Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/JThtne9FnwkxlVpqZx7gS5mlmDY.roa
File: JThtne9FnwkxlVpqZx7gS5mlmDY.roa (raw, json)
Hash identifier: nEdxe0TDFzk2+nmyCpBXjorP+g+30FrCM3lwVO5Nt7I=
Subject key identifier: 25:38:6D:9D:EF:45:9F:09:31:95:5A:6A:67:1E:E0:4B:99:A5:98:36
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01874A54F63B72A29A37DC1262E8B71E9EAF
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/JThtne9FnwkxlVpqZx7gS5mlmDY.roa
Signing time: Tue 04 Apr 2023 03:34:54 +0000
ROA not before: Tue 04 Apr 2023 03:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29076
IP address blocks: 212.113.125.0/24 maxlen: 24
212.113.126.0/24 maxlen: 24
37.202.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 06:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4a:54:f6:3b:72:a2:9a:37:dc:12:62:e8:b7:1e:9e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Apr 4 03:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25386d9def459f0931955a6a671ee04b99a59836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:01:39:0c:78:22:75:2f:3c:86:39:f7:0e:
17:f1:4e:5b:4b:2d:7a:62:49:fe:6f:34:da:d9:3f:
fe:f4:51:1e:9b:3c:49:a8:b9:fd:b1:7a:28:fd:92:
6d:4e:ba:bc:a2:bb:f2:74:64:68:a6:12:d4:0c:09:
55:1f:6c:4f:a8:cc:68:92:17:8a:c0:aa:f5:01:4a:
c2:94:44:c3:9b:4d:3f:4e:04:73:0f:0b:af:04:25:
00:1a:ba:c3:38:45:30:09:fa:42:08:e9:af:ae:71:
e0:fd:62:f7:59:37:14:50:32:01:78:9f:d7:32:77:
16:85:60:68:12:8b:9c:4a:02:6b:22:29:1a:42:37:
f0:a7:17:85:9d:e0:ad:94:a1:76:3d:6d:af:e3:0b:
df:37:8d:8b:31:d4:60:e6:50:b3:78:b5:a6:ec:05:
ee:47:0c:1e:eb:a9:fb:56:0d:c8:09:9a:de:fa:b7:
61:98:b1:f6:de:45:e6:03:10:9b:24:1e:00:b8:67:
05:c9:03:a5:93:de:02:46:23:12:5b:be:75:d7:3c:
31:c4:27:c9:6d:a9:5f:f4:9c:bc:37:93:41:e1:b1:
14:f6:ca:53:00:2d:7d:c2:fd:61:db:a7:fe:89:dc:
6c:d0:48:27:79:fe:f9:01:98:fd:10:e7:7f:0a:fc:
bb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:38:6D:9D:EF:45:9F:09:31:95:5A:6A:67:1E:E0:4B:99:A5:98:36
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/JThtne9FnwkxlVpqZx7gS5mlmDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.12.0/24
212.113.125.0-212.113.126.255
Signature Algorithm: sha256WithRSAEncryption
8e:5a:c2:e7:f2:f6:e6:3a:4a:e0:68:51:07:a5:03:ea:87:2f:
0e:dc:ad:1d:85:6e:08:5d:42:4c:08:8b:24:14:e8:27:5f:74:
81:3f:8f:17:88:7b:ed:0c:19:5f:81:24:c7:c6:c1:b0:34:72:
78:3e:cf:41:2e:3d:32:f1:20:e5:60:4c:8f:90:27:01:ec:3a:
73:1b:cd:8c:5e:36:33:1e:8d:20:f8:dc:12:1a:e5:25:98:ef:
a2:3f:99:75:52:a7:7d:48:15:bb:6f:7a:15:2c:79:c8:62:2e:
77:05:9b:d3:09:cb:ae:94:85:96:f2:fb:e3:05:fd:43:aa:30:
b6:19:59:d7:45:fc:ed:ac:56:a1:42:69:d6:f7:47:6a:fe:78:
ff:24:02:eb:2e:a1:68:88:cb:7d:ea:2a:8c:47:39:40:ec:56:
67:05:be:ce:3c:0d:3f:c9:2e:05:74:a8:05:2f:ce:52:1c:60:
5a:56:47:d0:7c:13:6a:49:ed:f5:38:9e:ab:37:df:da:4f:5b:
b0:91:53:ae:43:0d:d7:7f:a7:77:09:eb:cc:8d:9f:4f:4e:3c:
29:c0:8d:b0:82:e4:01:57:45:5b:30:ef:e9:b6:b7:b6:21:67:
53:c0:f5:73:7c:b2:2d:f9:0d:c4:d7:fb:38:23:b9:86:f3:99:
65:31:23:4c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYdKVPY7cqKaN9wSYui3Hp6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwNDA0MDMzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM4NmQ5ZGVmNDU5ZjA5MzE5NTVhNmE2NzFlZTA0Yjk5YTU5ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT4BOQx4InUvPIY59w4X8U5bSy16
Ykn+bzTa2T/+9FEemzxJqLn9sXoo/ZJtTrq8orvydGRophLUDAlVH2xPqMxokheK
wKr1AUrClETDm00/TgRzDwuvBCUAGrrDOEUwCfpCCOmvrnHg/WL3WTcUUDIBeJ/X
MncWhWBoEoucSgJrIikaQjfwpxeFneCtlKF2PW2v4wvfN42LMdRg5lCzeLWm7AXu
Rwwe66n7Vg3ICZre+rdhmLH23kXmAxCbJB4AuGcFyQOlk94CRiMSW7511zwxxCfJ
balf9Jy8N5NB4bEU9spTAC19wv1h26f+idxs0Egnef75AZj9EOd/Cvy7CQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCU4bZ3vRZ8JMZVaamce4EuZpZg2MB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvSlRodG5lOUZud2t4bFZwcVp4N2dTNW1sbURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJcoMMAwD
BADUcX0DBADUcX4wDQYJKoZIhvcNAQELBQADggEBAI5awufy9uY6SuBoUQelA+qH
Lw7crR2FbghdQkwIiyQU6CdfdIE/jxeIe+0MGV+BJMfGwbA0cng+z0EuPTLxIOVg
TI+QJwHsOnMbzYxeNjMejSD43BIa5SWY76I/mXVSp31IFbtvehUsechiLncFm9MJ
y66UhZby++MF/UOqMLYZWddF/O2sVqFCadb3R2r+eP8kAusuoWiIy33qKoxHOUDs
VmcFvs48DT/JLgV0qAUvzlIcYFpWR9B8E2pJ7fU4nqs339pPW7CRU65DDdd/p3cJ
68yNn09OPCnAjbCC5AFXRVsw7+m2t7YhZ1PA9XN8si35DcTX+zgjuYbzmWUxI0w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:44 2024 by rpki-client on console-ams.rpki-client.org