Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDrq6PBQhco7SADQHqWQqXDfCSQ.roa
File: vDrq6PBQhco7SADQHqWQqXDfCSQ.roa (raw, json)
Hash identifier: EE2H8NWLk670UmLNUocpVvPhAPMTMTGKGniOjQNx3IM=
Subject key identifier: BC:3A:EA:E8:F0:50:85:CA:3B:48:00:D0:1E:A5:90:A9:70:DF:09:24
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A844B6E232AA0F74F18823870D74AF064
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDrq6PBQhco7SADQHqWQqXDfCSQ.roa
Signing time: Mon 11 Sep 2023 12:50:50 +0000
ROA not before: Mon 11 Sep 2023 12:50:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 212.192.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:4b:6e:23:2a:a0:f7:4f:18:82:38:70:d7:4a:f0:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 11 12:50:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc3aeae8f05085ca3b4800d01ea590a970df0924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:1a:c3:ff:d7:32:30:94:b7:8f:d3:47:b9:
6b:4e:c4:68:b2:78:c6:13:b0:98:02:43:27:2d:ff:
f2:c9:ca:5c:70:21:bf:41:a6:38:65:ec:b8:33:c5:
f0:fa:c5:22:53:c4:18:cf:3c:d3:49:e5:1f:4d:c4:
c4:23:98:0e:04:1f:27:ee:47:0a:46:14:59:e8:e5:
d3:e8:09:66:8d:3b:8e:30:ec:e4:cf:83:4f:ca:17:
95:e8:66:79:80:05:30:ad:02:96:3c:ad:14:b2:48:
1b:3b:63:95:e4:cb:e7:45:63:ef:e5:c6:81:80:c2:
32:ee:8c:56:15:eb:bb:27:06:88:0b:e8:95:32:c2:
a9:0e:9e:29:4c:ec:84:d9:fd:9a:b4:ec:bd:cd:91:
1d:bc:05:f6:05:f3:58:ff:64:94:d6:1a:c4:e0:58:
d0:f3:06:80:18:1f:b3:19:fb:a4:7b:10:4f:2c:5c:
b3:02:33:0e:75:51:17:95:6f:57:77:f5:5c:e9:a2:
50:a0:05:cd:5d:cc:eb:58:38:99:b3:fa:d6:86:03:
b7:fe:6a:3f:72:0f:16:81:0b:f9:03:89:17:39:bb:
97:38:8c:fc:c5:e7:3e:11:18:08:91:80:cd:d7:ad:
71:b8:e0:5d:b4:e5:65:b0:fd:e3:70:45:3b:40:6a:
1d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3A:EA:E8:F0:50:85:CA:3B:48:00:D0:1E:A5:90:A9:70:DF:09:24
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vDrq6PBQhco7SADQHqWQqXDfCSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.213.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:53:b0:d7:54:c2:04:2b:3d:2c:a2:7b:3d:a7:ce:00:74:24:
e4:24:41:a4:4f:c5:66:45:a3:28:53:e0:fc:56:08:aa:21:ba:
71:65:a3:56:4f:fe:4e:df:d3:e4:3c:00:3e:ce:ea:77:72:6d:
13:ae:c3:a6:ef:7c:f4:84:cf:0e:78:65:fe:16:2e:11:16:1e:
6b:71:78:ae:37:83:9e:ca:40:c8:6a:4e:1b:69:11:16:b3:c8:
3c:21:39:97:61:27:d9:ec:8b:3f:09:46:1f:21:b9:bf:77:7f:
4b:82:4b:01:37:d4:5a:ff:a4:9c:37:63:11:6f:37:cd:89:c3:
fd:b1:f9:fc:2b:7b:40:43:3c:e5:3f:ca:ea:f9:86:86:42:c9:
25:d1:3f:40:88:75:51:db:a1:79:c1:50:d9:91:ec:b0:ae:c6:
bd:dd:06:14:26:e9:a1:1c:65:b7:e7:fd:fc:90:f2:f6:04:c6:
d3:ed:98:ef:c4:30:08:a9:ae:84:64:85:8b:a6:5f:f3:e6:11:
0c:40:20:6b:05:78:88:25:22:f9:a9:df:78:cc:0d:42:f6:6b:
9d:45:b8:22:8e:13:8f:19:cf:f7:ee:a4:00:e9:8a:79:ba:22:
88:61:a8:d8:d1:dc:4a:e4:af:42:36:6a:c4:5a:90:8f:22:13:
79:ac:6f:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqES24jKqD3TxiCOHDXSvBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTExMTI1MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNhZWFlOGYwNTA4NWNhM2I0ODAwZDAxZWE1OTBhOTcwZGYwOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO0aw//XMjCUt4/TR7lrTsRosnjG
E7CYAkMnLf/yycpccCG/QaY4Zey4M8Xw+sUiU8QYzzzTSeUfTcTEI5gOBB8n7kcK
RhRZ6OXT6AlmjTuOMOzkz4NPyheV6GZ5gAUwrQKWPK0UskgbO2OV5MvnRWPv5caB
gMIy7oxWFeu7JwaIC+iVMsKpDp4pTOyE2f2atOy9zZEdvAX2BfNY/2SU1hrE4FjQ
8waAGB+zGfukexBPLFyzAjMOdVEXlW9Xd/Vc6aJQoAXNXczrWDiZs/rWhgO3/mo/
cg8WgQv5A4kXObuXOIz8xec+ERgIkYDN161xuOBdtOVlsP3jcEU7QGodtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLw66ujwUIXKO0gA0B6lkKlw3wkkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdkRycTZQQlFoY283U0FEUUhxV1FxWERmQ1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDVMA0G
CSqGSIb3DQEBCwUAA4IBAQCOU7DXVMIEKz0sons9p84AdCTkJEGkT8VmRaMoU+D8
VgiqIbpxZaNWT/5O39PkPAA+zup3cm0TrsOm73z0hM8OeGX+Fi4RFh5rcXiuN4Oe
ykDIak4baREWs8g8ITmXYSfZ7Is/CUYfIbm/d39LgksBN9Ra/6ScN2MRbzfNicP9
sfn8K3tAQzzlP8rq+YaGQskl0T9AiHVR26F5wVDZkeywrsa93QYUJumhHGW35/38
kPL2BMbT7ZjvxDAIqa6EZIWLpl/z5hEMQCBrBXiIJSL5qd94zA1C9mudRbgijhOP
Gc/37qQA6Yp5uiKIYajY0dxK5K9CNmrEWpCPIhN5rG9q
-----END CERTIFICATE-----
Generated at Tue Sep 12 10:09:33 2023 by rpki-client on console-ams.rpki-client.org