Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r8yD5b62DEewwi9VIOZgrXqNsdM.roa
File: r8yD5b62DEewwi9VIOZgrXqNsdM.roa (raw, json)
Hash identifier: DyrWvlLaeBqSAzDvITdpGW9uhlUSbczxqo3S8Bb8Zyg=
Subject key identifier: AF:CC:83:E5:BE:B6:0C:47:B0:C2:2F:55:20:E6:60:AD:7A:8D:B1:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01876FE803B5890F518AA4E243C948858E53
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r8yD5b62DEewwi9VIOZgrXqNsdM.roa
Signing time: Tue 11 Apr 2023 10:41:28 +0000
ROA not before: Tue 11 Apr 2023 10:41:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210715
IP address blocks: 212.192.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:e8:03:b5:89:0f:51:8a:a4:e2:43:c9:48:85:8e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 11 10:41:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afcc83e5beb60c47b0c22f5520e660ad7a8db1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:66:d3:4a:55:33:81:f4:4c:85:e5:dc:5e:b9:
2f:92:57:d7:48:0d:53:1d:3b:08:f7:9b:8c:82:15:
e0:91:a1:d7:1e:2c:22:f6:3e:88:58:af:6c:ec:4c:
f8:27:54:85:ca:fa:90:37:38:4f:e7:88:48:2a:ec:
68:a7:94:03:a3:10:8b:50:21:17:01:17:cd:7e:e3:
fa:13:d2:67:1a:f9:a1:2a:f6:eb:60:ce:72:0a:26:
fb:30:6e:a4:32:2d:12:45:0d:a3:02:0d:90:5e:96:
1c:c5:17:65:3a:57:fe:08:03:34:98:ee:6d:21:23:
cd:98:95:f8:53:78:e6:1d:b5:68:a1:f0:86:df:84:
11:88:62:5d:c5:83:ca:b2:f9:c0:ab:23:36:33:df:
8d:11:e7:2f:04:a5:4e:08:f4:ac:d6:0e:48:51:0f:
e1:c5:42:5b:fe:39:70:c3:28:40:5d:5f:a8:ca:a2:
c0:9a:da:f6:93:d9:31:43:ab:16:bb:6a:73:d9:fb:
95:26:35:85:b5:d3:1d:66:75:f5:fa:19:26:68:12:
8c:0d:85:cf:98:f9:74:9a:95:d5:c0:b1:47:47:f5:
a1:14:93:58:94:96:f1:08:4a:8b:ef:28:81:e9:22:
e0:f2:07:f2:93:d4:3f:15:c2:cc:f9:a4:cd:f3:3a:
99:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CC:83:E5:BE:B6:0C:47:B0:C2:2F:55:20:E6:60:AD:7A:8D:B1:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r8yD5b62DEewwi9VIOZgrXqNsdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.29.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4a:95:25:f9:71:ef:0a:48:e7:c8:6d:c2:40:92:24:5f:c9:
4b:79:1b:a9:f5:ed:e0:a1:6f:92:d9:58:8e:37:ae:f8:0d:f7:
89:04:9a:a1:b5:77:84:26:50:a3:9d:3f:1e:ac:77:a1:fc:18:
fb:22:16:56:cd:35:de:34:2e:48:9c:af:71:80:b1:f9:fb:6e:
4e:fb:31:7e:9d:a0:ae:73:3a:c7:72:c6:f4:b7:3e:35:98:1b:
41:f4:80:be:02:99:3f:04:8b:42:8a:2a:63:b9:be:8c:9d:07:
d8:26:0c:e1:5f:1c:bc:71:94:93:21:79:5c:34:8b:da:47:48:
97:98:87:08:f1:84:2a:8b:e9:95:b2:bb:ec:f8:9d:cc:83:cf:
87:ad:16:ac:17:be:56:1d:ab:16:de:f9:eb:9e:f5:21:8d:45:
ae:16:71:7d:f2:28:fd:56:7f:5c:a8:56:73:82:c7:e4:ad:be:
b0:58:58:db:19:a5:88:84:95:b8:76:49:a0:42:2b:ee:ae:86:
d3:cb:fe:49:19:80:2b:5b:6e:1d:38:1b:35:00:8b:dc:ad:f6:
30:ea:9a:60:22:69:43:fd:d3:59:74:41:45:85:1f:09:55:12:
76:77:1e:f4:d9:8f:2e:f2:4a:26:ca:48:cb:5c:fb:a6:6d:8a:
12:46:68:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdv6AO1iQ9RiqTiQ8lIhY5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDExMTA0MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmNjODNlNWJlYjYwYzQ3YjBjMjJmNTUyMGU2NjBhZDdhOGRiMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWbTSlUzgfRMheXcXrkvklfXSA1T
HTsI95uMghXgkaHXHiwi9j6IWK9s7Ez4J1SFyvqQNzhP54hIKuxop5QDoxCLUCEX
ARfNfuP6E9JnGvmhKvbrYM5yCib7MG6kMi0SRQ2jAg2QXpYcxRdlOlf+CAM0mO5t
ISPNmJX4U3jmHbVoofCG34QRiGJdxYPKsvnAqyM2M9+NEecvBKVOCPSs1g5IUQ/h
xUJb/jlwwyhAXV+oyqLAmtr2k9kxQ6sWu2pz2fuVJjWFtdMdZnX1+hkmaBKMDYXP
mPl0mpXVwLFHR/WhFJNYlJbxCEqL7yiB6SLg8gfyk9Q/FcLM+aTN8zqZtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/Mg+W+tgxHsMIvVSDmYK16jbHTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcjh5RDViNjJERWV3d2k5VklPWmdyWHFOc2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MAdMA0G
CSqGSIb3DQEBCwUAA4IBAQCISpUl+XHvCkjnyG3CQJIkX8lLeRup9e3goW+S2ViO
N674DfeJBJqhtXeEJlCjnT8erHeh/Bj7IhZWzTXeNC5InK9xgLH5+25O+zF+naCu
czrHcsb0tz41mBtB9IC+Apk/BItCiipjub6MnQfYJgzhXxy8cZSTIXlcNIvaR0iX
mIcI8YQqi+mVsrvs+J3Mg8+HrRasF75WHasW3vnrnvUhjUWuFnF98ij9Vn9cqFZz
gsfkrb6wWFjbGaWIhJW4dkmgQivurobTy/5JGYArW24dOBs1AIvcrfYw6ppgImlD
/dNZdEFFhR8JVRJ2dx702Y8u8komykjLXPumbYoSRmiJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-ams.rpki-client.org