc:43:
85:e8:76:b9:63:ac:e0:9a:ab:8c:9c:39:29:7e:72:
27:f2:01:f2:32:08:aa:b4:bc:a3:83:2a:b0:bb:0c:
f4:d8:33:c8:ba:dc:c3:d0:33:78:28:bb:d4:bc:4b:
88:76:ab:dd:91:83:39:a8:ad:22:8c:fe:7a:65:7a:
ea:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E3:47:F7:D8:51:07:B3:3C:D7:FB:64:9F:69:2B:7D:26:39:27:26
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/6eNH99hRB7M81_tkn2krfSY5JyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
IPv6:
2a0b:2900:1100::/40
2a0b:2900:1f00::/40
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
55:a2:d4:c9:68:d0:cd:c3:55:b3:91:db:b2:99:5a:d4:86:f8:
04:78:e8:68:fb:04:6a:24:d7:e0:44:fd:03:1c:86:fe:c0:6a:
75:e5:60:57:91:05:1e:5d:c6:84:c9:ea:bf:bc:37:4f:b4:8a:
13:2f:d9:bc:5a:2c:4c:c4:c6:2a:7f:db:41:73:44:46:c6:3c:
19:f6:cc:c6:f9:20:ee:c2:f5:56:ac:5a:fb:55:7b:2b:b3:90:
ce:c6:75:49:45:28:2a:34:5f:97:41:f6:f5:a4:73:ea:c7:f3:
52:0d:a7:84:bc:76:10:26:e6:7c:b2:4d:82:33:91:27:20:0e:
89:03:9c:a3:60:f5:7f:11:95:a9:01:72:e9:de:f2:65:4d:6e:
ad:d2:f6:02:f4:0f:7c:fb:23:b5:53:d8:50:7e:d0:66:05:8b:
2d:5c:52:a1:95:a5:81:e9:03:4d:6a:2b:4c:eb:77:7c:43:54:
a0:5f:7a:11:09:25:e0:5a:21:77:66:3b:01:10:ae:af:01:d9:
b3:63:b9:5e:cc:ab:db:ca:f4:17:80:b6:50:27:6c:a0:29:8a:
49:9e:53:6a:37:ea:15:ed:b0:f8:77:d6:66:8e:a3:25:dd:13:
bd:26:55:3b:07:c8:40:72:fb:40:09:84:9e:91:13:7a:ee:b9:
90:80:cf:06
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHl+aThsgrrCtUVM+QTaLS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjQwOTEyMTEyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWUzNDdmN2Q4NTEwN2IzM2NkN2ZiNjQ5ZjY5MmI3ZDI2MzkyNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW2BYYA05SqG6nc+MhlhW3jcQK8+
WNJ6U65YffXQS8/Q4jrIBNqmki/Mkp+hG9p5rniCtLabjEAqRt5DM0NtTJ3YuP9E
SXKM0ndTPhMA52vKStBO+HwbzcuX6WgYIVXKqNlrGNzFG284ZoPtKUJ6kF3C/azg
QfawkHwmn2ACJnb90rRPsQtu1JcajU74F/fgZ+bJ4zZDWHsO/9krBMrJY9PjVs4I
jlHfuhshGzC85OoQzsf9hxzhYucIdR+hSS7n/EOF6Ha5Y6zgmquMnDkpfnIn8gHy
MgiqtLyjgyqwuwz02DPIutzD0DN4KLvUvEuIdqvdkYM5qK0ijP56ZXrqTwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOnjR/fYUQezPNf7ZJ9pK30mOScmMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvNmVOSDk5aFJCN004MV90a24ya3JmU1k1SnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQB2ZO0MB4E
AgACMBgDBgAqCykAEQMGACoLKQAfAwYAKgspAP8wDQYJKoZIhvcNAQELBQADggEB
AFWi1Mlo0M3DVbOR27KZWtSG+AR46Gj7BGok1+BE/QMchv7AanXlYFeRBR5dxoTJ
6r+8N0+0ihMv2bxaLEzExip/20FzREbGPBn2zMb5IO7C9VasWvtVeyuzkM7GdUlF
KCo0X5dB9vWkc+rH81INp4S8dhAm5nyyTYIzkScgDokDnKNg9X8RlakBcune8mVN
bq3S9gL0D3z7I7VT2FB+0GYFiy1cUqGVpYHpA01qK0zrd3xDVKBfehEJJeBaIXdm
OwEQrq8B2bNjuV7Mq9vK9BeAtlAnbKApikmeU2o36hXtsPh31maOoyXdE70mVTsH
yEBy+0AJhJ6RE3ruuZCAzwY=
-----END CERTIFICATE-----
Generated at Mon May 12 12:36:47 2025 by rpki-client