Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/I0NLLiSnssjkT5OJB1iU4n4JVoA.roa
File: I0NLLiSnssjkT5OJB1iU4n4JVoA.roa (raw, json)
Hash identifier: K/ZyOH5KmmAbc9aYwUfjnOycas237mUw21UnkKKwpk0=
Subject key identifier: 23:43:4B:2E:24:A7:B2:C8:E4:4F:93:89:07:58:94:E2:7E:09:56:80
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA2A0D437B192D23242F5E4A73AE49C34
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/I0NLLiSnssjkT5OJB1iU4n4JVoA.roa
Signing time: Wed 03 Apr 2024 06:23:52 +0000
ROA not before: Wed 03 Apr 2024 06:23:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8675
IP address blocks: 212.12.4.0/24 maxlen: 24
212.12.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 08:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:a0:d4:37:b1:92:d2:32:42:f5:e4:a7:3a:e4:9c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 3 06:23:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23434b2e24a7b2c8e44f9389075894e27e095680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:51:fb:b4:08:3d:d9:1f:86:51:b4:06:ce:bc:
a8:6a:1e:ac:75:12:27:ce:a2:f0:a2:08:75:28:ca:
cf:c6:74:3a:2f:f1:b1:b4:62:fd:94:42:49:98:b0:
72:a4:5a:0f:b7:e5:1f:4b:73:38:a3:d5:a3:c3:d0:
12:57:cf:cc:6f:bc:6a:54:ba:5f:69:cb:7b:87:13:
49:00:5f:d6:1a:c5:2b:39:8e:39:7f:e1:e4:03:48:
b8:ab:f7:e0:43:52:a1:27:01:33:a6:54:a1:53:93:
ac:6f:78:ba:b8:0d:3a:e4:11:a8:d3:e0:0d:3c:66:
cb:18:79:b8:45:db:53:96:d3:0a:e5:5c:cc:55:53:
ac:18:a6:d1:37:87:3f:b1:4d:cb:8f:8c:56:a6:dd:
00:86:f1:64:77:1b:a8:b2:08:85:14:a5:78:e1:f5:
10:43:cd:99:16:cb:44:32:9c:a2:70:f8:07:49:89:
0e:fc:52:4c:75:5c:e1:c9:35:2c:5c:fb:ba:98:68:
46:f2:7d:10:28:f6:66:a2:d4:84:e5:fd:0a:2c:cc:
75:49:e8:79:91:db:b4:4d:49:c3:60:ae:11:33:35:
d6:8a:3c:f4:97:e9:d7:45:4e:3d:b5:ef:b1:4f:4a:
e5:0f:03:9e:0b:04:7d:df:04:3e:4a:69:8a:1b:9b:
6f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:43:4B:2E:24:A7:B2:C8:E4:4F:93:89:07:58:94:E2:7E:09:56:80
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/I0NLLiSnssjkT5OJB1iU4n4JVoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.12.4.0/24
212.12.21.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:50:43:f3:e7:51:6b:2b:82:ff:4c:4a:f7:57:79:84:d8:32:
77:2b:e2:81:66:19:35:24:26:4d:61:c1:09:73:63:b9:d5:f0:
e7:d6:8a:60:c7:70:47:29:a5:a5:49:78:61:76:3a:ba:42:3a:
d0:46:91:c9:26:7d:cd:5d:4f:4f:78:27:01:56:3f:db:84:f8:
64:a2:f7:90:95:ec:36:83:7c:50:87:d3:e3:1f:c3:00:71:00:
8f:2b:7d:26:38:1c:bc:60:6b:1c:e2:9c:8e:19:3e:b8:23:c6:
a6:5b:72:f0:89:ae:b3:a6:c1:d6:48:53:6f:08:cc:22:6b:9c:
76:b0:a8:1b:30:95:f5:8b:46:e0:dd:f1:3d:29:88:17:b7:ed:
4e:dd:8f:9f:04:af:c3:ae:1e:62:34:48:1a:89:e2:cb:5b:8a:
5c:99:3f:01:ec:a2:a3:2a:e9:ca:f0:f3:f6:b4:45:74:28:d1:
c3:22:a5:c6:4d:5b:e6:ed:ae:80:a6:ec:5f:84:be:64:79:6a:
75:a5:88:5e:32:cf:b9:8d:7b:97:37:5c:f1:98:28:f2:ce:ef:
2b:ab:71:4a:5e:9d:34:4e:f5:4f:fd:f9:0f:13:36:7f:73:69:
d7:cc:d2:a2:6b:3c:a8:ae:bc:b3:60:eb:fd:47:7e:ae:b3:d4:
e4:0f:ae:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6ioNQ3sZLSMkL15Kc65Jw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAzMDYyMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQzNGIyZTI0YTdiMmM4ZTQ0ZjkzODkwNzU4OTRlMjdlMDk1NjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1H7tAg92R+GUbQGzryoah6sdRIn
zqLwogh1KMrPxnQ6L/GxtGL9lEJJmLBypFoPt+UfS3M4o9Wjw9ASV8/Mb7xqVLpf
act7hxNJAF/WGsUrOY45f+HkA0i4q/fgQ1KhJwEzplShU5Osb3i6uA065BGo0+AN
PGbLGHm4RdtTltMK5VzMVVOsGKbRN4c/sU3Lj4xWpt0AhvFkdxuosgiFFKV44fUQ
Q82ZFstEMpyicPgHSYkO/FJMdVzhyTUsXPu6mGhG8n0QKPZmotSE5f0KLMx1Seh5
kdu0TUnDYK4RMzXWijz0l+nXRU49te+xT0rlDwOeCwR93wQ+SmmKG5tvPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNDSy4kp7LI5E+TiQdYlOJ+CVaAMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvSTBOTExpU25zc2prVDVPSkIxaVU0bjRKVm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1AwEAwQA
1AwVMA0GCSqGSIb3DQEBCwUAA4IBAQBqUEPz51FrK4L/TEr3V3mE2DJ3K+KBZhk1
JCZNYcEJc2O51fDn1opgx3BHKaWlSXhhdjq6QjrQRpHJJn3NXU9PeCcBVj/bhPhk
oveQlew2g3xQh9PjH8MAcQCPK30mOBy8YGsc4pyOGT64I8amW3Lwia6zpsHWSFNv
CMwia5x2sKgbMJX1i0bg3fE9KYgXt+1O3Y+fBK/Drh5iNEgaieLLW4pcmT8B7KKj
KunK8PP2tEV0KNHDIqXGTVvm7a6ApuxfhL5keWp1pYheMs+5jXuXN1zxmCjyzu8r
q3FKXp00TvVP/fkPEzZ/c2nXzNKiazyorryzYOv9R36us9TkD66C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:24 2024 by rpki-client on console-ams.rpki-client.org