Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/3kr4M8nGsntSrJ4IUgAj5r33HiI.roa
File: 3kr4M8nGsntSrJ4IUgAj5r33HiI.roa (raw, json)
Hash identifier: C0SpBjvDO2of6mB/0r74Sc8lVNPeszZr3qaeHnGul5E=
Subject key identifier: DE:4A:F8:33:C9:C6:B2:7B:52:AC:9E:08:52:00:23:E6:BD:F7:1E:22
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FC530865D630AD3C6303475C2E8A4C954
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/3kr4M8nGsntSrJ4IUgAj5r33HiI.roa
Signing time: Wed 29 May 2024 16:30:42 +0000
ROA not before: Wed 29 May 2024 16:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 05:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c5:30:86:5d:63:0a:d3:c6:30:34:75:c2:e8:a4:c9:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: May 29 16:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de4af833c9c6b27b52ac9e08520023e6bdf71e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:fa:34:c9:a5:7b:7b:d8:62:22:69:c4:2f:
79:b1:80:90:45:17:06:b2:15:20:e3:8b:e9:c9:23:
ba:f1:40:14:0d:00:42:e2:ce:a6:96:3e:3f:2a:86:
5c:20:82:55:1b:34:2a:57:c3:c6:aa:18:11:08:7e:
6c:8b:20:51:1b:f4:28:c4:93:74:e5:09:2b:13:39:
07:59:6a:cf:91:5c:83:48:f9:15:ff:0d:52:fa:21:
9c:7e:5e:0f:a0:99:04:40:f7:d1:3d:55:a3:f7:41:
a2:a9:72:15:f5:99:a2:dd:b8:0c:6c:95:b4:a7:f7:
28:da:b4:a4:e5:3c:70:4f:01:24:39:00:18:94:52:
55:b4:98:86:d9:98:09:eb:f2:a6:27:b5:56:6b:2e:
7b:f4:4e:ca:e5:0d:51:06:01:1c:b9:f3:b5:f2:ab:
8b:9f:3a:5b:a7:69:27:40:f9:c5:95:64:34:bd:cc:
0d:bd:82:51:47:5c:56:5a:f8:cb:aa:21:e7:be:d0:
94:69:1d:be:b9:89:b4:f2:56:d0:45:5b:2d:bd:bf:
bf:a4:28:59:95:a3:d7:04:13:6a:da:1a:d6:35:f6:
4a:54:75:91:de:9e:1e:34:a6:fb:2c:74:81:b3:d9:
7f:dd:ad:e9:35:23:1a:18:de:36:1f:f1:6c:cd:70:
9c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4A:F8:33:C9:C6:B2:7B:52:AC:9E:08:52:00:23:E6:BD:F7:1E:22
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/3kr4M8nGsntSrJ4IUgAj5r33HiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:ad:0c:72:56:5b:82:6c:9d:1b:3f:ec:37:30:f5:5f:4d:a6:
b0:fa:26:c1:9d:b9:0d:6a:00:87:56:de:a9:65:76:f1:ee:cc:
89:87:49:0d:dc:32:d9:e6:f8:8f:80:91:b1:28:24:2f:b8:70:
54:cb:59:01:1e:02:ee:4e:c5:5e:4f:ea:73:b7:91:d8:62:48:
99:87:40:95:17:64:45:4d:7f:23:8b:a9:f3:2a:66:a1:c6:3d:
be:5c:c0:dc:fc:a9:40:ea:2f:37:ab:92:2b:b7:cb:ae:f8:4d:
7c:b6:ad:5e:2a:ea:da:5e:f9:51:ec:e7:82:e5:17:b9:e1:5e:
46:e5:3d:7d:ce:93:da:de:0b:36:ed:d7:71:87:f2:79:54:e8:
3c:ca:1e:34:84:f3:e3:7c:49:8d:d1:6b:a9:ca:6c:f4:05:9f:
e1:4d:af:58:1b:2e:a4:ad:c4:d8:56:d2:5b:2f:97:66:ef:9b:
65:d9:c5:dd:d1:e1:0e:6b:20:f4:3f:08:38:d3:2a:1f:76:b0:
69:16:8d:88:c8:cf:78:9c:db:03:5b:ba:46:95:0e:ab:91:58:
e2:2f:98:a5:20:b5:c0:63:b1:0f:fe:ed:a8:51:9e:76:00:a7:
87:78:26:f1:20:d2:1c:52:2b:2e:96:90:9f:91:68:4a:eb:de:
b8:b5:41:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/FMIZdYwrTxjA0dcLopMlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNTI5MTYzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRhZjgzM2M5YzZiMjdiNTJhYzllMDg1MjAwMjNlNmJkZjcxZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdX6NMmle3vYYiJpxC95sYCQRRcG
shUg44vpySO68UAUDQBC4s6mlj4/KoZcIIJVGzQqV8PGqhgRCH5siyBRG/QoxJN0
5QkrEzkHWWrPkVyDSPkV/w1S+iGcfl4PoJkEQPfRPVWj90GiqXIV9Zmi3bgMbJW0
p/co2rSk5TxwTwEkOQAYlFJVtJiG2ZgJ6/KmJ7VWay579E7K5Q1RBgEcufO18quL
nzpbp2knQPnFlWQ0vcwNvYJRR1xWWvjLqiHnvtCUaR2+uYm08lbQRVstvb+/pChZ
laPXBBNq2hrWNfZKVHWR3p4eNKb7LHSBs9l/3a3pNSMaGN42H/FszXCc0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5K+DPJxrJ7UqyeCFIAI+a99x4iMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvM2tyNE04bkdzbnRTcko0SVVnQWo1cjMzSGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1CrAMA0G
CSqGSIb3DQEBCwUAA4IBAQCyrQxyVluCbJ0bP+w3MPVfTaaw+ibBnbkNagCHVt6p
ZXbx7syJh0kN3DLZ5viPgJGxKCQvuHBUy1kBHgLuTsVeT+pzt5HYYkiZh0CVF2RF
TX8ji6nzKmahxj2+XMDc/KlA6i83q5Irt8uu+E18tq1eKuraXvlR7OeC5Re54V5G
5T19zpPa3gs27ddxh/J5VOg8yh40hPPjfEmN0Wupymz0BZ/hTa9YGy6krcTYVtJb
L5dm75tl2cXd0eEOayD0Pwg40yofdrBpFo2IyM94nNsDW7pGlQ6rkVjiL5ilILXA
Y7EP/u2oUZ52AKeHeCbxINIcUisulpCfkWhK6964tUGV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:57 2025 by rpki-client