Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/szmVtPatJLnkd0XO4oLgxHetIiE.roa
File: szmVtPatJLnkd0XO4oLgxHetIiE.roa (raw, json)
Hash identifier: 6ly/zcTXhkkF+GbLTlHzvXRMlxnQMA9icJQgZfLVK0c=
Subject key identifier: B3:39:95:B4:F6:AD:24:B9:E4:77:45:CE:E2:82:E0:C4:77:AD:22:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CE04810943605011D3948D6DF65C6B080
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/szmVtPatJLnkd0XO4oLgxHetIiE.roa
Signing time: Sat 06 Jan 2024 19:37:48 +0000
ROA not before: Sat 06 Jan 2024 19:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203394
IP address blocks: 212.193.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 13:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:48:10:94:36:05:01:1d:39:48:d6:df:65:c6:b0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 6 19:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b33995b4f6ad24b9e47745cee282e0c477ad2221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:65:9b:8e:39:06:c7:8a:47:f3:73:fd:01:
af:9d:59:77:8c:b2:0d:79:85:4b:56:11:4e:c4:3e:
37:ea:3f:64:64:56:c0:05:27:7e:f1:3d:a7:8d:59:
0c:e2:30:34:c6:c0:15:9b:82:26:69:c2:f9:20:c6:
34:f0:13:40:0f:e6:04:8e:67:b3:6e:a8:67:04:b8:
97:02:d5:81:9c:6c:bf:e9:ce:da:85:ea:b3:c4:30:
3f:96:13:98:c1:a5:d0:ac:da:ce:82:7a:9e:f2:17:
03:8b:29:03:e6:53:97:8a:68:4d:7c:31:4a:a6:02:
6f:0c:af:4b:b6:76:c0:e8:e8:a1:9c:47:34:27:7c:
b3:89:96:4e:76:08:bb:bd:5f:f7:82:10:02:70:be:
27:e4:3f:e2:64:e0:28:fc:8b:1f:30:70:1e:eb:2f:
e3:0b:8f:be:56:74:ed:5a:11:68:c0:d9:99:3d:b7:
b4:40:26:5f:62:9a:aa:a4:a0:75:30:90:18:34:79:
fe:97:30:9b:22:82:83:a0:5d:f4:ef:c9:34:88:07:
14:73:80:72:bf:bd:bf:bf:82:25:d5:81:2b:53:cb:
12:14:fa:e1:f7:24:fa:db:56:eb:af:c8:c3:bc:31:
b9:ba:5c:eb:06:d5:db:2b:7f:11:9e:7d:3d:65:03:
61:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:95:B4:F6:AD:24:B9:E4:77:45:CE:E2:82:E0:C4:77:AD:22:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/szmVtPatJLnkd0XO4oLgxHetIiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
67:e9:a5:36:60:74:14:9f:3c:93:dd:da:67:f8:f4:a8:2c:f3:
e2:d9:a9:2a:57:4c:2b:0c:4b:d7:81:1f:da:8a:ba:dd:4b:b1:
9c:bb:38:8e:0f:0a:30:14:a2:83:aa:dc:3e:b7:5d:11:7d:d8:
fd:59:87:68:60:1c:e1:c2:d1:ec:0f:87:3e:c0:a8:39:e3:3d:
1c:0b:84:37:6e:1b:fa:da:0a:84:69:76:ca:e2:df:2e:06:23:
9a:2a:90:f6:80:ea:15:24:d8:2d:2d:e9:c5:13:f2:2d:76:d5:
a2:6a:20:c8:77:37:e5:d8:cc:d2:61:4f:59:da:bc:7a:32:3b:
a9:1b:63:8f:c5:3a:c0:1a:fb:69:74:de:29:9b:a7:cb:06:2e:
74:92:c7:14:e0:fe:a7:ad:5e:40:c4:63:00:1f:ab:ae:24:3d:
fb:c8:ef:f9:3c:01:10:b0:42:d9:6c:ca:90:d1:26:bb:df:55:
90:27:21:c0:68:ba:08:bd:ed:e0:17:cb:74:19:24:b8:66:3e:
a9:5b:5e:0b:d1:15:fa:85:c8:0b:30:64:13:d3:29:7e:9b:7e:
92:d4:da:27:42:8f:2a:5f:78:6d:33:b7:17:1a:5a:30:d1:54:
cf:ff:cd:e1:ed:56:5a:86:72:c6:33:2a:00:7a:32:17:8e:9f:
b2:60:86:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzgSBCUNgUBHTlI1t9lxrCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA2MTkzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM5OTViNGY2YWQyNGI5ZTQ3NzQ1Y2VlMjgyZTBjNDc3YWQyMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwxlm445BseKR/Nz/QGvnVl3jLIN
eYVLVhFOxD436j9kZFbABSd+8T2njVkM4jA0xsAVm4ImacL5IMY08BNAD+YEjmez
bqhnBLiXAtWBnGy/6c7aheqzxDA/lhOYwaXQrNrOgnqe8hcDiykD5lOXimhNfDFK
pgJvDK9LtnbA6OihnEc0J3yziZZOdgi7vV/3ghACcL4n5D/iZOAo/IsfMHAe6y/j
C4++VnTtWhFowNmZPbe0QCZfYpqqpKB1MJAYNHn+lzCbIoKDoF3078k0iAcUc4By
v72/v4Il1YErU8sSFPrh9yT621brr8jDvDG5ulzrBtXbK38Rnn09ZQNhEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLM5lbT2rSS55HdFzuKC4MR3rSIhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3ptVnRQYXRKTG5rZDBYTzRvTGd4SGV0SWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MELMA0G
CSqGSIb3DQEBCwUAA4IBAQBn6aU2YHQUnzyT3dpn+PSoLPPi2akqV0wrDEvXgR/a
irrdS7GcuziODwowFKKDqtw+t10Rfdj9WYdoYBzhwtHsD4c+wKg54z0cC4Q3bhv6
2gqEaXbK4t8uBiOaKpD2gOoVJNgtLenFE/ItdtWiaiDIdzfl2MzSYU9Z2rx6Mjup
G2OPxTrAGvtpdN4pm6fLBi50kscU4P6nrV5AxGMAH6uuJD37yO/5PAEQsELZbMqQ
0Sa731WQJyHAaLoIve3gF8t0GSS4Zj6pW14L0RX6hcgLMGQT0yl+m36S1NonQo8q
X3htM7cXGlow0VTP/83h7VZahnLGMyoAejIXjp+yYIZL
-----END CERTIFICATE-----
Generated at Mon Mar 11 18:17:00 2024 by rpki-client on console-ams.rpki-client.org