Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/iuqn167nDYQpnZrNA_Kh5NvSREw.roa
File: iuqn167nDYQpnZrNA_Kh5NvSREw.roa (raw, json)
Hash identifier: TjYXlHmDI6Z70v3VJwDHdpvwWdW0f9YifKdNMP0FPy8=
Subject key identifier: 8A:EA:A7:D7:AE:E7:0D:84:29:9D:9A:CD:03:F2:A1:E4:DB:D2:44:4C
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0188427CF4538069D7BE4F39D7387D45224E
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/iuqn167nDYQpnZrNA_Kh5NvSREw.roa
Signing time: Mon 22 May 2023 08:04:25 +0000
ROA not before: Mon 22 May 2023 08:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203941
IP address blocks: 212.7.218.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:7c:f4:53:80:69:d7:be:4f:39:d7:38:7d:45:22:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: May 22 08:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aeaa7d7aee70d84299d9acd03f2a1e4dbd2444c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a6:c6:8e:e2:67:8c:ed:4b:0c:68:56:17:1c:
2f:c7:77:45:0c:0e:40:c8:dd:ee:a8:aa:24:36:46:
0d:21:15:4d:87:8f:70:ef:9e:40:8d:ad:7f:d4:a7:
51:99:d4:83:e0:56:39:c5:de:4a:75:f3:dc:77:ee:
f5:63:cc:f5:a3:bb:dc:19:ca:74:77:c5:b6:5f:d9:
d1:81:be:02:50:46:ba:5d:64:92:74:2a:5e:93:ef:
db:c5:dc:b9:55:ba:5d:54:09:a6:1e:57:51:8b:8c:
e8:2e:8f:80:50:4e:6c:72:05:f1:af:26:87:d7:5b:
4c:6e:bc:5f:ae:8c:64:5c:20:95:53:4a:bb:f7:44:
67:97:c8:43:99:b6:c5:c8:0a:97:f0:77:cd:99:0c:
dd:d9:54:d2:87:5c:ec:ed:8f:89:15:5c:fe:d7:a9:
f8:f3:7b:9f:6b:a3:91:83:98:68:49:e3:ab:54:a8:
30:44:35:89:58:43:4e:10:d3:40:1b:03:b2:66:08:
3c:0f:46:f8:45:dc:cd:db:79:d9:25:d6:64:bc:06:
13:37:3f:1d:19:6e:d7:4e:ff:16:45:9f:05:7f:76:
5e:ad:ff:5d:42:9f:4e:70:7b:27:a3:fe:80:66:0c:
71:dd:cb:a6:a8:af:0a:f2:a6:1c:35:ee:95:14:25:
96:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EA:A7:D7:AE:E7:0D:84:29:9D:9A:CD:03:F2:A1:E4:DB:D2:44:4C
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/iuqn167nDYQpnZrNA_Kh5NvSREw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.7.218.0/23
Signature Algorithm: sha256WithRSAEncryption
98:35:8e:8b:90:c2:66:6e:3d:9d:03:ba:8c:96:8d:81:95:d7:
f3:a6:b6:cb:50:33:c3:c6:b4:83:cc:6d:ef:10:43:d4:2f:8e:
ba:61:90:db:37:8d:ad:15:88:f3:da:16:95:4a:e5:b1:3d:4f:
20:c6:ad:5b:37:54:18:8d:90:1f:4a:10:7d:50:66:08:cf:30:
b1:d0:c9:35:d4:20:f5:18:7e:12:89:94:cc:1a:37:15:b4:b4:
b9:55:f4:8b:1d:85:88:d1:fc:cd:f6:6f:cf:88:24:a7:b4:4b:
8d:12:e6:4e:d5:8f:63:24:7d:dc:0b:07:87:a8:9d:d2:75:35:
88:2d:d7:4c:ac:9d:a2:6c:d2:bf:18:fa:a5:92:b8:f8:45:d7:
59:0d:ee:d1:76:17:c3:82:6c:f9:ae:d9:b1:20:fb:c6:a0:f6:
af:0b:24:a8:a5:bb:d4:17:c9:de:80:55:77:13:2e:ef:0f:c6:
85:19:17:06:82:50:a4:3d:39:a2:db:a2:4d:67:14:ab:5d:b7:
bb:31:54:0b:76:49:b3:1d:50:8a:a9:21:72:3f:de:18:5d:ce:
6e:0e:ac:e4:a4:f9:8d:74:0a:a4:6d:8e:fc:55:84:96:0a:f1:
60:00:f0:a4:97:c6:07:36:4e:bb:2b:b4:20:7a:75:8d:d3:e0:
15:80:89:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhCfPRTgGnXvk851zh9RSJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwNTIyMDgwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWVhYTdkN2FlZTcwZDg0Mjk5ZDlhY2QwM2YyYTFlNGRiZDI0NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KbGjuJnjO1LDGhWFxwvx3dFDA5A
yN3uqKokNkYNIRVNh49w755Aja1/1KdRmdSD4FY5xd5KdfPcd+71Y8z1o7vcGcp0
d8W2X9nRgb4CUEa6XWSSdCpek+/bxdy5VbpdVAmmHldRi4zoLo+AUE5scgXxryaH
11tMbrxfroxkXCCVU0q790Rnl8hDmbbFyAqX8HfNmQzd2VTSh1zs7Y+JFVz+16n4
83ufa6ORg5hoSeOrVKgwRDWJWENOENNAGwOyZgg8D0b4RdzN23nZJdZkvAYTNz8d
GW7XTv8WRZ8Ff3Zerf9dQp9OcHsno/6AZgxx3cumqK8K8qYcNe6VFCWWmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrqp9eu5w2EKZ2azQPyoeTb0kRMMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvaXVxbjE2N25EWVFwblpyTkFfS2g1TnZTUkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1AfaMA0G
CSqGSIb3DQEBCwUAA4IBAQCYNY6LkMJmbj2dA7qMlo2BldfzprbLUDPDxrSDzG3v
EEPUL466YZDbN42tFYjz2haVSuWxPU8gxq1bN1QYjZAfShB9UGYIzzCx0Mk11CD1
GH4SiZTMGjcVtLS5VfSLHYWI0fzN9m/PiCSntEuNEuZO1Y9jJH3cCweHqJ3SdTWI
LddMrJ2ibNK/GPqlkrj4RddZDe7RdhfDgmz5rtmxIPvGoPavCySopbvUF8negFV3
Ey7vD8aFGRcGglCkPTmi26JNZxSrXbe7MVQLdkmzHVCKqSFyP94YXc5uDqzkpPmN
dAqkbY78VYSWCvFgAPCkl8YHNk67K7QgenWN0+AVgImZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org