Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tKD0gtVMeGFi5LlfKQzjqEdjxbk.roa
File: tKD0gtVMeGFi5LlfKQzjqEdjxbk.roa (raw, json)
Hash identifier: CZSvyNH/tlQZALUZ+ewAIMXWJx6Red3LWwU52bh/MzI=
Subject key identifier: B4:A0:F4:82:D5:4C:78:61:62:E4:B9:5F:29:0C:E3:A8:47:63:C5:B9
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CDD494741AE1B0885665A4A57F116
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tKD0gtVMeGFi5LlfKQzjqEdjxbk.roa
Signing time: Mon 02 Jan 2023 03:35:57 +0000
ROA not before: Mon 02 Jan 2023 03:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34875
IP address blocks: 212.220.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:dd:49:47:41:ae:1b:08:85:66:5a:4a:57:f1:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4a0f482d54c786162e4b95f290ce3a84763c5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e3:c5:ba:d7:b4:eb:6d:3c:f3:2d:25:35:cc:
02:64:09:8d:22:cb:9d:56:82:2b:40:80:1e:68:39:
2b:9b:28:b3:fa:ad:4e:b7:66:74:ce:43:68:66:53:
27:aa:28:77:d3:f5:01:0e:2b:2d:ba:8f:8e:f1:47:
1b:17:48:31:ce:c4:89:41:ca:c1:fc:b1:d7:13:02:
c0:65:a7:61:87:1b:15:ac:f7:0e:56:ec:44:04:5c:
0b:49:a7:95:c6:5a:ef:e7:4b:95:6e:75:d0:74:51:
60:a5:85:cc:56:74:98:4f:7e:43:80:25:b0:0b:7e:
e2:46:d0:b7:32:df:ae:cd:77:65:ff:07:8a:66:18:
ab:3b:81:f7:25:c3:1a:8c:15:52:41:9d:32:78:9d:
0d:40:eb:de:5c:dc:42:b5:4b:d6:f2:3f:2b:75:9d:
c0:ed:4e:0c:64:22:35:ae:2f:d6:f5:07:d6:6b:e9:
42:d7:a5:ae:2f:f1:d2:c9:f1:56:7e:fb:33:a3:fa:
fb:bb:4b:bd:91:43:1a:2a:1f:e7:39:b8:aa:b7:11:
16:75:eb:d3:8b:fc:fe:87:dc:83:38:0e:12:0d:dc:
53:2c:96:f2:8c:03:81:2d:be:47:dc:a2:63:a0:b7:
37:f5:32:c7:e0:93:27:ca:36:d6:e0:09:18:5e:52:
be:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A0:F4:82:D5:4C:78:61:62:E4:B9:5F:29:0C:E3:A8:47:63:C5:B9
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tKD0gtVMeGFi5LlfKQzjqEdjxbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.220.4.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:64:5d:70:67:82:d7:16:89:87:1a:8e:aa:66:ed:63:39:f7:
d6:8c:d2:8f:65:e7:a7:a7:9f:4c:e3:a5:67:68:a6:e4:27:a5:
ec:b8:e3:42:a1:00:ff:1d:dc:c0:2f:14:5e:fd:8f:20:7e:21:
3c:9b:6d:b3:4a:7d:6f:17:bf:f0:57:9b:87:e7:8d:c9:a8:f1:
63:c5:48:fa:34:c0:4a:7e:d8:72:ee:13:70:6e:2f:53:37:7d:
57:26:e7:1d:c9:e4:d8:ca:1e:d8:03:ed:2b:e8:2a:f9:f3:bd:
e2:49:7c:c9:8f:a5:aa:6a:a2:6b:c3:e4:9c:3f:d8:41:7e:e5:
e6:35:57:1f:fd:88:bf:b1:3d:af:1e:2b:91:15:98:d4:db:35:
a0:9b:8c:6d:0d:29:1b:a4:a1:c9:fe:3e:df:b4:7a:e9:ed:5d:
59:4b:fc:2b:93:5b:2f:34:79:24:4b:6e:ed:a4:7f:1b:52:08:
41:fd:1c:f0:c6:bf:63:9a:80:27:a0:08:75:1d:ec:43:ee:52:
f3:52:a4:a7:75:dd:56:26:13:6b:3f:e7:98:40:bb:91:28:14:
21:06:bb:57:1a:fa:4a:9e:99:68:07:de:30:4b:b4:95:15:aa:
31:43:48:b3:bc:b5:a2:3b:2b:5c:3d:95:39:96:32:a1:99:f8:
12:3d:54:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjN1JR0GuGwiFZlpKV/EWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGEwZjQ4MmQ1NGM3ODYxNjJlNGI5NWYyOTBjZTNhODQ3NjNjNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+PFute062088y0lNcwCZAmNIsud
VoIrQIAeaDkrmyiz+q1Ot2Z0zkNoZlMnqih30/UBDistuo+O8UcbF0gxzsSJQcrB
/LHXEwLAZadhhxsVrPcOVuxEBFwLSaeVxlrv50uVbnXQdFFgpYXMVnSYT35DgCWw
C37iRtC3Mt+uzXdl/weKZhirO4H3JcMajBVSQZ0yeJ0NQOveXNxCtUvW8j8rdZ3A
7U4MZCI1ri/W9QfWa+lC16WuL/HSyfFWfvszo/r7u0u9kUMaKh/nObiqtxEWdevT
i/z+h9yDOA4SDdxTLJbyjAOBLb5H3KJjoLc39TLH4JMnyjbW4AkYXlK+DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSg9ILVTHhhYuS5XykM46hHY8W5MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdEtEMGd0Vk1lR0ZpNUxsZktRempxRWRqeGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1NwEMA0G
CSqGSIb3DQEBCwUAA4IBAQAtZF1wZ4LXFomHGo6qZu1jOffWjNKPZeenp59M46Vn
aKbkJ6XsuONCoQD/HdzALxRe/Y8gfiE8m22zSn1vF7/wV5uH543JqPFjxUj6NMBK
fthy7hNwbi9TN31XJucdyeTYyh7YA+0r6Cr5873iSXzJj6WqaqJrw+ScP9hBfuXm
NVcf/Yi/sT2vHiuRFZjU2zWgm4xtDSkbpKHJ/j7ftHrp7V1ZS/wrk1svNHkkS27t
pH8bUghB/Rzwxr9jmoAnoAh1HexD7lLzUqSndd1WJhNrP+eYQLuRKBQhBrtXGvpK
nploB94wS7SVFaoxQ0izvLWiOytcPZU5ljKhmfgSPVSc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org