Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa
File: xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa (raw, json)
Hash identifier: DtQfz+Sb/mzV+vniSy7sYKgiMHFC+5G5ypWBxPDzc7I=
Subject key identifier: C6:9A:BD:09:D9:30:BA:8C:4E:DC:CC:CC:91:FC:95:AC:5F:8C:0E:ED
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CB1D46E78833C1CE0D0C32CFF7B0EBE73
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa
Signing time: Thu 28 Dec 2023 19:08:58 +0000
ROA not before: Thu 28 Dec 2023 19:08:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 212.192.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:d4:6e:78:83:3c:1c:e0:d0:c3:2c:ff:7b:0e:be:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 28 19:08:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c69abd09d930ba8c4edccccc91fc95ac5f8c0eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c7:ff:ea:3b:7f:be:dc:28:77:0c:25:ec:b4:
4a:05:81:2d:d1:14:48:ea:bf:b8:7a:08:bd:95:c2:
aa:4f:d9:dc:47:4f:3c:ae:8b:86:00:bc:80:6a:6d:
c0:91:d6:f0:c2:e8:83:14:a6:39:dc:44:50:ce:16:
61:30:0d:58:ec:52:5d:56:47:57:30:42:75:bb:fb:
64:77:2f:66:25:98:b6:54:9d:eb:63:2f:9a:24:b0:
06:32:76:df:2b:fe:1a:ea:21:51:c4:be:9e:09:24:
db:ff:84:9d:2b:b3:d5:24:ad:76:c8:e4:6d:b7:9a:
fb:e5:1e:7a:e4:59:d6:e7:77:af:07:5d:44:cc:18:
15:c2:05:b5:8e:0c:f5:78:f7:63:1b:63:2e:ac:e4:
64:73:9e:86:76:21:ff:f6:9a:c1:46:c3:64:25:0c:
44:f4:2f:18:2f:87:cd:b7:8d:b2:8b:01:39:2f:8c:
f2:35:46:e8:f8:6e:9a:86:89:e0:0b:02:3b:7e:07:
88:67:93:64:48:bb:ed:7e:54:3e:4c:fe:a2:4f:82:
3f:a1:01:38:7f:2c:11:39:a0:32:62:f6:80:03:d0:
c2:c1:f6:65:7a:96:23:a3:51:f8:d6:74:8a:49:b4:
7a:0b:05:1e:b4:a6:de:00:69:9b:33:44:a2:57:60:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9A:BD:09:D9:30:BA:8C:4E:DC:CC:CC:91:FC:95:AC:5F:8C:0E:ED
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xpq9CdkwuoxO3MzMkfyVrF-MDu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.213.0/24
Signature Algorithm: sha256WithRSAEncryption
21:47:2d:5c:4d:83:b3:f1:17:99:69:05:1e:50:5a:8d:f1:b8:
bd:3f:85:99:cb:55:f5:10:68:78:a2:62:0e:f3:1b:2a:6a:28:
6a:ff:20:e1:c3:5a:0f:cd:9f:ee:5c:17:61:41:eb:39:00:79:
49:f2:ba:23:97:54:c2:04:99:c3:c2:17:50:48:a3:bb:d3:35:
70:83:1d:c8:ec:9b:55:ce:70:ef:a4:22:6e:5b:40:f8:91:73:
ff:1e:4c:a3:7a:0a:2c:f3:a6:a0:7f:8d:f0:49:d0:ff:61:cc:
83:05:19:f4:34:6b:e6:f0:07:4a:2a:14:46:fc:c9:8f:8c:d1:
4a:03:15:fe:54:02:f2:59:0c:cc:b5:50:19:24:04:4f:9f:8b:
ab:a1:26:5f:03:57:76:ec:cd:06:79:26:38:12:90:c9:37:e1:
76:28:77:a5:86:5f:d7:3a:32:fa:d2:3e:93:1e:68:24:e9:c2:
b7:02:5d:7d:2c:58:77:9c:1c:a6:90:72:4c:6a:c7:a1:7c:4c:
20:5b:64:9d:ed:da:6f:3c:82:9e:e6:aa:98:58:30:31:a5:7d:
f0:0a:5a:5e:59:ec:8a:1b:84:15:54:a7:2b:04:f6:76:5b:37:
59:37:b2:8a:3e:35:aa:69:47:ad:5e:b9:1d:59:6d:b3:93:65:
b5:c8:d3:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyx1G54gzwc4NDDLP97Dr5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjI4MTkwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlhYmQwOWQ5MzBiYThjNGVkY2NjY2M5MWZjOTVhYzVmOGMwZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsf/6jt/vtwodwwl7LRKBYEt0RRI
6r+4egi9lcKqT9ncR088rouGALyAam3AkdbwwuiDFKY53ERQzhZhMA1Y7FJdVkdX
MEJ1u/tkdy9mJZi2VJ3rYy+aJLAGMnbfK/4a6iFRxL6eCSTb/4SdK7PVJK12yORt
t5r75R565FnW53evB11EzBgVwgW1jgz1ePdjG2MurORkc56GdiH/9prBRsNkJQxE
9C8YL4fNt42yiwE5L4zyNUbo+G6ahongCwI7fgeIZ5NkSLvtflQ+TP6iT4I/oQE4
fywROaAyYvaAA9DCwfZlepYjo1H41nSKSbR6CwUetKbeAGmbM0SiV2CCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaavQnZMLqMTtzMzJH8laxfjA7tMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveHBxOUNka3d1b3hPM016TWtmeVZyRi1NRHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDVMA0G
CSqGSIb3DQEBCwUAA4IBAQAhRy1cTYOz8ReZaQUeUFqN8bi9P4WZy1X1EGh4omIO
8xsqaihq/yDhw1oPzZ/uXBdhQes5AHlJ8rojl1TCBJnDwhdQSKO70zVwgx3I7JtV
znDvpCJuW0D4kXP/Hkyjegos86agf43wSdD/YcyDBRn0NGvm8AdKKhRG/MmPjNFK
AxX+VALyWQzMtVAZJARPn4uroSZfA1d27M0GeSY4EpDJN+F2KHelhl/XOjL60j6T
Hmgk6cK3Al19LFh3nBymkHJMasehfEwgW2Sd7dpvPIKe5qqYWDAxpX3wClpeWeyK
G4QVVKcrBPZ2WzdZN7KKPjWqaUetXrkdWW2zk2W1yNNT
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:19 2024 by rpki-client on console-ams.rpki-client.org