Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/v3iWXToiVrSJZFHx1j6Rydbbulo.roa
File: v3iWXToiVrSJZFHx1j6Rydbbulo.roa (raw, json)
Hash identifier: 3c83gXpjevUJsWtMImrxwh2qN8wk3wjK644dAA+oibg=
Subject key identifier: BF:78:96:5D:3A:22:56:B4:89:64:51:F1:D6:3E:91:C9:D6:DB:BA:5A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD086F3D2D9E01A254FAAD57236B3F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/v3iWXToiVrSJZFHx1j6Rydbbulo.roa
Signing time: Tue 02 Jan 2024 06:29:38 +0000
ROA not before: Tue 02 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 212.87.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Feb 2024 00:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:08:6f:3d:2d:9e:01:a2:54:fa:ad:57:23:6b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf78965d3a2256b4896451f1d63e91c9d6dbba5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:71:1b:d4:16:6e:6a:17:dd:d3:e5:5b:d5:04:
4f:df:a7:52:46:ef:df:9c:f2:c3:ff:77:da:36:2e:
1f:27:f8:7c:9d:8e:56:cd:fd:fd:90:63:fc:43:56:
71:a2:46:b0:88:21:01:b2:79:d2:89:3e:5d:6e:35:
3e:99:4b:04:fb:a5:f3:65:3d:9d:73:b9:7e:08:9c:
11:af:4f:f4:cc:70:41:25:41:d2:07:c3:cf:8b:dc:
9c:6a:c3:c1:57:7a:a6:8c:c1:87:16:83:86:3b:18:
f0:90:f6:08:c0:ec:70:d5:f2:00:6e:36:8b:dd:1e:
c7:50:9a:e4:07:44:f9:db:72:62:88:70:fb:6c:61:
4d:ed:40:2d:47:e7:88:fb:12:b2:34:b0:74:82:3a:
ff:db:f0:24:06:48:5b:aa:76:5d:ce:fa:64:b6:27:
42:57:62:11:45:c8:04:47:a2:fe:94:29:9c:57:4d:
6b:89:aa:ec:ca:10:a7:07:50:89:bd:b6:6a:68:19:
c7:c1:93:2f:e8:3e:d5:5a:56:5b:f6:a1:b0:d5:92:
42:cc:f3:6c:43:71:bb:9c:a9:ef:0c:24:37:98:44:
0f:c3:11:dc:ec:07:97:ca:31:de:30:e5:31:ee:13:
0e:6e:f3:a9:7a:04:39:35:d4:aa:42:77:34:f2:04:
4f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:78:96:5D:3A:22:56:B4:89:64:51:F1:D6:3E:91:C9:D6:DB:BA:5A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/v3iWXToiVrSJZFHx1j6Rydbbulo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.204.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:98:83:72:6e:6a:64:ad:5b:e8:2f:55:99:fe:08:09:d4:f8:
75:3e:e4:07:c0:4d:3c:33:96:63:d0:ce:cd:8a:88:f4:86:7d:
8d:8a:34:c6:53:31:e6:d9:47:31:a7:b0:71:db:cd:a2:b9:90:
9b:eb:12:3a:6b:0d:b6:6d:db:66:3e:be:2f:d0:1e:d2:7c:f9:
48:27:e4:b6:04:72:28:c0:b0:eb:c9:4a:96:d0:7b:a7:02:3c:
07:bd:eb:f2:36:8d:2c:3a:f6:45:50:6e:c2:1d:80:b8:1c:59:
42:50:ca:77:b9:69:0a:a6:b7:14:dc:79:52:7c:37:4c:a4:5b:
ec:fe:3f:3d:99:6d:82:b9:f1:3a:28:1f:32:90:43:f8:3f:c6:
2b:10:34:e0:88:3d:6a:ab:5a:9e:3e:23:e7:fd:a8:a8:da:68:
1c:0f:61:f5:4c:86:4b:d1:7e:0e:e6:19:70:f4:1a:1c:57:6d:
9d:78:41:cc:53:02:0d:e2:93:1f:63:03:4f:f9:31:a2:73:1e:
2f:c0:51:66:57:0f:1e:53:14:46:aa:3a:1d:e3:ed:d2:1f:4a:
d6:65:0a:c3:9b:2b:8b:7b:d1:05:dd:6d:94:d7:4d:bd:5c:1a:
c6:9d:e8:03:8f:00:fc:c5:30:e6:39:ea:4f:46:3f:16:a0:01:
41:2e:f0:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QhvPS2eAaJU+q1XI2s/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjc4OTY1ZDNhMjI1NmI0ODk2NDUxZjFkNjNlOTFjOWQ2ZGJiYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnEb1BZuahfd0+Vb1QRP36dSRu/f
nPLD/3faNi4fJ/h8nY5Wzf39kGP8Q1ZxokawiCEBsnnSiT5dbjU+mUsE+6XzZT2d
c7l+CJwRr0/0zHBBJUHSB8PPi9ycasPBV3qmjMGHFoOGOxjwkPYIwOxw1fIAbjaL
3R7HUJrkB0T523JiiHD7bGFN7UAtR+eI+xKyNLB0gjr/2/AkBkhbqnZdzvpktidC
V2IRRcgER6L+lCmcV01riarsyhCnB1CJvbZqaBnHwZMv6D7VWlZb9qGw1ZJCzPNs
Q3G7nKnvDCQ3mEQPwxHc7AeXyjHeMOUx7hMObvOpegQ5NdSqQnc08gRP8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL94ll06Ila0iWRR8dY+kcnW27paMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdjNpV1hUb2lWclNKWkZIeDFqNlJ5ZGJidWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FfMMA0G
CSqGSIb3DQEBCwUAA4IBAQAsmINybmpkrVvoL1WZ/ggJ1Ph1PuQHwE08M5Zj0M7N
ioj0hn2NijTGUzHm2Ucxp7Bx282iuZCb6xI6aw22bdtmPr4v0B7SfPlIJ+S2BHIo
wLDryUqW0HunAjwHvevyNo0sOvZFUG7CHYC4HFlCUMp3uWkKprcU3HlSfDdMpFvs
/j89mW2CufE6KB8ykEP4P8YrEDTgiD1qq1qePiPn/aio2mgcD2H1TIZL0X4O5hlw
9BocV22deEHMUwIN4pMfYwNP+TGicx4vwFFmVw8eUxRGqjod4+3SH0rWZQrDmyuL
e9EF3W2U1029XBrGnegDjwD8xTDmOepPRj8WoAFBLvDP
-----END CERTIFICATE-----
Generated at Sun Feb 25 01:10:30 2024 by rpki-client on console-ams.rpki-client.org