Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OZwpyQQndr7Y4r6wFVWtZhxbgiE.roa
File: OZwpyQQndr7Y4r6wFVWtZhxbgiE.roa (raw, json)
Hash identifier: tk0bFSa+eyZDkTc+L2BGnL9jmozeHKG8bdVTVgvXlHw=
Subject key identifier: 39:9C:29:C9:04:27:76:BE:D8:E2:BE:B0:15:55:AD:66:1C:5B:82:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188AF3114062151DF14CDDDB5FA4E695288
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OZwpyQQndr7Y4r6wFVWtZhxbgiE.roa
Signing time: Mon 12 Jun 2023 10:40:09 +0000
ROA not before: Mon 12 Jun 2023 10:40:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 212.192.209.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Jun 2023 13:24:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:31:14:06:21:51:df:14:cd:dd:b5:fa:4e:69:52:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 12 10:40:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=399c29c9042776bed8e2beb01555ad661c5b8221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:98:74:ef:0c:91:74:f0:9c:bf:e6:d1:3f:
7f:39:4e:0f:3a:13:33:0f:86:f8:a4:47:ad:04:db:
8c:18:d9:01:87:3d:41:2d:f1:08:6a:f0:f9:84:5d:
e1:a1:fe:12:63:62:be:8b:93:59:43:79:d3:37:e4:
ca:e9:cd:a9:38:91:c0:da:0f:a4:bd:0a:b4:6a:dc:
53:80:21:bc:96:0b:18:ca:7d:d4:b9:a8:c6:f3:79:
60:4c:15:fd:fe:60:12:e2:1b:61:95:4d:f6:a8:76:
b4:db:e5:dd:7c:5d:a2:b3:95:92:ac:67:8b:cc:88:
82:4b:3f:3e:ef:52:5a:63:dc:85:96:38:00:a8:03:
5f:00:32:77:90:b3:6e:8e:68:fc:5a:98:50:a6:4b:
7d:b0:95:b4:7d:08:77:3e:83:95:b5:71:cc:8c:8a:
8e:3a:e9:e8:1f:b1:5a:7b:fd:ed:74:e3:89:41:30:
91:bd:8d:d7:2a:e4:b9:ae:6d:bf:59:47:99:13:1b:
89:f9:21:0a:0e:a2:19:ae:be:ff:18:af:9d:fb:27:
70:a0:b3:fa:1f:0b:d6:fb:e9:c0:f4:7d:44:5e:b3:
da:b1:cc:1d:2d:e6:ef:b4:1a:0e:27:97:34:90:2d:
c2:ec:26:dc:41:d1:a2:09:8a:fa:23:4a:5b:bb:1f:
d7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9C:29:C9:04:27:76:BE:D8:E2:BE:B0:15:55:AD:66:1C:5B:82:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/OZwpyQQndr7Y4r6wFVWtZhxbgiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.208.0/23
Signature Algorithm: sha256WithRSAEncryption
64:54:74:7f:89:61:25:08:c2:6b:62:d2:95:1b:21:a2:ca:7d:
ec:30:84:a1:05:37:c4:56:73:b3:1c:35:eb:1a:f4:53:85:46:
f8:95:ba:cf:56:ee:a1:ef:87:f0:90:20:43:24:63:7a:89:b0:
e4:fc:f0:bd:fb:19:1d:97:39:05:c0:ef:f4:66:e9:86:81:ce:
75:4e:c0:6f:ab:1b:ed:5a:d7:af:56:5c:b1:f1:19:f2:27:69:
e2:a4:b1:d6:e2:4b:82:82:7f:d4:87:22:a0:b9:7e:0c:6f:30:
38:4b:44:3f:eb:bd:ce:c0:f4:55:f0:a4:28:2e:69:78:2f:f7:
d6:65:00:9d:bc:7a:1e:bd:d6:98:07:55:ec:e5:c8:c7:b9:1e:
7a:45:e2:3e:e4:f5:69:62:8e:09:6e:dd:25:72:3f:1c:68:a5:
8e:3c:c9:b1:06:93:80:30:51:52:42:c2:39:2c:ce:87:31:24:
99:f3:e8:f2:7d:c3:39:1e:8c:69:07:78:8d:de:1f:ca:c8:0f:
ad:ce:50:ae:96:0e:e3:35:bf:31:11:86:24:0f:a0:cf:8a:bc:
1b:19:f2:6c:1a:a3:f1:c0:4e:10:85:3e:75:b4:33:ae:cf:05:
84:10:c0:93:e9:24:53:01:b5:0a:27:1d:60:87:ec:5f:30:ec:
ca:55:ba:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYivMRQGIVHfFM3dtfpOaVKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEyMTA0MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTljMjljOTA0Mjc3NmJlZDhlMmJlYjAxNTU1YWQ2NjFjNWI4MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC+YdO8MkXTwnL/m0T9/OU4POhMz
D4b4pEetBNuMGNkBhz1BLfEIavD5hF3hof4SY2K+i5NZQ3nTN+TK6c2pOJHA2g+k
vQq0atxTgCG8lgsYyn3UuajG83lgTBX9/mAS4hthlU32qHa02+XdfF2is5WSrGeL
zIiCSz8+71JaY9yFljgAqANfADJ3kLNujmj8WphQpkt9sJW0fQh3PoOVtXHMjIqO
OunoH7Fae/3tdOOJQTCRvY3XKuS5rm2/WUeZExuJ+SEKDqIZrr7/GK+d+ydwoLP6
HwvW++nA9H1EXrPascwdLebvtBoOJ5c0kC3C7CbcQdGiCYr6I0pbux/XxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmcKckEJ3a+2OK+sBVVrWYcW4IhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvT1p3cHlRUW5kcjdZNHI2d0ZWV3RaaHhiZ2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1MDQMA0G
CSqGSIb3DQEBCwUAA4IBAQBkVHR/iWElCMJrYtKVGyGiyn3sMIShBTfEVnOzHDXr
GvRThUb4lbrPVu6h74fwkCBDJGN6ibDk/PC9+xkdlzkFwO/0ZumGgc51TsBvqxvt
WtevVlyx8RnyJ2nipLHW4kuCgn/UhyKguX4MbzA4S0Q/673OwPRV8KQoLml4L/fW
ZQCdvHoevdaYB1Xs5cjHuR56ReI+5PVpYo4Jbt0lcj8caKWOPMmxBpOAMFFSQsI5
LM6HMSSZ8+jyfcM5HoxpB3iN3h/KyA+tzlCulg7jNb8xEYYkD6DPirwbGfJsGqPx
wE4QhT51tDOuzwWEEMCT6SRTAbUKJx1gh+xfMOzKVbrV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:15 2024 by rpki-client on console-fra.rpki-client.org