Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/tApicm7_Hk6t-Y600K_V5XZwLSs.roa
File: tApicm7_Hk6t-Y600K_V5XZwLSs.roa (raw, json)
Hash identifier: a6EkzIHzUnTCKboOl1A0HaiPDJZA3At+8UzaqRTbv1U=
Subject key identifier: B4:0A:62:72:6E:FF:1E:4E:AD:F9:8E:B4:D0:AF:D5:E5:76:70:2D:2B
Certificate issuer: /CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Certificate serial: 0190A89AC854C8F8A209208B5C22FE56CB3A
Authority key identifier: CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/tApicm7_Hk6t-Y600K_V5XZwLSs.roa
Signing time: Fri 12 Jul 2024 20:20:34 +0000
ROA not before: Fri 12 Jul 2024 20:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 212.56.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 21:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a8:9a:c8:54:c8:f8:a2:09:20:8b:5c:22:fe:56:cb:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Validity
Not Before: Jul 12 20:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b40a62726eff1e4eadf98eb4d0afd5e576702d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:86:73:bd:0b:81:03:b5:91:77:8c:1b:00:
a6:2a:8b:16:ce:e6:33:2d:98:2c:1b:ac:cd:d5:26:
73:0c:e0:b7:a4:8b:e6:70:f5:13:09:c7:09:dd:41:
4b:e0:08:d0:a2:a7:ba:21:33:b1:c9:0a:a4:5c:c9:
9e:d7:f6:7b:83:0c:3e:21:2a:44:05:e9:06:36:3b:
dd:6e:3d:6d:aa:f4:b1:2d:d3:0b:42:69:49:a7:3a:
08:fd:75:ee:f0:bc:3c:26:f8:f4:d5:c5:6f:c7:d4:
4c:59:45:b0:1f:ff:92:0d:88:e5:27:39:4e:9a:71:
90:92:72:9f:3d:ab:88:05:04:0d:b6:16:35:72:90:
d9:17:f0:7c:24:d5:ad:ec:a3:97:50:b0:7b:68:dc:
c0:ad:56:6e:c2:66:cb:c3:ea:dd:12:21:b9:a1:f4:
37:50:77:41:6b:46:63:a0:b2:f4:3a:9f:4b:b9:e9:
fd:22:69:a1:f1:28:f8:da:46:71:54:e3:02:1f:ce:
bd:88:58:4c:78:31:a2:09:e3:f4:5e:d1:04:63:8b:
9d:4d:f8:23:b8:87:7d:48:fe:1a:26:a5:1d:04:07:
52:f6:ea:f0:30:d3:c3:b5:c8:1a:e9:6f:78:16:12:
71:78:67:9d:67:39:d8:9c:00:c3:3d:2c:26:a2:d2:
ee:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0A:62:72:6E:FF:1E:4E:AD:F9:8E:B4:D0:AF:D5:E5:76:70:2D:2B
X509v3 Authority Key Identifier:
keyid:CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/tApicm7_Hk6t-Y600K_V5XZwLSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.56.56.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8b:18:1b:53:e6:43:90:ef:fd:91:72:d8:3c:8d:3e:fa:b0:
62:6a:81:bb:4f:0b:b8:07:7d:d6:e7:21:51:68:8a:e1:bb:be:
a8:4c:08:9a:5e:bd:0b:b6:e8:22:63:3b:fe:ef:36:23:12:62:
de:c8:98:21:2c:cb:f4:00:fa:34:58:b6:32:9a:57:e8:85:ea:
f0:66:b8:2f:8b:b5:46:1e:01:7d:4f:a6:68:14:3e:16:0d:b7:
11:81:29:64:8e:6e:3e:e8:ac:6d:2c:b2:67:91:94:32:e2:8f:
9d:a6:8e:7f:0a:23:a1:24:75:c8:96:6d:da:80:aa:74:5b:37:
c4:5a:9e:06:19:d4:10:26:af:d7:67:d0:44:14:86:42:47:0e:
27:2c:d0:71:7d:4d:7e:4f:8e:bb:37:51:a0:89:73:23:6a:20:
60:82:b1:1a:a2:86:ea:d2:d2:08:81:d2:8d:3a:c9:80:bc:ac:
56:19:b1:bb:4e:ad:db:90:5d:95:94:e0:6f:46:cf:7b:f7:b5:
f4:87:6b:46:c4:33:69:8d:4a:56:65:81:a3:c2:a4:fa:24:11:
23:90:8d:0e:7d:11:6e:b5:f8:02:24:15:38:4c:79:88:6c:aa:
4b:a8:18:de:ff:94:c7:a3:41:9c:0c:91:aa:c6:aa:46:ac:32:
e1:ac:1f:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZComshUyPiiCSCLXCL+Vss6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWY3MzM0NTc5NGNlNDgxN2VhOTllOGQ4Y2ZjZWE3MWJk
NzgzNjcwHhcNMjQwNzEyMjAyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDBhNjI3MjZlZmYxZTRlYWRmOThlYjRkMGFmZDVlNTc2NzAyZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ6Gc70LgQO1kXeMGwCmKosWzuYz
LZgsG6zN1SZzDOC3pIvmcPUTCccJ3UFL4AjQoqe6ITOxyQqkXMme1/Z7gww+ISpE
BekGNjvdbj1tqvSxLdMLQmlJpzoI/XXu8Lw8Jvj01cVvx9RMWUWwH/+SDYjlJzlO
mnGQknKfPauIBQQNthY1cpDZF/B8JNWt7KOXULB7aNzArVZuwmbLw+rdEiG5ofQ3
UHdBa0ZjoLL0Op9Luen9Immh8Sj42kZxVOMCH869iFhMeDGiCeP0XtEEY4udTfgj
uId9SP4aJqUdBAdS9urwMNPDtcga6W94FhJxeGedZznYnADDPSwmotLuvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQKYnJu/x5OrfmOtNCv1eV2cC0rMB8GA1UdIwQY
MBaAFM0fczRXlM5IF+qZ6NjPzqcb14NnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQt
N2YwZDA3YmE0YWYzLzEvdEFwaWNtN19IazZ0LVk2MDBLX1Y1WFp3TFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQtN2YwZDA3YmE0YWYz
LzEvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Dg4MA0G
CSqGSIb3DQEBCwUAA4IBAQBvixgbU+ZDkO/9kXLYPI0++rBiaoG7Twu4B33W5yFR
aIrhu76oTAiaXr0LtugiYzv+7zYjEmLeyJghLMv0APo0WLYymlfoherwZrgvi7VG
HgF9T6ZoFD4WDbcRgSlkjm4+6KxtLLJnkZQy4o+dpo5/CiOhJHXIlm3agKp0WzfE
Wp4GGdQQJq/XZ9BEFIZCRw4nLNBxfU1+T467N1GgiXMjaiBggrEaoobq0tIIgdKN
OsmAvKxWGbG7Tq3bkF2VlOBvRs9797X0h2tGxDNpjUpWZYGjwqT6JBEjkI0OfRFu
tfgCJBU4THmIbKpLqBje/5THo0GcDJGqxqpGrDLhrB/8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:31 2025 by rpki-client