Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/9cd1d7-34e7-47c1-8484-c191410dc889/1/RiKfj2zM8-DsHyzytGmGQxf2W18.roa
File: RiKfj2zM8-DsHyzytGmGQxf2W18.roa (raw, json)
Hash identifier: dmaYFqENgwRaR++HS7564sSkepjnn+QgIkz2jXOpOw0=
Subject key identifier: 46:22:9F:8F:6C:CC:F3:E0:EC:1F:2C:F2:B4:69:86:43:17:F6:5B:5F
Certificate issuer: /CN=74d9c073b4f70697e2175c1a955f6ca8c3a6246b
Certificate serial: 01856FA6F6376E7481B2988FE031845B17FF
Authority key identifier: 74:D9:C0:73:B4:F7:06:97:E2:17:5C:1A:95:5F:6C:A8:C3:A6:24:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNnAc7T3BpfiF1walV9sqMOmJGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/9cd1d7-34e7-47c1-8484-c191410dc889/1/RiKfj2zM8-DsHyzytGmGQxf2W18.roa
Signing time: Sun 01 Jan 2023 23:24:50 +0000
ROA not before: Sun 01 Jan 2023 23:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212190
IP address blocks: 213.232.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f6:37:6e:74:81:b2:98:8f:e0:31:84:5b:17:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d9c073b4f70697e2175c1a955f6ca8c3a6246b
Validity
Not Before: Jan 1 23:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46229f8f6cccf3e0ec1f2cf2b469864317f65b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f3:6a:7c:94:fa:03:1b:ed:9d:2f:9b:7e:0b:
09:80:cd:8e:5c:d8:f8:68:27:07:f3:28:12:53:f2:
e0:25:42:38:76:77:2f:74:ee:9c:3c:42:fe:41:d5:
77:41:dc:21:cd:b5:08:52:d2:39:18:44:0c:8d:39:
00:2b:bb:8e:bf:a0:1d:38:5d:63:50:ca:2d:a7:e7:
14:f9:7f:3e:a6:cd:0c:1e:60:59:f1:6f:8d:d3:0d:
32:a0:dd:3b:d3:c2:d1:b5:7c:8d:41:3b:a8:e9:3d:
7f:ee:83:19:8e:43:56:99:ec:76:86:53:8c:4e:67:
4d:c1:5d:f4:74:c9:db:b1:48:6f:37:3d:25:3f:af:
ff:bb:46:84:13:c3:a9:b1:df:e6:2b:47:3a:06:94:
61:5f:cd:4c:f3:fe:fb:20:cf:2b:b9:c1:da:73:10:
f8:a2:0e:f4:f0:dc:9e:da:97:16:18:0f:f0:f2:22:
f7:3d:86:dc:9b:97:43:85:7b:1a:14:8e:9c:b1:2e:
49:5f:48:33:34:a9:11:34:98:10:25:01:29:ad:c7:
77:44:a4:b7:cf:48:20:1f:c5:21:56:ce:53:43:c3:
ed:c1:ea:bd:d5:53:3d:b0:c9:37:53:dd:88:26:e9:
83:27:87:07:80:2e:ad:43:85:10:75:d5:aa:36:fa:
51:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:22:9F:8F:6C:CC:F3:E0:EC:1F:2C:F2:B4:69:86:43:17:F6:5B:5F
X509v3 Authority Key Identifier:
keyid:74:D9:C0:73:B4:F7:06:97:E2:17:5C:1A:95:5F:6C:A8:C3:A6:24:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNnAc7T3BpfiF1walV9sqMOmJGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9cd1d7-34e7-47c1-8484-c191410dc889/1/RiKfj2zM8-DsHyzytGmGQxf2W18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9cd1d7-34e7-47c1-8484-c191410dc889/1/dNnAc7T3BpfiF1walV9sqMOmJGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.217.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:02:d2:3f:1f:5b:bf:ca:08:1f:e0:1b:01:1a:ae:1d:af:18:
6b:a1:50:99:93:55:db:c1:b7:29:a4:95:89:34:45:56:51:73:
1a:42:68:03:1e:11:e0:d4:ae:41:c6:11:40:29:ac:e0:b7:8c:
8b:bf:c6:75:9e:43:6d:ac:96:57:65:d7:94:45:b1:9e:2e:33:
63:0b:d8:86:18:fa:f8:48:f8:bc:bd:c3:6c:1f:8b:46:7c:25:
98:a9:8f:67:9a:d9:a5:20:64:d5:9b:3d:19:56:58:1e:ab:d3:
da:47:c1:1d:5d:c0:ab:11:0c:5e:0b:25:50:b3:62:c9:6b:92:
d8:91:d1:3c:8e:58:44:8c:e9:bc:f3:4f:de:2e:42:59:0a:27:
6b:dc:c3:73:b3:12:0f:50:22:84:4f:ee:d5:da:ca:8b:63:b9:
79:f7:b8:73:4d:fc:4b:f8:f8:3f:73:27:16:da:ff:ee:4f:77:
8a:bd:dd:21:d1:69:23:08:4f:d0:b9:78:27:a9:cc:af:d9:1d:
a8:ff:a0:a3:6d:a3:a5:a3:83:6f:d1:22:03:97:c1:a5:71:78:
9d:e4:c6:c3:4e:f6:68:ab:49:7f:36:8c:97:00:fe:d8:88:98:
57:17:54:d6:b2:39:05:97:63:70:58:dc:e4:11:1d:72:c7:7b:
77:90:89:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpvY3bnSBspiP4DGEWxf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDljMDczYjRmNzA2OTdlMjE3NWMxYTk1NWY2Y2E4YzNh
NjI0NmIwHhcNMjMwMTAxMjMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjIyOWY4ZjZjY2NmM2UwZWMxZjJjZjJiNDY5ODY0MzE3ZjY1YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvNqfJT6AxvtnS+bfgsJgM2OXNj4
aCcH8ygSU/LgJUI4dncvdO6cPEL+QdV3QdwhzbUIUtI5GEQMjTkAK7uOv6AdOF1j
UMotp+cU+X8+ps0MHmBZ8W+N0w0yoN0708LRtXyNQTuo6T1/7oMZjkNWmex2hlOM
TmdNwV30dMnbsUhvNz0lP6//u0aEE8Opsd/mK0c6BpRhX81M8/77IM8rucHacxD4
og708Nye2pcWGA/w8iL3PYbcm5dDhXsaFI6csS5JX0gzNKkRNJgQJQEprcd3RKS3
z0ggH8UhVs5TQ8Ptweq91VM9sMk3U92IJumDJ4cHgC6tQ4UQddWqNvpREwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYin49szPPg7B8s8rRphkMX9ltfMB8GA1UdIwQY
MBaAFHTZwHO09waX4hdcGpVfbKjDpiRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5uQWM3VDNCcGZpRjF3YWxWOXNxTU9tSkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi85Y2QxZDctMzRlNy00N2MxLTg0ODQt
YzE5MTQxMGRjODg5LzEvUmlLZmoyek04LURzSHl6eXRHbUdReGYyVzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi85Y2QxZDctMzRlNy00N2MxLTg0ODQtYzE5MTQxMGRjODg5
LzEvZE5uQWM3VDNCcGZpRjF3YWxWOXNxTU9tSkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ejZMA0G
CSqGSIb3DQEBCwUAA4IBAQCPAtI/H1u/yggf4BsBGq4drxhroVCZk1XbwbcppJWJ
NEVWUXMaQmgDHhHg1K5BxhFAKazgt4yLv8Z1nkNtrJZXZdeURbGeLjNjC9iGGPr4
SPi8vcNsH4tGfCWYqY9nmtmlIGTVmz0ZVlgeq9PaR8EdXcCrEQxeCyVQs2LJa5LY
kdE8jlhEjOm880/eLkJZCidr3MNzsxIPUCKET+7V2sqLY7l597hzTfxL+Pg/cycW
2v/uT3eKvd0h0WkjCE/QuXgnqcyv2R2o/6CjbaOlo4Nv0SIDl8GlcXid5MbDTvZo
q0l/NoyXAP7YiJhXF1TWsjkFl2NwWNzkER1yx3t3kIlH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:21 2024 by rpki-client on console-ams.rpki-client.org