Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/07aoarqAA1KVyWsyZ08iIw1Piek.roa
File: 07aoarqAA1KVyWsyZ08iIw1Piek.roa (raw, json)
Hash identifier: g4Iig42o2aqzjMMDKP2a6EQ9WEgeM9RcSAKMq8jH9eM=
Subject key identifier: D3:B6:A8:6A:BA:80:03:52:95:C9:6B:32:67:4F:22:23:0D:4F:89:E9
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018CE8D7B90FDA972D96CB8DC5FBD2B2819D
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/07aoarqAA1KVyWsyZ08iIw1Piek.roa
Signing time: Mon 08 Jan 2024 11:31:40 +0000
ROA not before: Mon 08 Jan 2024 11:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 10:44:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:d7:b9:0f:da:97:2d:96:cb:8d:c5:fb:d2:b2:81:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jan 8 11:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3b6a86aba80035295c96b32674f22230d4f89e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:9a:f8:61:69:80:ac:95:7e:30:f3:96:68:
11:be:ed:b2:5e:22:7e:55:84:2b:3e:5d:21:6d:25:
c1:bd:c8:1b:2a:39:96:e6:f9:59:0a:d3:a7:e3:e5:
b8:77:01:c2:f2:5f:8b:d7:18:4e:72:88:d4:5a:0b:
f1:c7:86:bc:10:0e:90:6c:33:9e:de:98:78:78:00:
38:e7:35:4d:2e:83:ae:56:55:b1:8e:98:2b:57:b6:
75:49:3d:e6:f9:92:61:00:bf:e2:e9:b3:6f:fb:1b:
96:29:e7:72:60:47:fa:75:d0:aa:04:9f:60:59:95:
1b:36:89:cc:79:1d:79:4a:a1:5a:52:19:f1:98:28:
0c:3c:c6:e7:d7:6b:9a:2a:42:32:75:05:19:bd:a1:
77:73:7d:5a:6e:17:fd:8e:43:67:df:fd:40:f3:50:
62:d9:1a:61:22:37:4a:17:6d:99:24:77:d5:9a:e7:
cc:2a:3d:89:4d:88:e9:99:7c:a9:07:9b:e5:68:9c:
91:a2:36:7f:3d:9d:7c:3a:2a:95:13:23:eb:36:13:
fa:87:cc:ad:80:cf:93:8e:25:3c:2d:65:82:1d:ad:
26:4a:85:91:17:d2:96:fa:8c:87:18:04:5c:73:0a:
b6:c8:d7:9f:9f:18:e0:1a:97:ca:9c:8c:8e:b8:c8:
b4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B6:A8:6A:BA:80:03:52:95:C9:6B:32:67:4F:22:23:0D:4F:89:E9
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/07aoarqAA1KVyWsyZ08iIw1Piek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.176.0/20
Signature Algorithm: sha256WithRSAEncryption
81:b9:25:70:73:8e:13:8f:b8:20:96:a9:0d:a5:5c:17:b8:d7:
01:9e:64:80:ad:e4:a6:31:ce:92:da:cb:64:44:c2:96:7e:5e:
1c:fb:db:be:80:40:0b:37:90:bc:6a:83:3d:59:7f:9f:ab:a8:
9f:c9:d7:eb:46:55:38:dd:0a:dd:2e:26:7b:ec:8d:03:b4:1e:
5c:f2:c3:65:37:e1:ac:ae:ef:d7:a4:83:cc:bf:3a:3b:a2:18:
08:83:0c:2f:44:d0:86:f9:40:e9:b0:23:71:95:78:57:3a:08:
19:95:e2:b5:27:d4:97:ee:21:23:15:a8:ca:ee:99:ed:ec:72:
92:70:f9:ed:1c:94:2a:3d:7a:d7:f5:2b:3a:94:aa:a1:f4:e5:
9d:48:a5:6e:53:eb:0f:60:d3:38:0f:3f:85:47:13:32:6d:b0:
86:ff:cd:d5:4c:56:70:79:65:f9:6b:ef:7c:cf:30:ce:10:2f:
73:27:7e:e5:91:5d:10:29:01:2a:e6:5b:38:9a:da:89:87:68:
39:1d:a8:5f:af:94:c3:0f:1e:0e:dd:47:f3:dc:c8:f3:d7:46:
77:4f:97:33:45:b3:a7:55:f2:8e:fa:70:c0:dd:9a:0a:cb:86:
ea:d0:62:ca:2d:d8:4f:8a:e3:87:30:1a:74:ef:38:2c:1f:53:
a5:f1:b6:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzo17kP2pctlsuNxfvSsoGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwMTA4MTEzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2I2YTg2YWJhODAwMzUyOTVjOTZiMzI2NzRmMjIyMzBkNGY4OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsCa+GFpgKyVfjDzlmgRvu2yXiJ+
VYQrPl0hbSXBvcgbKjmW5vlZCtOn4+W4dwHC8l+L1xhOcojUWgvxx4a8EA6QbDOe
3ph4eAA45zVNLoOuVlWxjpgrV7Z1ST3m+ZJhAL/i6bNv+xuWKedyYEf6ddCqBJ9g
WZUbNonMeR15SqFaUhnxmCgMPMbn12uaKkIydQUZvaF3c31abhf9jkNn3/1A81Bi
2RphIjdKF22ZJHfVmufMKj2JTYjpmXypB5vlaJyRojZ/PZ18OiqVEyPrNhP6h8yt
gM+TjiU8LWWCHa0mSoWRF9KW+oyHGARccwq2yNefnxjgGpfKnIyOuMi0BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNO2qGq6gANSlclrMmdPIiMNT4npMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvMDdhb2FycUFBMUtWeVdzeVowOGlJdzFQaWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1ESwMA0G
CSqGSIb3DQEBCwUAA4IBAQCBuSVwc44Tj7gglqkNpVwXuNcBnmSAreSmMc6S2stk
RMKWfl4c+9u+gEALN5C8aoM9WX+fq6ifydfrRlU43QrdLiZ77I0DtB5c8sNlN+Gs
ru/XpIPMvzo7ohgIgwwvRNCG+UDpsCNxlXhXOggZleK1J9SX7iEjFajK7pnt7HKS
cPntHJQqPXrX9Ss6lKqh9OWdSKVuU+sPYNM4Dz+FRxMybbCG/83VTFZweWX5a+98
zzDOEC9zJ37lkV0QKQEq5ls4mtqJh2g5Hahfr5TDDx4O3Ufz3Mjz10Z3T5czRbOn
VfKO+nDA3ZoKy4bq0GLKLdhPiuOHMBp07zgsH1Ol8baT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org