Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/0qh_xki5Q5h2w32lCEKKtM2-_sc.roa
File: 0qh_xki5Q5h2w32lCEKKtM2-_sc.roa (raw, json)
Hash identifier: NOfYlsBzHij7QPUf/QQ0bt2DU4CpAXCapzoSlNmUsdI=
Subject key identifier: D2:A8:7F:C6:48:B9:43:98:76:C3:7D:A5:08:42:8A:B4:CD:BE:FE:C7
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 0187C7736636A80D6E10E77232D145D26913
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/0qh_xki5Q5h2w32lCEKKtM2-_sc.roa
Signing time: Fri 28 Apr 2023 10:40:41 +0000
ROA not before: Fri 28 Apr 2023 10:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9076
IP address blocks: 212.104.0.0/20 maxlen: 24
212.104.1.0/24 maxlen: 24
212.104.40.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Apr 2023 10:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:73:66:36:a8:0d:6e:10:e7:72:32:d1:45:d2:69:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Apr 28 10:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2a87fc648b9439876c37da508428ab4cdbefec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:86:43:3e:49:dd:2c:ef:26:04:55:33:82:88:
23:f0:68:08:ba:94:80:1d:6c:8c:ce:af:86:e5:b6:
71:46:49:fd:fb:2e:11:71:b3:53:c7:03:8b:85:3b:
b7:ac:c4:5d:98:83:a6:62:6f:91:dd:3e:6a:fd:8e:
0d:85:e5:ab:52:40:46:b4:c7:40:ac:8a:73:4a:bc:
31:a2:82:22:61:03:29:64:00:17:f4:8e:a7:3f:58:
b0:7d:3b:df:c9:65:60:c6:31:b2:68:45:f5:19:5b:
08:62:05:ae:e2:85:e6:5c:61:9a:a6:60:09:b3:76:
5b:4e:3e:03:4e:e8:60:3d:9d:a0:41:c7:bb:bc:0e:
df:78:87:8c:39:54:cd:c2:e4:e2:71:1a:fa:a8:5b:
cf:a4:10:de:0e:88:e4:3c:48:a6:99:76:b3:fa:64:
42:e1:8d:cd:43:1f:dc:48:ed:cc:e4:e5:7e:24:6b:
04:c4:8a:3b:03:26:05:db:87:a5:ea:97:1b:6b:a5:
f8:cc:81:7e:a5:5b:9c:85:33:fa:15:c4:29:3f:df:
ed:9a:90:8d:f5:36:ad:23:65:39:ba:11:68:f9:15:
46:a3:7a:ab:a7:25:f8:46:01:a4:8d:6f:11:9e:3c:
81:ff:b6:5b:70:92:9a:02:20:c0:61:a1:53:58:24:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A8:7F:C6:48:B9:43:98:76:C3:7D:A5:08:42:8A:B4:CD:BE:FE:C7
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/0qh_xki5Q5h2w32lCEKKtM2-_sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/20
212.104.40.0/21
Signature Algorithm: sha256WithRSAEncryption
63:61:ac:98:c1:e2:a8:36:cc:25:cd:e0:5c:2c:34:95:77:9f:
2b:b6:92:b8:02:04:bf:39:f5:44:36:da:f6:06:cd:02:ac:34:
c5:c4:d8:2c:b6:0c:3d:94:38:3f:1c:fc:fc:b0:da:2d:bd:4f:
89:8c:ca:8a:89:93:43:d1:71:06:f3:c2:3e:66:4a:15:a7:b1:
66:d4:f0:f3:5b:77:1a:72:be:42:f4:88:74:e6:4f:ca:f8:96:
b0:db:09:97:10:ec:26:ea:a4:e2:c8:a0:26:2f:d0:83:4d:8a:
dc:7f:69:36:7b:28:24:cf:d2:f5:d4:b4:f3:3e:39:45:d9:52:
26:52:76:c8:30:c0:89:f5:18:ee:25:f4:c7:51:71:29:89:52:
42:40:67:66:a4:ea:25:68:68:9d:34:41:1d:58:e4:fa:b1:a5:
61:d7:fe:a8:bf:28:55:5a:b5:1f:3b:ac:97:16:89:5a:70:59:
57:5c:44:c5:09:c1:ab:aa:22:af:74:14:9a:2b:63:b2:c9:6a:
c4:63:98:1f:5e:be:71:66:44:76:18:64:03:40:11:02:b1:d7:
5f:43:07:71:4e:0f:14:b9:a5:01:fc:ae:47:db:9b:06:61:82:
1a:98:da:51:e8:16:e2:ed:df:47:78:dc:36:40:b1:73:44:bc:
fc:f6:28:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfHc2Y2qA1uEOdyMtFF0mkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjMwNDI4MTA0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE4N2ZjNjQ4Yjk0Mzk4NzZjMzdkYTUwODQyOGFiNGNkYmVmZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4ZDPkndLO8mBFUzgogj8GgIupSA
HWyMzq+G5bZxRkn9+y4RcbNTxwOLhTu3rMRdmIOmYm+R3T5q/Y4NheWrUkBGtMdA
rIpzSrwxooIiYQMpZAAX9I6nP1iwfTvfyWVgxjGyaEX1GVsIYgWu4oXmXGGapmAJ
s3ZbTj4DTuhgPZ2gQce7vA7feIeMOVTNwuTicRr6qFvPpBDeDojkPEimmXaz+mRC
4Y3NQx/cSO3M5OV+JGsExIo7AyYF24el6pcba6X4zIF+pVuchTP6FcQpP9/tmpCN
9TatI2U5uhFo+RVGo3qrpyX4RgGkjW8RnjyB/7ZbcJKaAiDAYaFTWCRdpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNKof8ZIuUOYdsN9pQhCirTNvv7HMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvMHFoX3hraTVRNWgydzMybENFS0t0TTItX3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE1GgAAwQD
1GgoMA0GCSqGSIb3DQEBCwUAA4IBAQBjYayYweKoNswlzeBcLDSVd58rtpK4AgS/
OfVENtr2Bs0CrDTFxNgstgw9lDg/HPz8sNotvU+JjMqKiZND0XEG88I+ZkoVp7Fm
1PDzW3cacr5C9Ih05k/K+Jaw2wmXEOwm6qTiyKAmL9CDTYrcf2k2eygkz9L11LTz
PjlF2VImUnbIMMCJ9RjuJfTHUXEpiVJCQGdmpOolaGidNEEdWOT6saVh1/6ovyhV
WrUfO6yXFolacFlXXETFCcGrqiKvdBSaK2OyyWrEY5gfXr5xZkR2GGQDQBECsddf
QwdxTg8UuaUB/K5H25sGYYIamNpR6Bbi7d9HeNw2QLFzRLz89ig7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:13 2024 by rpki-client on console-ams.rpki-client.org