Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/ndCjOXNFDTmK2vClYVraTNgjUPQ.roa
File: ndCjOXNFDTmK2vClYVraTNgjUPQ.roa (raw, json)
Hash identifier: 8ZaKq6ta62poJz/8iYJFt1LOMNir5TGA4Ks9ZVnI0/o=
Subject key identifier: 9D:D0:A3:39:73:45:0D:39:8A:DA:F0:A5:61:5A:DA:4C:D8:23:50:F4
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 01856F9DCC530767137D2C8F0922504F6A0E
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/ndCjOXNFDTmK2vClYVraTNgjUPQ.roa
Signing time: Sun 01 Jan 2023 23:14:50 +0000
ROA not before: Sun 01 Jan 2023 23:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203477
IP address blocks: 212.1.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:cc:53:07:67:13:7d:2c:8f:09:22:50:4f:6a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 23:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd0a33973450d398adaf0a5615ada4cd82350f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:68:42:49:f9:7e:ab:a5:d1:26:81:59:68:86:
80:ee:19:be:e7:d0:9f:1f:6d:9c:5b:08:bc:ec:d2:
31:c0:19:6b:dd:2c:b6:b9:58:57:b0:7e:5b:5a:51:
f5:9f:cb:e9:0c:a0:62:d1:9e:9c:fd:23:c8:73:6e:
27:3e:88:7b:9f:b1:aa:ec:8a:b9:1c:8a:51:cb:53:
d0:29:57:f0:06:ff:23:ab:72:6f:08:f5:fd:4c:bb:
34:e3:c0:14:da:10:a8:19:35:6b:00:48:8f:59:9c:
74:f4:fd:69:5b:59:98:f8:26:94:3b:62:8f:75:84:
9c:51:ca:a7:46:ad:1b:97:a4:f1:9e:89:88:18:5a:
53:02:a1:55:3e:64:53:61:8f:5a:b3:c8:1b:13:57:
71:81:c3:8f:50:84:60:9b:87:56:6c:b0:ea:4d:48:
35:a8:c3:63:54:d5:39:d3:5d:c0:02:40:91:f4:59:
de:19:16:57:2c:a3:39:b8:6d:d8:3b:46:4e:84:24:
8c:d6:74:77:b9:f8:b7:8f:3b:3d:da:1a:ec:ef:fb:
3d:0a:e7:94:ab:7e:7b:f7:88:02:91:0e:aa:02:8a:
d3:68:24:5d:f8:91:42:7f:4c:0a:0a:f7:5c:d4:9f:
fb:6a:6d:74:79:67:b2:f9:93:2b:4e:39:c1:cb:a6:
b2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D0:A3:39:73:45:0D:39:8A:DA:F0:A5:61:5A:DA:4C:D8:23:50:F4
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/ndCjOXNFDTmK2vClYVraTNgjUPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.65.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b2:0b:0b:ea:e7:57:b3:a0:21:fa:09:05:82:e5:05:1a:78:
50:c4:51:fe:97:bd:18:58:10:c4:fe:9c:ae:08:9d:8d:c9:b9:
87:0e:0a:43:07:11:df:a9:55:30:d0:07:62:89:2b:b8:25:f5:
90:5e:19:49:4c:1b:68:e5:51:b7:5b:9d:27:65:48:ed:8a:17:
df:8b:ce:84:ac:f7:72:1b:eb:93:47:6c:c2:59:47:e6:d6:15:
f1:47:a1:c3:3f:5c:ff:10:db:a8:2c:1c:36:1d:ad:f4:0e:6b:
a6:dc:8c:41:aa:e0:b5:39:30:27:5a:04:7e:6f:3f:a3:31:de:
28:70:db:60:9c:b8:c8:ef:de:15:40:52:cb:08:40:74:ca:a1:
d9:16:08:3a:90:2b:fb:22:2a:fc:d1:30:d0:92:79:1c:72:a7:
70:5b:15:34:af:e3:cb:e4:fd:75:9d:2c:4c:a1:72:81:9c:f3:
2c:a3:a6:31:ed:c9:ec:61:5a:6d:02:a9:d5:dd:dd:83:eb:7f:
cc:fb:99:44:c9:5d:7b:b6:6c:7c:2f:9b:e1:ea:4b:fb:4f:9b:
11:30:9a:7a:c1:1f:2f:75:26:21:68:47:3a:2a:10:6f:9a:34:
f2:0d:c0:b6:dd:1b:2f:43:53:8e:76:01:b9:eb:a5:e6:43:6f:
3e:72:bf:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvncxTB2cTfSyPCSJQT2oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjMwMTAxMjMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQwYTMzOTczNDUwZDM5OGFkYWYwYTU2MTVhZGE0Y2Q4MjM1MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmhCSfl+q6XRJoFZaIaA7hm+59Cf
H22cWwi87NIxwBlr3Sy2uVhXsH5bWlH1n8vpDKBi0Z6c/SPIc24nPoh7n7Gq7Iq5
HIpRy1PQKVfwBv8jq3JvCPX9TLs048AU2hCoGTVrAEiPWZx09P1pW1mY+CaUO2KP
dYScUcqnRq0bl6TxnomIGFpTAqFVPmRTYY9as8gbE1dxgcOPUIRgm4dWbLDqTUg1
qMNjVNU5013AAkCR9FneGRZXLKM5uG3YO0ZOhCSM1nR3ufi3jzs92hrs7/s9CueU
q35794gCkQ6qAorTaCRd+JFCf0wKCvdc1J/7am10eWey+ZMrTjnBy6ayXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3QozlzRQ05itrwpWFa2kzYI1D0MB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvbmRDak9YTkZEVG1LMnZDbFlWcmFUTmdqVVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AFBMA0G
CSqGSIb3DQEBCwUAA4IBAQATsgsL6udXs6Ah+gkFguUFGnhQxFH+l70YWBDE/pyu
CJ2NybmHDgpDBxHfqVUw0AdiiSu4JfWQXhlJTBto5VG3W50nZUjtihffi86ErPdy
G+uTR2zCWUfm1hXxR6HDP1z/ENuoLBw2Ha30Dmum3IxBquC1OTAnWgR+bz+jMd4o
cNtgnLjI794VQFLLCEB0yqHZFgg6kCv7Iir80TDQknkccqdwWxU0r+PL5P11nSxM
oXKBnPMso6Yx7cnsYVptAqnV3d2D63/M+5lEyV17tmx8L5vh6kv7T5sRMJp6wR8v
dSYhaEc6KhBvmjTyDcC23RsvQ1OOdgG566XmQ28+cr87
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:12 2024 by rpki-client on console-ams.rpki-client.org