Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/XZQvRalWdng4p4hOzdfP-7R1LiM.roa
File: XZQvRalWdng4p4hOzdfP-7R1LiM.roa (raw, json)
Hash identifier: G756lTRTFNQ5RDY0sII7HHKczjs0g85xakC685ot1y8=
Subject key identifier: 5D:94:2F:45:A9:56:76:78:38:A7:88:4E:CD:D7:CF:FB:B4:75:2E:23
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018AFFBF5503DCE905D379A8E10B3484B4F1
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/XZQvRalWdng4p4hOzdfP-7R1LiM.roa
Signing time: Thu 05 Oct 2023 12:10:43 +0000
ROA not before: Thu 05 Oct 2023 12:10:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.172.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 13:54:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:bf:55:03:dc:e9:05:d3:79:a8:e1:0b:34:84:b4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Oct 5 12:10:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d942f45a956767838a7884ecdd7cffbb4752e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:8d:9d:ea:02:ea:d1:e2:24:91:d8:34:81:
3d:ef:77:81:11:16:dc:18:3d:2e:53:cd:23:bb:bb:
e7:7a:42:61:55:b7:6f:cb:2e:64:99:3a:ae:69:13:
0e:48:a5:0a:41:14:b4:24:57:7d:db:1e:c5:c4:b4:
7d:16:db:a8:f7:96:78:be:21:b3:82:87:87:bc:3d:
d3:33:01:16:63:e9:3b:77:e9:14:d6:0c:67:c5:71:
b3:62:61:5f:9e:fd:52:3c:fb:71:14:f7:5a:44:e1:
72:fa:43:a8:29:32:2b:76:98:6b:6a:82:70:2a:0c:
5d:68:05:eb:5f:f0:94:d0:32:52:06:25:29:ef:6e:
2c:f6:a1:10:cd:a9:70:ab:98:1b:c6:01:35:8b:c7:
a9:1d:61:5f:12:34:bc:2d:e5:ba:88:bd:25:40:5e:
eb:6e:56:0c:9e:95:66:1b:8e:3b:24:7c:31:90:36:
2d:e1:96:f0:57:cf:bf:ae:b2:1c:85:cf:66:6d:f9:
73:8f:9a:d2:87:75:7c:78:43:68:33:65:b8:7a:be:
6b:18:9e:ef:2f:2d:76:da:43:26:cf:f8:4e:22:ec:
0e:62:9d:d5:81:3c:00:0b:8e:47:75:8f:3a:5f:d3:
bd:8b:be:8c:c8:38:ad:d2:e4:a6:76:f0:df:18:e3:
3e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:94:2F:45:A9:56:76:78:38:A7:88:4E:CD:D7:CF:FB:B4:75:2E:23
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/XZQvRalWdng4p4hOzdfP-7R1LiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0/22
212.68.172.0-212.68.179.255
Signature Algorithm: sha256WithRSAEncryption
04:fd:4e:23:3d:19:44:f5:22:2e:a0:80:9e:43:1a:5d:ab:9f:
f6:e8:e3:1d:98:12:4d:8d:b6:0a:1c:4b:f0:c0:98:40:28:7c:
a9:67:23:ba:ac:39:80:5b:9e:8f:0e:b8:45:01:91:36:f4:29:
49:8c:39:4b:d9:77:d5:f0:e7:fd:37:0e:66:59:ee:11:84:45:
eb:cf:6f:7c:80:21:cc:41:0a:ed:13:0b:fc:e6:16:31:b9:97:
8d:ac:5c:25:8f:16:6e:5e:37:80:5a:df:cf:05:a1:56:16:83:
e4:d8:fc:de:14:21:a6:d9:27:5c:bb:fa:50:08:96:77:c4:62:
ac:4d:d8:1a:e4:0a:54:f9:73:02:6a:98:6b:3a:f3:ba:64:12:
61:42:0d:a4:b3:28:2d:03:f5:89:74:c4:8e:b0:05:aa:ec:47:
fd:76:3a:aa:22:00:bb:7e:7d:b6:37:2d:d5:de:76:ae:0b:47:
4d:c1:9d:d9:ce:ad:f3:2a:69:3e:35:53:eb:56:b3:5b:33:1f:
31:08:8b:bc:0f:bf:05:92:e1:38:fe:48:57:2f:a3:b0:8d:1c:
38:a2:55:74:da:e4:37:91:80:eb:4c:e4:d6:f5:44:4c:fa:45:
59:1b:e4:65:2b:8a:4c:f9:6f:45:cd:4e:1e:76:df:3a:6e:dd:
c5:52:23:4d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYr/v1UD3OkF03mo4Qs0hLTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMxMDA1MTIxMDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk0MmY0NWE5NTY3Njc4MzhhNzg4NGVjZGQ3Y2ZmYmI0NzUyZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD6NneoC6tHiJJHYNIE973eBERbc
GD0uU80ju7vnekJhVbdvyy5kmTquaRMOSKUKQRS0JFd92x7FxLR9Ftuo95Z4viGz
goeHvD3TMwEWY+k7d+kU1gxnxXGzYmFfnv1SPPtxFPdaROFy+kOoKTIrdphraoJw
KgxdaAXrX/CU0DJSBiUp724s9qEQzalwq5gbxgE1i8epHWFfEjS8LeW6iL0lQF7r
blYMnpVmG447JHwxkDYt4ZbwV8+/rrIchc9mbflzj5rSh3V8eENoM2W4er5rGJ7v
Ly122kMmz/hOIuwOYp3VgTwAC45HdY86X9O9i76MyDit0uSmdvDfGOM+MwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF2UL0WpVnZ4OKeITs3Xz/u0dS4jMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvWFpRdlJhbFdkbmc0cDRoT3pkZlAtN1IxTGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1ESkMAwD
BALURKwDBALURLAwDQYJKoZIhvcNAQELBQADggEBAAT9TiM9GUT1Ii6ggJ5DGl2r
n/bo4x2YEk2NtgocS/DAmEAofKlnI7qsOYBbno8OuEUBkTb0KUmMOUvZd9Xw5/03
DmZZ7hGERevPb3yAIcxBCu0TC/zmFjG5l42sXCWPFm5eN4Ba388FoVYWg+TY/N4U
IabZJ1y7+lAIlnfEYqxN2BrkClT5cwJqmGs687pkEmFCDaSzKC0D9Yl0xI6wBars
R/12OqoiALt+fbY3LdXedq4LR03BndnOrfMqaT41U+tWs1szHzEIi7wPvwWS4Tj+
SFcvo7CNHDiiVXTa5DeRgOtM5Nb1REz6RVkb5GUrikz5b0XNTh523zpu3cVSI00=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:15 2024 by rpki-client on console-ams.rpki-client.org