Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/GlNYOR9R8w1d2CTT4NiDsRSzK3Q.roa
File: GlNYOR9R8w1d2CTT4NiDsRSzK3Q.roa (raw, json)
Hash identifier: PGQK5LS70EyaBqye6261xxtZwcD8yeNHJEXr6DmBs18=
Subject key identifier: 1A:53:58:39:1F:51:F3:0D:5D:D8:24:D3:E0:D8:83:B1:14:B3:2B:74
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01866DD1E7CD15C6C250994B0380FDBF1FF9
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/GlNYOR9R8w1d2CTT4NiDsRSzK3Q.roa
Signing time: Mon 20 Feb 2023 07:55:18 +0000
ROA not before: Mon 20 Feb 2023 07:55:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 212.113.120.0/22 maxlen: 22
212.113.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 18 May 2023 14:45:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:d1:e7:cd:15:c6:c2:50:99:4b:03:80:fd:bf:1f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Feb 20 07:55:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a5358391f51f30d5dd824d3e0d883b114b32b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b6:a2:ec:9f:32:73:16:c8:a1:e7:7b:42:25:
ad:cc:e0:fb:19:d8:dc:b7:a9:54:3b:99:2f:2b:a8:
16:80:4d:99:68:80:70:07:ac:19:ee:b0:9c:1f:73:
1f:7c:ab:ae:3b:b2:da:84:33:41:ed:8f:e7:7b:68:
e6:2c:35:4b:d8:8e:e9:20:bf:9a:5a:a9:c7:79:ab:
86:59:09:4d:a2:c2:6a:f8:24:d1:7f:e5:a6:61:84:
23:2c:07:f2:14:bd:ca:3e:d4:62:4a:56:ca:f2:77:
24:ee:f5:a4:a0:03:0c:3f:0b:54:97:a7:4a:39:9a:
88:3b:4a:ea:30:7d:9d:df:2a:4a:2f:16:50:79:f4:
4f:87:c1:ab:bc:59:a0:a1:fa:5a:88:cd:2e:8c:d2:
8f:7f:75:52:24:a2:75:73:25:3f:a8:b3:ea:08:aa:
85:92:1e:76:ab:7e:ac:cf:02:56:48:7d:8d:94:b2:
36:ff:32:1d:b3:b3:19:5f:e9:e9:69:14:15:da:5e:
9c:f9:4a:c7:0e:8b:fe:ea:5d:e0:f6:ed:de:09:0f:
27:c5:e7:81:82:8f:29:3e:80:df:69:e5:e1:8a:65:
55:92:1e:9f:f2:93:2e:96:b4:4e:14:fd:cd:74:a6:
10:e4:a7:4d:82:78:b8:0e:9f:6f:59:80:85:06:fb:
bc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:53:58:39:1F:51:F3:0D:5D:D8:24:D3:E0:D8:83:B1:14:B3:2B:74
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/GlNYOR9R8w1d2CTT4NiDsRSzK3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.100.0/22
212.113.120.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:c9:8d:77:78:b7:e1:23:9d:99:e7:62:60:3b:b4:7d:1d:dd:
54:09:e0:be:7a:6a:55:b5:4d:64:01:3d:5a:e7:f4:9a:bd:54:
76:2b:84:cf:bd:0d:51:fa:a8:99:bc:78:16:4b:5f:31:1f:93:
88:61:ab:e9:20:cd:db:b7:fc:b9:bf:d1:5c:70:2a:37:5a:2b:
0d:cc:32:a3:83:db:9b:63:cf:cb:cc:75:7c:37:73:c6:8c:2a:
1e:04:11:2d:4d:4f:39:e3:75:e2:89:a6:8d:9b:f5:3c:38:fa:
1e:f9:e7:2b:ad:b7:44:87:03:54:f3:c7:60:c4:92:e0:f4:28:
85:7a:0e:b2:25:33:e0:5d:b6:a0:03:19:c8:21:b4:08:ae:80:
bd:b1:a0:37:14:55:f2:24:bb:a2:84:32:b5:97:2b:25:4b:0b:
5b:48:d2:c0:d8:a2:a3:bc:a0:12:78:73:7d:66:69:7b:95:b1:
8d:a5:64:4e:ce:1c:37:23:c0:4b:96:d9:55:46:54:20:16:5c:
95:e7:ce:af:e5:21:b5:74:30:db:68:16:b7:b7:b9:98:b7:73:
6c:b6:a7:6a:78:ce:c0:07:d2:a1:67:c4:fc:af:da:17:98:64:
0e:8b:c4:da:52:7c:ba:d1:d5:75:f6:ed:07:7d:b3:48:c4:6b:
4d:99:e3:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZt0efNFcbCUJlLA4D9vx/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwMjIwMDc1NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTUzNTgzOTFmNTFmMzBkNWRkODI0ZDNlMGQ4ODNiMTE0YjMyYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7ai7J8ycxbIoed7QiWtzOD7Gdjc
t6lUO5kvK6gWgE2ZaIBwB6wZ7rCcH3MffKuuO7LahDNB7Y/ne2jmLDVL2I7pIL+a
WqnHeauGWQlNosJq+CTRf+WmYYQjLAfyFL3KPtRiSlbK8nck7vWkoAMMPwtUl6dK
OZqIO0rqMH2d3ypKLxZQefRPh8GrvFmgofpaiM0ujNKPf3VSJKJ1cyU/qLPqCKqF
kh52q36szwJWSH2NlLI2/zIds7MZX+npaRQV2l6c+UrHDov+6l3g9u3eCQ8nxeeB
go8pPoDfaeXhimVVkh6f8pMulrROFP3NdKYQ5KdNgni4Dp9vWYCFBvu89QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpTWDkfUfMNXdgk0+DYg7EUsyt0MB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvR2xOWU9SOVI4dzFkMkNUVDROaURzUlN6SzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1HFkAwQC
1HF4MA0GCSqGSIb3DQEBCwUAA4IBAQB6yY13eLfhI52Z52JgO7R9Hd1UCeC+empV
tU1kAT1a5/SavVR2K4TPvQ1R+qiZvHgWS18xH5OIYavpIM3bt/y5v9FccCo3WisN
zDKjg9ubY8/LzHV8N3PGjCoeBBEtTU8543XiiaaNm/U8OPoe+ecrrbdEhwNU88dg
xJLg9CiFeg6yJTPgXbagAxnIIbQIroC9saA3FFXyJLuihDK1lyslSwtbSNLA2KKj
vKASeHN9Zml7lbGNpWROzhw3I8BLltlVRlQgFlyV586v5SG1dDDbaBa3t7mYt3Ns
tqdqeM7AB9KhZ8T8r9oXmGQOi8TaUny60dV19u0HfbNIxGtNmeMb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:44 2024 by rpki-client on console-ams.rpki-client.org