Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/L8TCtB-DRl9pJHP8oQEHWxWCXMo.roa
File: L8TCtB-DRl9pJHP8oQEHWxWCXMo.roa (raw, json)
Hash identifier: 7asvcUqRDDWZJMlM8R3oJq5yziu+yyCtrF3yeCxjPq0=
Subject key identifier: 2F:C4:C2:B4:1F:83:46:5F:69:24:73:FC:A1:01:07:5B:15:82:5C:CA
Certificate issuer: /CN=a4e7a0d2fc57a67bb2b7e85c3e8d78192bca0f18
Certificate serial: 018CC5DBFED8EF3F45B9F311B48889F1A1B0
Authority key identifier: A4:E7:A0:D2:FC:57:A6:7B:B2:B7:E8:5C:3E:8D:78:19:2B:CA:0F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/L8TCtB-DRl9pJHP8oQEHWxWCXMo.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56443
IP address blocks: 212.82.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Nov 2024 11:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fe:d8:ef:3f:45:b9:f3:11:b4:88:89:f1:a1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7a0d2fc57a67bb2b7e85c3e8d78192bca0f18
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fc4c2b41f83465f692473fca101075b15825cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:ab:59:2c:4f:eb:23:5f:17:9a:a0:b6:bc:
54:f0:e4:39:9d:5a:a4:16:9d:8f:31:df:35:98:6f:
80:8a:0f:8b:21:28:89:55:9d:1e:a2:45:76:f4:bc:
9f:7d:77:c9:6a:a4:98:e0:8f:06:98:ab:b9:09:c0:
65:2e:7d:de:70:34:a1:5c:de:2b:a2:24:1f:3e:10:
ef:73:90:e2:72:35:92:48:2d:95:e3:05:16:25:83:
79:22:c2:2d:08:a1:e5:36:46:88:75:33:f1:e6:c4:
c1:ff:dd:da:d1:3d:d9:b4:e3:c0:cf:9b:df:bd:cf:
3e:c1:db:ae:8b:1e:76:7b:13:d8:3e:5e:4d:05:de:
d2:9f:19:ce:3f:16:fb:51:71:29:25:f0:e7:dc:cd:
13:4e:e7:85:6c:85:53:3d:a9:02:38:ef:17:4b:86:
9b:21:35:e0:bc:b7:51:43:71:65:73:65:5d:ee:2c:
5c:dc:75:22:48:ee:d7:44:81:ba:40:d6:2c:db:ee:
f0:eb:51:7e:31:c9:62:46:39:6c:cb:09:02:da:33:
fe:cb:13:11:c9:ce:b7:0a:0b:74:68:71:d9:47:be:
4d:8a:7d:93:12:9d:1c:7c:a7:f5:97:f4:ed:ff:11:
33:52:05:a5:d0:2c:af:de:5d:b2:4c:0d:3b:dd:5c:
11:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C4:C2:B4:1F:83:46:5F:69:24:73:FC:A1:01:07:5B:15:82:5C:CA
X509v3 Authority Key Identifier:
keyid:A4:E7:A0:D2:FC:57:A6:7B:B2:B7:E8:5C:3E:8D:78:19:2B:CA:0F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/L8TCtB-DRl9pJHP8oQEHWxWCXMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.82.40.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:b8:28:4b:bb:1d:94:82:69:36:e3:dd:86:79:63:5e:cb:ba:
c1:6b:9f:c6:cb:07:4b:ab:80:c5:16:77:2a:b7:cc:81:18:20:
2b:f0:a7:9d:f9:00:b8:8f:3c:a1:e2:85:1e:2e:7f:42:a6:a3:
46:8d:26:81:d1:5e:d5:82:7c:57:44:a4:04:9f:37:6a:19:bb:
da:48:1b:85:7d:74:b2:37:00:b5:98:d8:1e:f0:ab:06:63:20:
2e:bc:a4:8f:a9:51:74:d2:21:8b:d8:88:b7:27:26:5b:9d:78:
13:e5:cf:45:c7:c5:c1:b4:54:28:5b:3a:17:04:dc:dd:c0:54:
41:0c:dd:c7:2b:3e:f7:4c:0f:fc:85:5d:41:b8:eb:db:3f:ba:
4a:55:ab:87:a9:4b:e0:a3:84:57:8b:2b:c9:6b:b8:b1:2d:83:
a2:ab:36:25:2d:67:b3:37:54:aa:f6:7f:92:94:97:50:29:56:
29:1f:f1:19:c8:b2:8e:a6:e3:9a:44:1b:f4:be:75:e5:23:74:
20:b0:7d:23:41:58:d7:2a:02:76:1e:d0:7a:a5:07:79:e9:41:
16:e2:a9:ec:f9:9b:84:c3:cf:40:2d:ac:b3:4e:34:3f:03:bf:
08:60:b2:b1:5f:20:68:17:f2:1c:8e:da:fa:69:70:a3:2b:44:
98:8f:e9:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/7Y7z9FufMRtIiJ8aGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTdhMGQyZmM1N2E2N2JiMmI3ZTg1YzNlOGQ3ODE5MmJj
YTBmMTgwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmM0YzJiNDFmODM0NjVmNjkyNDczZmNhMTAxMDc1YjE1ODI1Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0WrWSxP6yNfF5qgtrxU8OQ5nVqk
Fp2PMd81mG+Aig+LISiJVZ0eokV29LyffXfJaqSY4I8GmKu5CcBlLn3ecDShXN4r
oiQfPhDvc5DicjWSSC2V4wUWJYN5IsItCKHlNkaIdTPx5sTB/93a0T3ZtOPAz5vf
vc8+wduuix52exPYPl5NBd7SnxnOPxb7UXEpJfDn3M0TTueFbIVTPakCOO8XS4ab
ITXgvLdRQ3Flc2Vd7ixc3HUiSO7XRIG6QNYs2+7w61F+McliRjlsywkC2jP+yxMR
yc63Cgt0aHHZR75Nin2TEp0cfKf1l/Tt/xEzUgWl0Cyv3l2yTA073VwROwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/EwrQfg0ZfaSRz/KEBB1sVglzKMB8GA1UdIwQY
MBaAFKTnoNL8V6Z7srfoXD6NeBkryg8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9lZzB2eFhwbnV5dC1oY1BvMTRHU3ZLRHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85NmMyNzItZjc0Ni00NjI4LTk1YmMt
YTYxMjZiNTQwOTRkLzEvTDhUQ3RCLURSbDlwSkhQOG9RRUhXeFdDWE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85NmMyNzItZjc0Ni00NjI4LTk1YmMtYTYxMjZiNTQwOTRk
LzEvcE9lZzB2eFhwbnV5dC1oY1BvMTRHU3ZLRHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FIoMA0G
CSqGSIb3DQEBCwUAA4IBAQBtuChLux2Ugmk2492GeWNey7rBa5/GywdLq4DFFncq
t8yBGCAr8Ked+QC4jzyh4oUeLn9CpqNGjSaB0V7VgnxXRKQEnzdqGbvaSBuFfXSy
NwC1mNge8KsGYyAuvKSPqVF00iGL2Ii3JyZbnXgT5c9Fx8XBtFQoWzoXBNzdwFRB
DN3HKz73TA/8hV1BuOvbP7pKVauHqUvgo4RXiyvJa7ixLYOiqzYlLWezN1Sq9n+S
lJdQKVYpH/EZyLKOpuOaRBv0vnXlI3QgsH0jQVjXKgJ2HtB6pQd56UEW4qns+ZuE
w89ALayzTjQ/A78IYLKxXyBoF/Icjtr6aXCjK0SYj+lr
-----END CERTIFICATE-----
Generated at Wed Nov 6 17:42:04 2024 by rpki-client on console-ams.rpki-client.org