Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/WKQTPPXohPJ-tGWZsahmurF3j6w.roa
File: WKQTPPXohPJ-tGWZsahmurF3j6w.roa (raw, json)
Hash identifier: A/zfKSy7gW/1uRrm2ta4iYEBkWNVfkEOMfBmXC84spc=
Subject key identifier: 58:A4:13:3C:F5:E8:84:F2:7E:B4:65:99:B1:A8:66:BA:B1:77:8F:AC
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01867353CDABDAA32D54DDBE29EADF132837
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/WKQTPPXohPJ-tGWZsahmurF3j6w.roa
Signing time: Tue 21 Feb 2023 09:35:17 +0000
ROA not before: Tue 21 Feb 2023 09:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207967
IP address blocks: 212.113.120.0/22 maxlen: 22
212.113.119.0/24 maxlen: 24
212.113.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 18 May 2023 14:45:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:53:cd:ab:da:a3:2d:54:dd:be:29:ea:df:13:28:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Feb 21 09:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58a4133cf5e884f27eb46599b1a866bab1778fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d2:0b:47:1e:9a:61:87:56:e5:75:d3:f1:36:
88:50:7f:ab:b3:f7:12:5a:d4:74:21:67:38:3c:34:
ed:56:82:fd:99:48:95:60:df:38:d2:db:b3:39:c4:
ba:fb:43:5d:0b:e5:f7:4f:1d:27:25:68:f8:2e:85:
9e:e4:a2:4d:84:bf:cf:d8:6a:ad:c1:ac:c4:e3:b7:
60:43:39:9b:f9:e1:44:c9:55:d2:92:d3:d2:8f:50:
60:f4:fa:56:87:54:ee:37:ad:83:44:3c:7b:53:bc:
b1:0f:fc:e0:8e:7b:ab:3f:c0:e4:25:c3:8a:f2:a8:
93:8f:b1:00:c0:9d:e6:7b:51:23:5b:e8:d5:45:bb:
c8:7d:61:60:a8:d8:73:9a:f6:92:c1:bd:51:75:b8:
5b:84:2c:6f:6c:96:84:56:6b:a6:a7:f6:d1:49:9c:
39:b5:34:f7:dd:a0:ce:62:6a:5b:c2:ed:0a:ac:4e:
00:2d:15:01:38:44:a3:f7:04:d3:c8:4e:38:06:34:
d5:fe:73:a3:54:e3:4f:34:b9:5f:a8:f6:ca:21:09:
cf:50:01:35:e9:48:5f:ba:39:9c:11:72:a5:75:70:
1d:16:59:0f:90:80:c8:ec:7e:ab:3b:50:1d:bc:81:
b7:dc:24:03:63:53:ce:5a:78:1e:d9:d2:46:84:56:
31:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A4:13:3C:F5:E8:84:F2:7E:B4:65:99:B1:A8:66:BA:B1:77:8F:AC
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/WKQTPPXohPJ-tGWZsahmurF3j6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.100.0/22
212.113.119.0-212.113.123.255
Signature Algorithm: sha256WithRSAEncryption
49:9a:45:37:50:b5:66:eb:b1:a5:7d:a7:67:d5:57:7b:04:b7:
72:9a:62:58:85:7d:d5:e6:0f:df:ff:6f:a4:64:69:e5:c8:48:
04:d9:cd:ce:74:09:a6:9c:58:e8:b1:78:68:2c:0f:f5:fd:0e:
a8:11:24:75:2f:f7:9a:06:89:23:f5:d8:85:4e:ba:06:9a:41:
38:c6:e1:7b:b3:95:37:92:e4:0a:f5:98:18:e5:5b:52:95:11:
c9:0a:6c:98:a3:10:bf:ea:20:5f:1b:14:75:cd:c2:76:71:66:
ee:af:06:a1:ee:77:94:06:82:ff:0f:64:07:eb:8b:6f:6b:ff:
91:82:59:bd:04:09:19:d8:c0:20:f5:ee:3e:06:e5:7f:e6:33:
57:bf:df:c1:5e:ae:36:91:e4:55:88:71:22:0b:cc:ec:91:a3:
f0:6b:d9:c5:15:15:f7:85:4d:fe:78:39:94:38:3a:1b:3a:f4:
0e:d6:a7:97:e6:72:81:a2:ff:77:d8:a5:69:f0:d6:1f:d3:c8:
4b:3c:65:77:b4:16:60:91:19:ac:3b:ff:29:50:bf:82:de:f5:
38:15:be:ab:b7:f8:a8:81:af:0b:f6:7e:e9:37:43:08:17:c6:
5c:c8:19:7c:3b:08:8d:97:0a:37:7c:8e:7f:94:ad:40:96:8f:
69:76:bd:15
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYZzU82r2qMtVN2+KerfEyg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwMjIxMDkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGE0MTMzY2Y1ZTg4NGYyN2ViNDY1OTliMWE4NjZiYWIxNzc4ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidILRx6aYYdW5XXT8TaIUH+rs/cS
WtR0IWc4PDTtVoL9mUiVYN840tuzOcS6+0NdC+X3Tx0nJWj4LoWe5KJNhL/P2Gqt
wazE47dgQzmb+eFEyVXSktPSj1Bg9PpWh1TuN62DRDx7U7yxD/zgjnurP8DkJcOK
8qiTj7EAwJ3me1EjW+jVRbvIfWFgqNhzmvaSwb1RdbhbhCxvbJaEVmump/bRSZw5
tTT33aDOYmpbwu0KrE4ALRUBOESj9wTTyE44BjTV/nOjVONPNLlfqPbKIQnPUAE1
6UhfujmcEXKldXAdFlkPkIDI7H6rO1AdvIG33CQDY1POWnge2dJGhFYxbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFikEzz16ITyfrRlmbGoZrqxd4+sMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvV0tRVFBQWG9oUEotdEdXWnNhaG11ckYzajZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1HFkMAwD
BADUcXcDBALUcXgwDQYJKoZIhvcNAQELBQADggEBAEmaRTdQtWbrsaV9p2fVV3sE
t3KaYliFfdXmD9//b6RkaeXISATZzc50CaacWOixeGgsD/X9DqgRJHUv95oGiSP1
2IVOugaaQTjG4XuzlTeS5Ar1mBjlW1KVEckKbJijEL/qIF8bFHXNwnZxZu6vBqHu
d5QGgv8PZAfri29r/5GCWb0ECRnYwCD17j4G5X/mM1e/38FerjaR5FWIcSILzOyR
o/Br2cUVFfeFTf54OZQ4Ohs69A7Wp5fmcoGi/3fYpWnw1h/TyEs8ZXe0FmCRGaw7
/ylQv4Le9TgVvqu3+KiBrwv2fuk3QwgXxlzIGXw7CI2XCjd8jn+UrUCWj2l2vRU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:33 2024 by rpki-client on console-fra.rpki-client.org