Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WY9fyirNjogPWZwWiCgZcGz2Jz8.roa
File: WY9fyirNjogPWZwWiCgZcGz2Jz8.roa (raw, json)
Hash identifier: vz1voawKXAE3B6ggP/hxye1bCYXFK5ghxYYq1SaMGWc=
Subject key identifier: 59:8F:5F:CA:2A:CD:8E:88:0F:59:9C:16:88:28:19:70:6C:F6:27:3F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189DE14964BC0009B480340BF3EEBD6E5AA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WY9fyirNjogPWZwWiCgZcGz2Jz8.roa
Signing time: Thu 10 Aug 2023 06:13:58 +0000
ROA not before: Thu 10 Aug 2023 06:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 212.192.212.0/22 maxlen: 24
212.192.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 17:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:14:96:4b:c0:00:9b:48:03:40:bf:3e:eb:d6:e5:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 10 06:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=598f5fca2acd8e880f599c16882819706cf6273f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f0:bb:47:59:a7:e5:41:d9:7a:0a:41:61:e9:
ba:f4:74:eb:1e:5d:c1:0f:bf:42:4b:2e:5f:49:eb:
aa:f6:07:02:41:ae:16:58:fe:cf:19:fb:11:e0:94:
21:0f:10:56:8d:49:fb:07:db:ea:76:a1:7d:5f:d3:
dc:4b:e8:42:80:80:d2:66:33:61:b3:1f:a0:b8:66:
61:18:21:8b:a8:c5:8f:99:d4:92:74:77:f0:c1:6e:
80:2a:1b:21:59:44:7c:80:d5:60:73:76:05:57:0d:
eb:2c:86:d4:78:dd:67:25:95:49:d6:11:71:26:5c:
9b:e3:f4:98:56:74:86:11:f8:0e:b5:ee:26:da:4b:
72:49:5e:65:22:88:31:04:a6:d6:22:59:d8:12:30:
22:b3:10:8b:16:d4:68:69:96:ca:fa:01:e3:56:c0:
ab:f1:54:0a:fa:d2:94:ef:cc:9a:1f:46:a4:9e:ef:
b4:3b:35:e3:f0:d6:37:57:b3:05:32:93:30:ee:8b:
d4:d4:e8:79:b8:64:13:fd:f5:af:a9:6d:19:fa:6f:
d6:66:5a:65:e1:c2:53:ef:81:9b:ef:88:20:8a:9b:
0a:01:46:9b:e2:31:02:d5:71:7a:0b:4c:a7:e5:7b:
b5:52:b4:bf:d7:63:a2:0b:57:e5:5b:31:af:b6:fe:
5c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8F:5F:CA:2A:CD:8E:88:0F:59:9C:16:88:28:19:70:6C:F6:27:3F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WY9fyirNjogPWZwWiCgZcGz2Jz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.212.0/22
212.192.252.0/22
Signature Algorithm: sha256WithRSAEncryption
99:89:cf:a9:83:8f:9d:46:42:57:0f:9e:44:bc:88:c8:f0:17:
3c:b2:9c:04:18:a5:f4:75:a9:81:ea:0d:2c:1b:13:b1:e3:6f:
66:18:d2:21:60:10:dc:1b:fb:c3:0f:23:e8:f2:ec:07:68:a5:
4c:97:aa:0e:2d:55:3e:07:24:53:1c:e6:78:ef:8b:78:8f:be:
b1:3d:f4:0b:6e:65:10:e4:d2:c7:5c:90:59:7a:f0:4f:c1:fc:
34:64:cc:a7:a6:96:a8:5a:6d:a0:48:96:23:ab:33:b5:69:8d:
6d:40:98:09:9a:44:1e:f8:90:ad:fd:43:c2:49:c1:9a:e9:0c:
6b:68:82:b6:d4:40:34:d8:54:c1:75:0d:f9:9b:4b:7c:d1:02:
d3:76:b0:e3:13:00:4c:84:2d:27:b0:cf:09:a7:98:db:2a:e7:
da:9a:d7:7f:2d:78:37:cd:be:35:1d:f8:61:d3:e1:78:b2:32:
07:47:44:fc:c0:f9:ab:53:8e:d2:79:68:e6:5a:9e:c2:64:e0:
9c:4d:83:e5:36:0e:85:84:15:39:92:8d:63:1b:21:d1:69:25:
56:f9:d2:ae:99:6f:3c:43:b3:e4:87:fa:d0:9e:f4:98:76:31:
0c:9f:77:32:b9:a3:bc:4b:d5:68:e8:c7:bd:f8:d6:9d:b7:84:
66:f0:6a:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYneFJZLwACbSANAvz7r1uWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODEwMDYxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThmNWZjYTJhY2Q4ZTg4MGY1OTljMTY4ODI4MTk3MDZjZjYyNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/C7R1mn5UHZegpBYem69HTrHl3B
D79CSy5fSeuq9gcCQa4WWP7PGfsR4JQhDxBWjUn7B9vqdqF9X9PcS+hCgIDSZjNh
sx+guGZhGCGLqMWPmdSSdHfwwW6AKhshWUR8gNVgc3YFVw3rLIbUeN1nJZVJ1hFx
Jlyb4/SYVnSGEfgOte4m2ktySV5lIogxBKbWIlnYEjAisxCLFtRoaZbK+gHjVsCr
8VQK+tKU78yaH0aknu+0OzXj8NY3V7MFMpMw7ovU1Oh5uGQT/fWvqW0Z+m/WZlpl
4cJT74Gb74ggipsKAUab4jEC1XF6C0yn5Xu1UrS/12OiC1flWzGvtv5cDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFmPX8oqzY6ID1mcFogoGXBs9ic/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV1k5Znlpck5qb2dQV1p3V2lDZ1pjR3oySno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1MDUAwQC
1MD8MA0GCSqGSIb3DQEBCwUAA4IBAQCZic+pg4+dRkJXD55EvIjI8Bc8spwEGKX0
damB6g0sGxOx429mGNIhYBDcG/vDDyPo8uwHaKVMl6oOLVU+ByRTHOZ474t4j76x
PfQLbmUQ5NLHXJBZevBPwfw0ZMynppaoWm2gSJYjqzO1aY1tQJgJmkQe+JCt/UPC
ScGa6QxraIK21EA02FTBdQ35m0t80QLTdrDjEwBMhC0nsM8Jp5jbKufamtd/LXg3
zb41Hfhh0+F4sjIHR0T8wPmrU47SeWjmWp7CZOCcTYPlNg6FhBU5ko1jGyHRaSVW
+dKumW88Q7Pkh/rQnvSYdjEMn3cyuaO8S9Vo6Me9+Nadt4Rm8Gqq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org