Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/1MTUV_zM9pk_cQgcWjmgFvqVc-4.roa
File: 1MTUV_zM9pk_cQgcWjmgFvqVc-4.roa (raw, json)
Hash identifier: BcEZfsWkYIkZV95gytTGx/REnTXJwa2edn2iMX4CqFs=
Subject key identifier: D4:C4:D4:57:FC:CC:F6:99:3F:71:08:1C:5A:39:A0:16:FA:95:73:EE
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 01856F9DCA16053F8A6DD55B81863566284A
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/1MTUV_zM9pk_cQgcWjmgFvqVc-4.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43022
IP address blocks: 212.1.127.0/24 maxlen: 24
212.1.74.0/23 maxlen: 23
212.1.73.0/24 maxlen: 24
212.1.78.0/23 maxlen: 23
212.1.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ca:16:05:3f:8a:6d:d5:5b:81:86:35:66:28:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4c4d457fcccf6993f71081c5a39a016fa9573ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5d:c9:78:0c:fb:e0:3e:4f:6f:52:5c:c9:11:
13:c5:39:94:2e:2d:c4:91:6b:f7:c9:4a:0c:ae:dc:
d1:76:f6:c7:78:ff:62:af:c8:57:14:9f:81:f6:38:
a6:5c:4f:78:1a:10:cc:89:99:30:4c:04:60:6f:60:
a5:3c:f2:3e:8a:0c:69:62:a5:cb:06:19:e9:1d:6e:
6d:37:10:6c:d2:b9:16:6c:2e:18:44:0a:23:ff:25:
02:f0:ec:8c:9a:58:2e:1e:c9:01:56:99:a4:f3:4e:
da:eb:b1:20:1d:3e:ac:23:33:8f:f0:66:1b:87:f2:
b7:8c:65:36:ff:0b:50:d3:75:f8:be:bb:18:3f:a1:
e0:fb:8f:6e:6f:41:d9:63:00:c2:09:08:e1:20:d8:
c8:74:dc:e7:95:80:26:32:4b:34:1d:c5:b7:1b:fe:
ac:39:a0:8a:97:f1:b4:ef:fc:77:5c:be:7c:e6:15:
a4:48:19:cd:f9:4c:aa:0c:e3:88:d2:19:a8:d5:9e:
5d:d1:de:e8:5e:52:50:dc:40:cb:27:62:a1:20:69:
38:9d:71:9f:df:09:d2:b0:65:8a:1d:07:10:a3:86:
cd:ae:84:92:b3:9a:2c:1a:4a:97:2f:e7:ce:05:1a:
6b:1e:18:b3:cd:52:66:c2:cf:c6:51:a9:08:03:da:
9c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C4:D4:57:FC:CC:F6:99:3F:71:08:1C:5A:39:A0:16:FA:95:73:EE
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/1MTUV_zM9pk_cQgcWjmgFvqVc-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.73.0-212.1.75.255
212.1.78.0/23
212.1.82.0/23
212.1.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:8e:c2:6a:f5:e0:67:e7:8f:c9:29:fe:f0:d9:60:53:9d:43:
ab:23:5a:07:b3:ea:b7:00:68:4b:5d:1b:2c:3c:d9:8b:8d:82:
20:1f:9d:91:c9:9f:3a:c4:08:b1:67:29:5f:dd:94:ab:12:01:
02:06:4e:d8:22:76:5c:d4:16:b8:c9:fb:a9:14:d1:8a:fd:f1:
70:35:75:a0:ae:e0:d5:21:e3:e3:02:7a:de:7c:39:ec:92:2a:
9a:22:2f:d8:59:c1:7b:be:8d:f4:19:a2:b3:c2:b2:94:aa:3a:
db:79:f7:c6:7b:81:a5:ef:c6:66:2b:00:0c:78:38:b7:e7:2d:
e3:4c:33:e0:28:1b:41:d0:71:c0:74:17:13:a8:5e:99:a3:21:
b4:09:8c:38:e1:49:7b:09:b8:14:5d:85:f3:33:2f:54:48:bb:
f2:88:73:b9:e2:cd:88:ae:ed:e1:d0:8d:16:a1:d0:45:4b:8c:
ce:e2:82:f9:ef:0c:bc:e4:df:b6:b1:4e:d4:af:49:e4:c9:da:
78:6e:a2:db:5a:03:bf:23:ea:34:1e:d6:40:73:d1:69:ce:c0:
34:e1:eb:2b:6a:4a:8f:08:f6:cc:e0:3d:43:f0:96:35:9e:bb:
57:76:c9:48:9e:30:ec:e4:65:c6:88:1d:eb:7b:19:87:95:74:
91:a8:36:9f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvncoWBT+KbdVbgYY1ZihKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGM0ZDQ1N2ZjY2NmNjk5M2Y3MTA4MWM1YTM5YTAxNmZhOTU3M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V3JeAz74D5Pb1JcyRETxTmULi3E
kWv3yUoMrtzRdvbHeP9ir8hXFJ+B9jimXE94GhDMiZkwTARgb2ClPPI+igxpYqXL
BhnpHW5tNxBs0rkWbC4YRAoj/yUC8OyMmlguHskBVpmk807a67EgHT6sIzOP8GYb
h/K3jGU2/wtQ03X4vrsYP6Hg+49ub0HZYwDCCQjhINjIdNznlYAmMks0HcW3G/6s
OaCKl/G07/x3XL585hWkSBnN+UyqDOOI0hmo1Z5d0d7oXlJQ3EDLJ2KhIGk4nXGf
3wnSsGWKHQcQo4bNroSSs5osGkqXL+fOBRprHhizzVJmws/GUakIA9qcwwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNTE1Ff8zPaZP3EIHFo5oBb6lXPuMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvMU1UVVZfek05cGtfY1FnY1dqbWdGdnFWYy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBADUAUkD
BALUAUgDBAHUAU4DBAHUAVIDBADUAX8wDQYJKoZIhvcNAQELBQADggEBAFqOwmr1
4Gfnj8kp/vDZYFOdQ6sjWgez6rcAaEtdGyw82YuNgiAfnZHJnzrECLFnKV/dlKsS
AQIGTtgidlzUFrjJ+6kU0Yr98XA1daCu4NUh4+MCet58OeySKpoiL9hZwXu+jfQZ
orPCspSqOtt598Z7gaXvxmYrAAx4OLfnLeNMM+AoG0HQccB0FxOoXpmjIbQJjDjh
SXsJuBRdhfMzL1RIu/KIc7nizYiu7eHQjRah0EVLjM7igvnvDLzk37axTtSvSeTJ
2nhuottaA78j6jQe1kBz0WnOwDTh6ytqSo8I9szgPUPwljWeu1d2yUieMOzkZcaI
Het7GYeVdJGoNp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:12 2024 by rpki-client on console-ams.rpki-client.org