Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_J5pAhvppfLit7ueHroZg5PYs4s.roa
File: _J5pAhvppfLit7ueHroZg5PYs4s.roa (raw, json)
Hash identifier: bLfZciyy3guScXdMpYBKQYg4MynWdiAMwCa3mTJ7pJk=
Subject key identifier: FC:9E:69:02:1B:E9:A5:F2:E2:B7:BB:9E:1E:BA:19:83:93:D8:B3:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8DE9020AA60730355DB9AFA1D650
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_J5pAhvppfLit7ueHroZg5PYs4s.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210974
IP address blocks: 212.192.2.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 06:35:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8d:e9:02:0a:a6:07:30:35:5d:b9:af:a1:d6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc9e69021be9a5f2e2b7bb9e1eba198393d8b38b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:75:44:fe:57:1d:01:04:82:2e:27:a7:65:32:
40:d8:66:64:6f:e8:cf:0f:43:f3:d2:60:c3:1e:2d:
6a:fa:e4:1f:af:5b:a4:2e:f7:bb:0e:50:6a:51:30:
4a:63:7d:60:03:e7:5c:e9:4e:55:35:1d:31:47:13:
39:ba:ee:fd:3a:72:fe:c7:6a:54:03:4b:f9:e1:bd:
64:03:e4:11:43:2c:75:17:5b:97:ae:6a:d3:29:37:
ff:89:15:d8:31:61:01:69:17:dd:a2:ec:25:6a:67:
b2:78:9a:5a:84:4d:55:54:b3:18:e7:1a:24:54:fd:
a0:00:43:f1:d1:3d:c1:10:e4:47:a4:61:cb:b3:96:
47:23:45:c5:48:51:2d:4f:09:c4:eb:bd:e7:3c:71:
3a:cb:0e:e7:70:4e:df:c3:5a:b4:b6:a9:99:b0:65:
db:d8:06:56:31:87:d0:11:1c:3c:e6:4a:d3:ec:eb:
c6:b3:8b:b4:4d:b9:1c:64:47:47:cc:06:91:45:64:
f0:64:3b:dd:1c:9e:19:89:f3:b2:97:08:5b:4f:7b:
2f:ba:7a:3f:ca:f9:aa:79:e5:51:f1:8f:a6:00:c1:
88:1b:33:94:11:4b:26:bb:fe:4e:08:82:5f:8c:0e:
46:ee:32:09:bd:55:53:31:83:78:ab:fc:9d:a8:c0:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9E:69:02:1B:E9:A5:F2:E2:B7:BB:9E:1E:BA:19:83:93:D8:B3:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_J5pAhvppfLit7ueHroZg5PYs4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.2.0/23
212.192.11.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
16:9c:f0:87:73:8e:8b:47:d1:22:73:d4:26:dc:58:29:3e:49:
bf:a9:1b:ca:d5:9a:d0:a8:55:13:36:fa:56:8d:f2:96:84:52:
6e:90:3d:c6:9d:a1:77:df:8b:42:ef:68:5e:95:df:f7:12:60:
91:d6:20:bc:0d:ec:0e:92:64:42:4a:7e:0d:89:15:45:4b:44:
21:2a:89:8c:05:fb:56:f1:63:8e:03:18:20:82:a4:00:31:04:
6f:da:03:e6:1c:5e:18:50:08:57:6f:1a:19:c4:d7:cb:ce:7b:
7e:47:88:6b:ef:40:59:5f:db:00:ea:f8:3c:43:24:44:a0:07:
f9:60:8c:64:c8:13:c6:7c:c2:31:a6:11:cb:5e:0d:84:63:b1:
c3:5c:33:6d:5b:b1:d8:f4:8d:09:63:17:ca:67:40:67:0a:aa:
86:49:9b:4c:0a:8f:8d:ff:ee:5b:15:15:e0:53:9d:dc:6f:09:
ef:15:9f:5d:f1:81:ad:0f:b7:b7:34:8e:31:47:eb:f5:0f:4b:
95:d4:0c:50:51:35:3d:ce:e0:93:b6:5d:92:a3:d3:a8:03:66:
24:e0:ac:fe:d1:32:1c:e3:f7:62:41:65:ed:7c:01:bc:d1:0f:
3b:e2:ba:c2:2d:86:91:65:ae:c9:6b:14:ba:67:5d:0f:37:e1:
8e:1b:84:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKo3pAgqmBzA1XbmvodZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzllNjkwMjFiZTlhNWYyZTJiN2JiOWUxZWJhMTk4MzkzZDhiMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXVE/lcdAQSCLienZTJA2GZkb+jP
D0Pz0mDDHi1q+uQfr1ukLve7DlBqUTBKY31gA+dc6U5VNR0xRxM5uu79OnL+x2pU
A0v54b1kA+QRQyx1F1uXrmrTKTf/iRXYMWEBaRfdouwlameyeJpahE1VVLMY5xok
VP2gAEPx0T3BEORHpGHLs5ZHI0XFSFEtTwnE673nPHE6yw7ncE7fw1q0tqmZsGXb
2AZWMYfQERw85krT7OvGs4u0TbkcZEdHzAaRRWTwZDvdHJ4ZifOylwhbT3svuno/
yvmqeeVR8Y+mAMGIGzOUEUsmu/5OCIJfjA5G7jIJvVVTMYN4q/ydqMCYQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPyeaQIb6aXy4re7nh66GYOT2LOLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX0o1cEFodnBwZkxpdDd1ZUhyb1pnNVBZczRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQB1MACAwQA
1MALAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQAWnPCHc46LR9Eic9Qm3FgpPkm/
qRvK1ZrQqFUTNvpWjfKWhFJukD3GnaF334tC72held/3EmCR1iC8DewOkmRCSn4N
iRVFS0QhKomMBftW8WOOAxgggqQAMQRv2gPmHF4YUAhXbxoZxNfLznt+R4hr70BZ
X9sA6vg8QyREoAf5YIxkyBPGfMIxphHLXg2EY7HDXDNtW7HY9I0JYxfKZ0BnCqqG
SZtMCo+N/+5bFRXgU53cbwnvFZ9d8YGtD7e3NI4xR+v1D0uV1AxQUTU9zuCTtl2S
o9OoA2Yk4Kz+0TIc4/diQWXtfAG80Q874rrCLYaRZa7JaxS6Z10PN+GOG4S3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org