Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FeVpomzLkdVPKGdwP0dnM-5DC4M.roa
File: FeVpomzLkdVPKGdwP0dnM-5DC4M.roa (raw, json)
Hash identifier: jdo54HjcumZMK1XZSgL/XiTa9BvaI0zSM6XjvRGwKXA=
Subject key identifier: 15:E5:69:A2:6C:CB:91:D5:4F:28:67:70:3F:47:67:33:EE:43:0B:83
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C8A6B5203E18CC89684D8FF9A045A6CB4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FeVpomzLkdVPKGdwP0dnM-5DC4M.roa
Signing time: Thu 21 Dec 2023 03:28:58 +0000
ROA not before: Thu 21 Dec 2023 03:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216145
IP address blocks: 212.192.212.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 07:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8a:6b:52:03:e1:8c:c8:96:84:d8:ff:9a:04:5a:6c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 21 03:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15e569a26ccb91d54f2867703f476733ee430b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c1:16:77:c8:57:62:8e:8d:72:e3:60:e1:2d:
0f:e2:90:8b:69:3b:df:9e:6f:d7:7b:96:c9:7b:7c:
c9:e2:a7:21:a4:19:39:f6:f2:40:5f:af:76:a8:b6:
0e:42:b1:c4:73:08:fe:a1:b9:7a:53:cb:09:35:9e:
24:61:1a:52:a4:81:fb:80:d9:f0:e2:68:9e:ce:2f:
76:91:2c:73:cd:10:d4:b7:10:29:55:d1:7f:03:8a:
67:f2:97:e5:8f:72:98:d2:e2:14:a3:fd:c6:22:40:
7e:46:68:97:14:9d:ac:d1:7b:a8:a7:d3:a3:04:1c:
56:56:54:8b:d6:ca:fc:c7:b6:0e:d1:4f:af:94:a2:
9e:f0:ca:a6:6e:84:a9:0c:b0:18:d1:5e:09:7a:34:
1a:1a:f6:78:2a:dd:6d:d5:ed:59:58:3b:39:22:25:
4f:40:46:e6:c3:4e:76:56:f8:20:28:c0:63:c6:0c:
f0:1f:62:7a:e7:5d:41:b9:8b:ee:b1:2d:db:90:de:
bf:8f:c5:5b:49:26:8f:31:0c:49:42:26:fa:52:ff:
18:66:03:a2:39:c8:15:07:b0:b5:1c:fb:14:7d:b9:
22:04:b4:65:c3:95:a0:29:b3:31:09:af:d7:9d:3c:
24:1d:56:f8:b5:b2:93:b0:2d:b9:5f:14:1d:bd:29:
02:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E5:69:A2:6C:CB:91:D5:4F:28:67:70:3F:47:67:33:EE:43:0B:83
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FeVpomzLkdVPKGdwP0dnM-5DC4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.212.0/24
212.192.214.0/23
212.192.223.0/24
Signature Algorithm: sha256WithRSAEncryption
19:5f:16:ab:fe:61:7b:de:f7:84:32:4d:b7:b8:e1:03:89:d6:
db:4b:c8:29:ca:94:c4:c8:0d:ad:f2:ab:9f:fd:33:9d:16:62:
5a:ee:a8:58:fa:76:1a:65:31:f4:11:c7:0e:03:ea:3a:5b:13:
ce:09:63:80:0d:96:03:83:aa:ee:9d:fa:14:63:12:91:c6:0a:
f9:81:84:21:ca:02:48:0d:b9:bb:69:c9:e8:73:02:fb:ea:16:
05:b2:38:ab:ac:9f:ab:74:e3:54:48:a8:c8:e4:22:6c:5e:d8:
31:87:97:ef:ef:e0:93:e1:16:d0:43:14:c1:02:4b:71:f3:b1:
39:2d:d2:d1:57:5c:25:9c:57:d1:38:46:63:8f:22:1a:1d:d4:
62:8c:eb:e3:d6:d2:ea:c3:3d:90:b5:cc:cd:9c:52:71:37:92:
45:bf:4c:3a:58:d5:40:10:e3:85:0f:a5:bb:53:52:3d:7a:bf:
6e:fe:67:30:51:63:a7:1c:39:13:ca:ff:39:a1:8e:aa:81:fa:
8d:c0:60:2c:6c:4e:f1:df:45:cd:69:06:02:75:65:55:af:d2:
93:87:64:f4:00:7f:92:ec:3f:56:69:cb:f9:80:c0:3a:f9:c4:
33:70:2f:21:c8:03:df:0a:81:0f:25:a3:ce:23:3e:56:80:3f:
05:5b:98:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyKa1ID4YzIloTY/5oEWmy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjIxMDMyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU1NjlhMjZjY2I5MWQ1NGYyODY3NzAzZjQ3NjczM2VlNDMwYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcEWd8hXYo6NcuNg4S0P4pCLaTvf
nm/Xe5bJe3zJ4qchpBk59vJAX692qLYOQrHEcwj+obl6U8sJNZ4kYRpSpIH7gNnw
4miezi92kSxzzRDUtxApVdF/A4pn8pflj3KY0uIUo/3GIkB+RmiXFJ2s0Xuop9Oj
BBxWVlSL1sr8x7YO0U+vlKKe8MqmboSpDLAY0V4JejQaGvZ4Kt1t1e1ZWDs5IiVP
QEbmw052VvggKMBjxgzwH2J6511BuYvusS3bkN6/j8VbSSaPMQxJQib6Uv8YZgOi
OcgVB7C1HPsUfbkiBLRlw5WgKbMxCa/XnTwkHVb4tbKTsC25XxQdvSkCTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBXlaaJsy5HVTyhncD9HZzPuQwuDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRmVWcG9tekxrZFZQS0dkd1AwZG5NLTVEQzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1MDUAwQB
1MDWAwQA1MDfMA0GCSqGSIb3DQEBCwUAA4IBAQAZXxar/mF73veEMk23uOEDidbb
S8gpypTEyA2t8quf/TOdFmJa7qhY+nYaZTH0EccOA+o6WxPOCWOADZYDg6runfoU
YxKRxgr5gYQhygJIDbm7acnocwL76hYFsjirrJ+rdONUSKjI5CJsXtgxh5fv7+CT
4RbQQxTBAktx87E5LdLRV1wlnFfROEZjjyIaHdRijOvj1tLqwz2QtczNnFJxN5JF
v0w6WNVAEOOFD6W7U1I9er9u/mcwUWOnHDkTyv85oY6qgfqNwGAsbE7x30XNaQYC
dWVVr9KTh2T0AH+S7D9Wacv5gMA6+cQzcC8hyAPfCoEPJaPOIz5WgD8FW5iD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:11 2024 by rpki-client on console-fra.rpki-client.org