Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/CjL4llIqa33RbxKS5gZzsERpnKc.roa
File: CjL4llIqa33RbxKS5gZzsERpnKc.roa (raw, json)
Hash identifier: G2l7/ynuEFD40LoaXYl4OaH7/AA1fsHvI+R0IEfIkB4=
Subject key identifier: 0A:32:F8:96:52:2A:6B:7D:D1:6F:12:92:E6:06:73:B0:44:69:9C:A7
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018BB3D1419CD7970E4EB827127D48E4DE53
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/CjL4llIqa33RbxKS5gZzsERpnKc.roa
Signing time: Thu 09 Nov 2023 11:21:57 +0000
ROA not before: Thu 09 Nov 2023 11:21:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202972
IP address blocks: 212.68.186.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 18:10:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:d1:41:9c:d7:97:0e:4e:b8:27:12:7d:48:e4:de:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Nov 9 11:21:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a32f896522a6b7dd16f1292e60673b044699ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0c:25:a8:bb:5e:6e:52:d3:f7:38:66:79:8e:
2b:6e:c7:09:77:7a:7b:b0:42:d9:eb:a6:e9:36:7e:
a5:6c:2f:7e:78:bc:50:38:08:52:20:4d:f0:eb:b0:
8d:cd:2f:f4:54:f3:32:b7:fb:20:7f:ce:e5:1f:a4:
e6:84:9e:48:5b:27:36:0b:df:f4:64:d3:14:38:68:
d2:25:1e:a4:2e:bf:f2:81:e0:92:64:ff:d3:4f:32:
f8:9b:69:d3:42:b7:62:af:fb:cd:a2:27:16:58:cb:
d7:8a:a9:a9:e4:cc:f6:52:70:1a:3c:24:f2:72:6e:
48:d2:c1:88:f1:09:87:9a:cb:2b:73:49:66:bf:36:
72:6d:53:ba:a0:c8:1b:92:6e:68:b5:70:13:35:57:
88:74:b9:06:34:8e:7b:09:7f:d3:40:32:0a:8e:0e:
bf:e8:c5:93:2c:7d:c4:ea:24:4e:52:43:8b:4c:38:
e0:83:8a:0f:45:3c:ef:46:2c:f0:1d:05:81:0d:3e:
36:c9:64:fa:db:25:a4:35:ba:ff:45:64:3a:74:24:
63:28:35:4d:dd:ea:64:77:f1:a3:0e:19:d1:71:97:
64:10:2a:59:bd:ff:e4:44:06:f0:8b:be:7e:24:25:
29:42:a4:fc:0b:29:8a:4b:eb:48:6b:14:d9:9f:54:
3f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:32:F8:96:52:2A:6B:7D:D1:6F:12:92:E6:06:73:B0:44:69:9C:A7
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/CjL4llIqa33RbxKS5gZzsERpnKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.184.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:3f:37:85:ee:d6:45:09:be:fe:bd:57:6d:e9:9f:39:ec:82:
2a:ee:ad:27:bb:ae:03:8a:88:63:9d:db:0e:9d:0d:59:9b:60:
55:51:59:0c:aa:3f:65:f1:e4:85:63:48:a1:42:83:6f:83:31:
0c:d4:1f:d7:04:25:bf:3b:a9:b8:ae:b8:05:31:76:a2:d1:8f:
c6:41:f9:d8:2c:8c:73:10:c5:15:65:42:9b:8a:97:95:c2:8a:
ec:13:4d:a0:88:d7:c3:3f:78:90:38:51:88:5b:18:52:35:19:
f8:2c:07:2b:4f:90:8e:a4:6e:99:ca:12:de:b7:df:ba:be:93:
db:60:44:aa:18:c6:1c:2b:5a:cb:a1:29:54:6a:dd:64:34:76:
eb:ae:2b:3c:1b:5f:c8:3a:66:e4:08:f3:10:5a:c5:28:1d:37:
68:50:74:dd:c6:ed:89:67:cb:51:43:58:4f:24:00:72:99:ce:
1d:95:aa:33:5d:f7:3b:25:4f:f0:17:36:76:b2:41:29:66:8a:
f6:63:8b:45:3d:0a:fc:0d:6f:92:5c:35:a9:2c:f9:bf:b9:f0:
61:51:f4:e8:b1:54:1b:26:8b:36:bb:07:66:eb:e6:32:9b:e0:
ea:f5:ab:3f:ee:dd:16:04:a9:18:8a:3c:9b:c7:38:55:0a:fc:
8b:3a:3a:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuz0UGc15cOTrgnEn1I5N5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMxMTA5MTEyMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTMyZjg5NjUyMmE2YjdkZDE2ZjEyOTJlNjA2NzNiMDQ0Njk5Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQwlqLteblLT9zhmeY4rbscJd3p7
sELZ66bpNn6lbC9+eLxQOAhSIE3w67CNzS/0VPMyt/sgf87lH6TmhJ5IWyc2C9/0
ZNMUOGjSJR6kLr/ygeCSZP/TTzL4m2nTQrdir/vNoicWWMvXiqmp5Mz2UnAaPCTy
cm5I0sGI8QmHmssrc0lmvzZybVO6oMgbkm5otXATNVeIdLkGNI57CX/TQDIKjg6/
6MWTLH3E6iROUkOLTDjgg4oPRTzvRizwHQWBDT42yWT62yWkNbr/RWQ6dCRjKDVN
3epkd/GjDhnRcZdkECpZvf/kRAbwi75+JCUpQqT8CymKS+tIaxTZn1Q/wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoy+JZSKmt90W8SkuYGc7BEaZynMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvQ2pMNGxsSXFhMzNSYnhLUzVnWnpzRVJwbktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ES4MA0G
CSqGSIb3DQEBCwUAA4IBAQCOPzeF7tZFCb7+vVdt6Z857IIq7q0nu64DiohjndsO
nQ1Zm2BVUVkMqj9l8eSFY0ihQoNvgzEM1B/XBCW/O6m4rrgFMXai0Y/GQfnYLIxz
EMUVZUKbipeVworsE02giNfDP3iQOFGIWxhSNRn4LAcrT5COpG6ZyhLet9+6vpPb
YESqGMYcK1rLoSlUat1kNHbrris8G1/IOmbkCPMQWsUoHTdoUHTdxu2JZ8tRQ1hP
JABymc4dlaozXfc7JU/wFzZ2skEpZor2Y4tFPQr8DW+SXDWpLPm/ufBhUfTosVQb
Jos2uwdm6+Yym+Dq9as/7t0WBKkYijybxzhVCvyLOjqr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:15 2024 by rpki-client on console-ams.rpki-client.org