Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqrfuPTrEfo05TZjmwNsSYcBqZ8.roa
File: kqrfuPTrEfo05TZjmwNsSYcBqZ8.roa (raw, json)
Hash identifier: vUdR+2GAn4+fZyq4SNzyCIHrJGA59m0uH1VaG4tpNPI=
Subject key identifier: 92:AA:DF:B8:F4:EB:11:FA:34:E5:36:63:9B:03:6C:49:87:01:A9:9F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191CC280ED2547C5728045B578927E48E0B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqrfuPTrEfo05TZjmwNsSYcBqZ8.roa
Signing time: Sat 07 Sep 2024 11:04:22 +0000
ROA not before: Sat 07 Sep 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 212.193.11.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 10:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cc:28:0e:d2:54:7c:57:28:04:5b:57:89:27:e4:8e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 7 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92aadfb8f4eb11fa34e536639b036c498701a99f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b0:96:c1:ef:e3:71:21:5b:e4:70:65:3b:7b:
a0:28:91:20:cb:fb:7e:a5:6d:98:f2:00:97:9c:35:
2d:c7:75:1d:3b:c9:3a:65:1b:2b:86:2b:0d:51:2e:
5c:08:e1:3b:b8:18:58:60:fb:20:e2:d9:36:ab:28:
24:63:1c:db:64:cb:1f:0b:ab:07:7a:ab:58:6d:2a:
00:db:53:e7:f0:f6:74:1f:91:d0:05:43:d6:11:87:
88:0f:4f:68:be:b2:cd:0f:21:ae:e7:91:27:99:05:
90:f4:ec:a8:1b:73:27:3a:a9:53:58:99:f8:4c:32:
25:6f:07:82:f9:8b:68:57:9a:9b:8a:78:e2:53:3c:
f2:3a:bb:b0:04:3a:15:01:17:1d:79:34:27:44:65:
2a:cb:78:90:9f:05:3d:c3:18:a6:ef:f1:a6:48:18:
3d:58:c8:da:db:c0:29:b7:8f:00:60:00:1e:06:87:
73:2f:d9:a7:34:a4:7e:11:27:a7:91:32:25:67:9f:
f7:a8:76:54:46:64:bf:f4:f4:f4:88:4b:a1:c9:c9:
04:54:55:fa:f7:d1:b2:0b:aa:f5:5c:54:1b:8d:99:
c4:88:94:35:7b:3b:bf:58:1c:07:6c:8d:36:28:94:
f0:5c:62:9d:4b:ef:ca:b4:71:6d:4d:2e:4a:e8:6c:
5e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AA:DF:B8:F4:EB:11:FA:34:E5:36:63:9B:03:6C:49:87:01:A9:9F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqrfuPTrEfo05TZjmwNsSYcBqZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.193.11.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
40:85:ea:6f:c4:34:b9:9f:fd:fa:b0:0b:dd:6b:fd:57:b0:d5:
6b:1c:3e:7c:2a:48:11:28:ff:65:0c:f0:15:50:59:ac:0b:9f:
16:78:d1:40:fd:b3:8e:58:34:37:6a:ff:2b:77:28:11:79:0c:
23:6d:2f:6e:5b:af:d6:6e:da:7c:48:df:85:b5:4c:32:19:43:
5a:5a:b7:fe:ee:29:4f:98:1b:44:d1:2e:d5:f3:14:c2:59:6a:
ac:07:f6:9b:90:35:84:63:97:18:03:fd:30:9d:e5:69:cc:10:
0d:d6:a4:f2:8e:1e:a0:95:10:7e:a6:1a:12:8e:69:44:e8:0e:
f5:d7:40:0e:73:2e:75:7a:40:3d:4b:c7:a3:b4:f4:a8:94:f0:
92:07:52:35:7d:71:13:1c:22:0e:ac:77:c3:b8:d6:fd:68:c9:
6f:2b:93:7f:4d:b0:d4:44:15:f7:d4:17:64:bc:4e:fd:a9:62:
c6:f9:e0:59:4c:8b:19:67:96:b8:d4:59:0d:1a:ea:b5:02:d9:
18:04:1b:b2:5f:a8:ee:c9:9e:99:8a:eb:ab:81:b6:a9:a3:af:
d9:6e:f9:b6:5d:62:30:c3:9d:3d:d2:54:a8:df:82:94:c9:cd:
9d:59:cc:1a:fe:67:ec:7b:de:8f:9e:96:ca:08:e2:37:bc:05:
bc:cc:32:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHMKA7SVHxXKARbV4kn5I4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA3MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFhZGZiOGY0ZWIxMWZhMzRlNTM2NjM5YjAzNmM0OTg3MDFhOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrCWwe/jcSFb5HBlO3ugKJEgy/t+
pW2Y8gCXnDUtx3UdO8k6ZRsrhisNUS5cCOE7uBhYYPsg4tk2qygkYxzbZMsfC6sH
eqtYbSoA21Pn8PZ0H5HQBUPWEYeID09ovrLNDyGu55EnmQWQ9OyoG3MnOqlTWJn4
TDIlbweC+YtoV5qbinjiUzzyOruwBDoVARcdeTQnRGUqy3iQnwU9wxim7/GmSBg9
WMja28Apt48AYAAeBodzL9mnNKR+ESenkTIlZ5/3qHZURmS/9PT0iEuhyckEVFX6
99GyC6r1XFQbjZnEiJQ1ezu/WBwHbI02KJTwXGKdS+/KtHFtTS5K6Gxe6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJKq37j06xH6NOU2Y5sDbEmHAamfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva3FyZnVQVHJFZm8wNVRaam13TnNTWWNCcVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1MELAwQA
1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQBAhepvxDS5n/36sAvda/1XsNVrHD58KkgR
KP9lDPAVUFmsC58WeNFA/bOOWDQ3av8rdygReQwjbS9uW6/Wbtp8SN+FtUwyGUNa
Wrf+7ilPmBtE0S7V8xTCWWqsB/abkDWEY5cYA/0wneVpzBAN1qTyjh6glRB+phoS
jmlE6A7110AOcy51ekA9S8ejtPSolPCSB1I1fXETHCIOrHfDuNb9aMlvK5N/TbDU
RBX31BdkvE79qWLG+eBZTIsZZ5a41FkNGuq1AtkYBBuyX6juyZ6Ziuurgbapo6/Z
bvm2XWIww5090lSo34KUyc2dWcwa/mfse96PnpbKCOI3vAW8zDJA
-----END CERTIFICATE-----
Generated at Mon Oct 7 14:40:53 2024 by rpki-client on console-ams.rpki-client.org