Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/2Z61E8qPGGBoGWRmD9sKqqk86UM.roa
File: 2Z61E8qPGGBoGWRmD9sKqqk86UM.roa (raw, json)
Hash identifier: v+ctDjhc8mM3DEKtXjTIiNOwVdfGALmKlLKI9Yjgeow=
Subject key identifier: D9:9E:B5:13:CA:8F:18:60:68:19:64:66:0F:DB:0A:AA:A9:3C:E9:43
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01856ED4DB21C07B93852E9F4831569B144A
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/2Z61E8qPGGBoGWRmD9sKqqk86UM.roa
Signing time: Sun 01 Jan 2023 19:35:21 +0000
ROA not before: Sun 01 Jan 2023 19:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 212.113.117.0/24 maxlen: 24
212.113.118.0/24 maxlen: 24
212.113.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 15:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:db:21:c0:7b:93:85:2e:9f:48:31:56:9b:14:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 1 19:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d99eb513ca8f1860681964660fdb0aaaa93ce943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:af:e1:68:62:8c:d1:b0:0b:7b:49:6b:eb:
b9:8f:0c:68:37:c9:73:26:40:a4:3c:93:eb:16:c4:
6f:3c:92:5f:72:82:d6:72:24:99:73:fb:de:53:87:
07:c5:b5:2f:06:71:7e:16:c7:71:68:13:b3:27:71:
b0:2c:ca:3e:66:d3:16:bf:90:7c:15:b5:1b:86:ae:
ba:47:a8:84:05:d0:a4:1b:f1:f6:a7:d7:b5:7c:6e:
99:51:2a:8a:11:fe:d3:97:c8:07:f7:62:d5:20:bc:
70:1a:94:91:9c:57:27:a7:00:c5:e0:f0:ce:63:13:
bf:65:d6:f8:6c:ae:6b:c4:57:f5:03:1e:a3:c7:ac:
35:a3:b1:a7:c1:0d:95:6a:ba:84:1f:2b:7a:c8:b2:
0e:d9:b9:0d:64:cb:01:55:d2:d1:84:61:97:29:b6:
0f:58:79:53:b3:07:4b:cc:cc:bc:94:49:c0:32:5b:
35:42:f1:40:c8:b2:18:bf:ac:3b:f0:4b:51:0e:a9:
aa:5c:41:18:d3:49:57:78:fb:ce:fd:30:a5:ff:ea:
64:93:61:fb:60:df:70:33:6d:7f:ae:34:62:2d:fd:
a7:d9:e0:c1:62:79:56:26:9b:69:24:3e:15:e7:5c:
49:6a:c8:05:db:21:13:9a:c7:5c:fc:c2:ac:7c:24:
12:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9E:B5:13:CA:8F:18:60:68:19:64:66:0F:DB:0A:AA:A9:3C:E9:43
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/2Z61E8qPGGBoGWRmD9sKqqk86UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.116.0-212.113.118.255
Signature Algorithm: sha256WithRSAEncryption
3d:58:37:05:d8:bb:28:94:af:a9:37:77:fd:cc:92:74:43:c1:
13:0c:07:81:d1:b1:ea:3b:47:4a:81:ce:56:de:34:98:2c:3d:
ea:0a:53:5a:9d:01:cb:39:ed:a7:ee:d0:09:a6:db:02:d0:f0:
1a:c8:6c:52:a1:3a:4d:bf:e7:34:9d:df:d0:96:23:9d:6f:65:
33:a0:29:f7:34:9f:d1:95:b7:8a:c2:52:d3:e6:0f:e8:89:7c:
b1:35:1d:ba:41:ed:d4:ae:fd:90:2c:d6:12:b7:91:7f:68:b8:
ce:e3:97:d3:0e:65:ba:8e:a9:b8:66:fa:9a:4d:55:d7:76:7d:
11:21:3d:9b:5f:f8:93:f9:04:76:a1:ec:71:8d:90:8c:f6:56:
8f:0d:06:f7:a3:54:cc:e1:5d:56:a8:a9:59:19:93:e6:fa:e7:
73:55:da:3d:be:35:5b:c8:f2:33:c7:fe:51:3a:c2:de:75:62:
b0:c2:a8:64:d4:60:ac:ea:2b:46:c2:e0:22:76:a3:e5:6d:8b:
e3:6f:a2:1c:ff:74:1c:e5:d1:e9:c1:31:95:0a:89:b3:59:dd:
d1:57:e6:f1:31:44:a4:d7:5a:8c:49:c0:44:0d:77:64:34:4e:
54:85:06:2d:e6:f9:2c:f9:49:86:3b:54:23:c2:8d:a6:ee:5a:
46:87:7f:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVu1NshwHuThS6fSDFWmxRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTllYjUxM2NhOGYxODYwNjgxOTY0NjYwZmRiMGFhYWE5M2NlOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoWv4WhijNGwC3tJa+u5jwxoN8lz
JkCkPJPrFsRvPJJfcoLWciSZc/veU4cHxbUvBnF+FsdxaBOzJ3GwLMo+ZtMWv5B8
FbUbhq66R6iEBdCkG/H2p9e1fG6ZUSqKEf7Tl8gH92LVILxwGpSRnFcnpwDF4PDO
YxO/Zdb4bK5rxFf1Ax6jx6w1o7GnwQ2VarqEHyt6yLIO2bkNZMsBVdLRhGGXKbYP
WHlTswdLzMy8lEnAMls1QvFAyLIYv6w78EtRDqmqXEEY00lXePvO/TCl/+pkk2H7
YN9wM21/rjRiLf2n2eDBYnlWJptpJD4V51xJasgF2yETmsdc/MKsfCQSvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNmetRPKjxhgaBlkZg/bCqqpPOlDMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvMlo2MUU4cVBHR0JvR1dSbUQ5c0txcWs4NlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALUcXQD
BADUcXYwDQYJKoZIhvcNAQELBQADggEBAD1YNwXYuyiUr6k3d/3MknRDwRMMB4HR
seo7R0qBzlbeNJgsPeoKU1qdAcs57afu0Amm2wLQ8BrIbFKhOk2/5zSd39CWI51v
ZTOgKfc0n9GVt4rCUtPmD+iJfLE1HbpB7dSu/ZAs1hK3kX9ouM7jl9MOZbqOqbhm
+ppNVdd2fREhPZtf+JP5BHah7HGNkIz2Vo8NBvejVMzhXVaoqVkZk+b653NV2j2+
NVvI8jPH/lE6wt51YrDCqGTUYKzqK0bC4CJ2o+Vti+Nvohz/dBzl0enBMZUKibNZ
3dFX5vExRKTXWoxJwEQNd2Q0TlSFBi3m+Sz5SYY7VCPCjabuWkaHfzo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:33 2024 by rpki-client on console-fra.rpki-client.org