Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-KNd2DIsZ0UvUyK_5m7xQxgHd2c.roa
File: 1-KNd2DIsZ0UvUyK_5m7xQxgHd2c.roa (raw, json)
Hash identifier: wa2SyUuKW4oNaGHVgXVxff6gJtMS2yFXg/QKHIz8u2I=
Subject key identifier: F8:A3:5D:D8:32:2C:67:45:2F:53:22:BF:E6:6E:F1:43:18:07:77:67
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01939B8B10883ADFD5EC426FCBEA86F291C6
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-KNd2DIsZ0UvUyK_5m7xQxgHd2c.roa
Signing time: Fri 06 Dec 2024 10:36:42 +0000
ROA not before: Fri 06 Dec 2024 10:36:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59538
IP address blocks: 212.42.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Dec 2024 13:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:8b:10:88:3a:df:d5:ec:42:6f:cb:ea:86:f2:91:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 6 10:36:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8a35dd8322c67452f5322bfe66ef14318077767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fd:57:cd:9d:a6:e7:70:97:62:78:fa:3f:8e:
71:a3:34:de:c3:19:83:ea:d0:25:f4:42:f0:5b:c2:
30:48:01:9c:5c:b9:fb:bf:9a:e8:0a:db:24:0b:c3:
21:00:ef:4c:a9:c4:84:6e:f5:a7:51:0d:0c:b3:8f:
1a:63:c4:08:aa:a6:f8:57:de:08:b9:27:4d:59:9a:
40:87:e0:fd:43:eb:0a:30:a7:a0:52:47:a4:f1:5e:
5a:91:bd:4d:05:ee:a0:77:3a:fb:c3:54:cb:d4:6a:
8f:bc:3a:d7:2d:ab:df:fa:66:8c:3c:d8:3e:4b:b1:
ea:47:f6:94:58:39:08:3c:4c:2a:7f:d3:f2:d5:25:
9c:06:9c:94:f4:e6:29:7a:87:1c:a9:83:de:82:34:
70:df:20:2f:65:3a:19:80:45:43:eb:f8:c9:f9:eb:
27:ce:ee:ab:a1:14:38:38:8e:00:18:b6:89:0c:39:
92:2a:bf:af:fd:df:2d:9c:24:64:06:b3:94:62:50:
22:5d:b9:c6:b4:34:4f:d2:5e:69:e5:7f:fd:93:83:
73:d3:a6:fd:76:a9:b0:7e:b6:64:31:28:55:0c:91:
a0:b9:c9:cf:e8:02:bc:90:bb:be:2d:88:51:bf:ce:
19:fb:08:ae:70:0d:ff:d9:a2:94:a3:a3:4d:f3:e8:
9f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A3:5D:D8:32:2C:67:45:2F:53:22:BF:E6:6E:F1:43:18:07:77:67
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-KNd2DIsZ0UvUyK_5m7xQxgHd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.42.208.0/20
Signature Algorithm: sha256WithRSAEncryption
de:1f:21:4e:11:1c:a0:3c:73:c3:a8:2c:38:ec:0b:bc:49:49:
8f:8f:27:d9:f6:7e:30:9d:74:41:2c:4a:7a:49:c1:49:04:b9:
9c:11:08:59:b4:59:02:fb:6f:b5:f4:32:38:d6:98:ed:0d:55:
2a:d8:48:0a:32:bc:da:15:80:da:56:b5:dc:00:03:74:cd:00:
f9:d1:7c:89:a6:65:a4:8d:91:6c:0f:e5:9b:11:8c:44:5d:4b:
9c:8e:3d:b4:d7:de:b7:de:e8:02:00:13:f4:7b:ac:68:33:d0:
d6:26:9e:61:8f:37:d3:8d:94:b2:0d:96:8a:f5:75:dc:23:bc:
df:c4:41:c3:4b:a5:86:22:7f:9d:dc:19:53:f6:5d:5c:a1:70:
b3:e7:b9:88:4f:16:98:5c:48:21:fc:cf:31:f2:c7:e7:12:74:
28:f3:3c:a5:23:6f:0f:16:0c:6d:cb:66:03:1e:f8:08:bb:d8:
e9:81:53:a1:d2:b2:56:e9:14:15:10:59:5c:e7:f4:06:b6:94:
68:ea:78:43:b9:37:6c:39:8c:81:62:52:b4:22:56:af:e8:34:
0d:38:d0:8d:56:73:26:c2:12:49:44:60:c5:11:fb:13:75:8c:
80:87:25:0e:c8:d5:eb:8a:47:d9:27:4e:ed:12:df:10:23:df:
50:0a:9c:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZObixCIOt/V7EJvy+qG8pHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMjA2MTAzNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGEzNWRkODMyMmM2NzQ1MmY1MzIyYmZlNjZlZjE0MzE4MDc3NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/1XzZ2m53CXYnj6P45xozTewxmD
6tAl9ELwW8IwSAGcXLn7v5roCtskC8MhAO9MqcSEbvWnUQ0Ms48aY8QIqqb4V94I
uSdNWZpAh+D9Q+sKMKegUkek8V5akb1NBe6gdzr7w1TL1GqPvDrXLavf+maMPNg+
S7HqR/aUWDkIPEwqf9Py1SWcBpyU9OYpeoccqYPegjRw3yAvZToZgEVD6/jJ+esn
zu6roRQ4OI4AGLaJDDmSKr+v/d8tnCRkBrOUYlAiXbnGtDRP0l5p5X/9k4Nz06b9
dqmwfrZkMShVDJGgucnP6AK8kLu+LYhRv84Z+wiucA3/2aKUo6NN8+ifgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPijXdgyLGdFL1Miv+Zu8UMYB3dnMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMS1LTmQyRElzWjBVdlV5S181bTd4UXhnSGQyYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvMWMwODRjLTk4MmQtNDA5OC1hZjQyLTM0MjViMTI1ZWFh
Ny8xL0RYSXVSUk9qbG5qWXF5T3kxa2wzVTBCUmpMay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNQq0DAN
BgkqhkiG9w0BAQsFAAOCAQEA3h8hThEcoDxzw6gsOOwLvElJj48n2fZ+MJ10QSxK
eknBSQS5nBEIWbRZAvtvtfQyONaY7Q1VKthICjK82hWA2la13AADdM0A+dF8iaZl
pI2RbA/lmxGMRF1LnI49tNfet97oAgAT9HusaDPQ1iaeYY83042Usg2WivV13CO8
38RBw0ulhiJ/ndwZU/ZdXKFws+e5iE8WmFxIIfzPMfLH5xJ0KPM8pSNvDxYMbctm
Ax74CLvY6YFTodKyVukUFRBZXOf0BraUaOp4Q7k3bDmMgWJStCJWr+g0DTjQjVZz
JsISSURgxRH7E3WMgIclDsjV64pH2SdO7RLfECPfUAqcGg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:47 2025 by rpki-client