Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/69Kw452aTZC7fS4DZ81-7X6DRV0.roa
File: 69Kw452aTZC7fS4DZ81-7X6DRV0.roa (raw, json)
Hash identifier: M6pB3NWQzWo/m3trIBvGG3cgGGKKuFSGQZF77u44ats=
Subject key identifier: EB:D2:B0:E3:9D:9A:4D:90:BB:7D:2E:03:67:CD:7E:ED:7E:83:45:5D
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018C1735F652F4A42AD56E7D335F70F09A19
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/69Kw452aTZC7fS4DZ81-7X6DRV0.roa
Signing time: Tue 28 Nov 2023 18:34:21 +0000
ROA not before: Tue 28 Nov 2023 18:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52320
IP address blocks: 212.24.113.0/24 maxlen: 24
185.252.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 15:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:35:f6:52:f4:a4:2a:d5:6e:7d:33:5f:70:f0:9a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Nov 28 18:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebd2b0e39d9a4d90bb7d2e0367cd7eed7e83455d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2e:be:a8:ff:6b:46:16:f8:99:d9:5e:91:89:
44:cf:4e:02:dd:d1:97:1a:62:a2:3b:50:bd:57:50:
be:ea:80:0f:9b:6b:35:99:5c:56:32:79:d6:16:23:
2a:65:ed:58:bb:e9:15:9c:17:99:ec:6b:d1:61:ee:
7e:90:45:6a:27:9d:52:d0:0b:d7:6d:d8:64:af:ef:
d5:e0:9e:1d:af:b0:12:f3:09:ae:ae:2d:40:61:e0:
c0:31:47:87:9c:ba:2a:1b:2d:c1:e7:7d:62:ee:2b:
35:cd:b4:39:2c:66:d2:56:2c:96:6d:10:85:bb:e5:
03:4d:cd:55:f2:e4:c5:b2:39:0a:80:cc:39:02:13:
5b:1e:f5:61:79:e7:9b:27:24:80:de:41:6d:d3:d1:
0f:01:c1:c6:7a:82:c2:1a:dc:8d:49:e8:37:0d:60:
9f:43:54:fb:a4:38:76:7e:a4:55:c0:9a:2d:91:d2:
b5:bc:35:76:56:ad:d5:e5:e0:6b:f5:3d:ec:19:32:
1f:a8:3c:02:1f:f3:9e:cc:87:89:e3:db:a7:79:0b:
84:7f:50:30:f8:11:c8:12:8d:b8:17:91:6b:73:64:
b9:74:8a:02:6e:03:f8:38:9c:17:c9:7c:10:24:05:
83:dd:c2:00:8c:fe:32:14:74:35:3b:98:a0:29:91:
2e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D2:B0:E3:9D:9A:4D:90:BB:7D:2E:03:67:CD:7E:ED:7E:83:45:5D
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/69Kw452aTZC7fS4DZ81-7X6DRV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.211.0/24
212.24.113.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b8:7e:f3:3e:07:a9:d3:89:73:21:a6:22:41:33:32:33:5e:
b7:de:73:23:ed:39:35:e9:82:6f:53:d5:51:09:f1:2b:6d:fd:
61:77:fb:3f:6c:43:1e:4e:cd:e9:25:4c:12:25:2a:22:d0:e3:
a3:f3:9a:c7:22:90:c7:27:e4:97:11:a2:18:0b:e1:d8:7e:2b:
26:d0:d7:b5:ce:15:9d:fe:cd:9b:2c:05:68:95:28:95:eb:bb:
6b:bb:75:e5:7b:b1:4d:72:88:ac:94:90:03:c4:3a:09:43:2e:
eb:a1:b3:63:0d:38:18:84:91:e9:66:ae:1b:48:6e:df:3a:c4:
f4:23:bf:86:b0:e5:0c:b9:86:fd:56:e4:b5:21:38:0a:ac:c2:
93:57:0b:b6:09:49:2a:f1:75:b0:f1:07:fe:ec:eb:34:7b:0c:
fe:af:1a:f9:60:34:7e:fb:72:82:fd:7b:5d:58:c5:43:7d:00:
b9:10:99:48:81:5e:5a:08:70:ec:51:7c:03:70:09:f0:ab:83:
1c:95:59:a8:53:2a:41:af:c9:8a:ea:43:1b:00:0f:88:e3:41:
3b:3a:42:b9:8d:e0:2a:d6:ac:50:dd:07:8b:a4:8b:c6:d9:e3:
35:10:e6:76:3c:bb:20:0d:85:ba:77:41:a8:04:cd:10:59:e5:
3e:04:a6:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwXNfZS9KQq1W59M19w8JoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjMxMTI4MTgzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmQyYjBlMzlkOWE0ZDkwYmI3ZDJlMDM2N2NkN2VlZDdlODM0NTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC6+qP9rRhb4mdlekYlEz04C3dGX
GmKiO1C9V1C+6oAPm2s1mVxWMnnWFiMqZe1Yu+kVnBeZ7GvRYe5+kEVqJ51S0AvX
bdhkr+/V4J4dr7AS8wmuri1AYeDAMUeHnLoqGy3B531i7is1zbQ5LGbSViyWbRCF
u+UDTc1V8uTFsjkKgMw5AhNbHvVheeebJySA3kFt09EPAcHGeoLCGtyNSeg3DWCf
Q1T7pDh2fqRVwJotkdK1vDV2Vq3V5eBr9T3sGTIfqDwCH/OezIeJ49uneQuEf1Aw
+BHIEo24F5Frc2S5dIoCbgP4OJwXyXwQJAWD3cIAjP4yFHQ1O5igKZEutQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOvSsOOdmk2Qu30uA2fNfu1+g0VdMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvNjlLdzQ1MmFUWkM3ZlM0RFo4MS03WDZEUlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufzTAwQA
1BhxMA0GCSqGSIb3DQEBCwUAA4IBAQAmuH7zPgep04lzIaYiQTMyM1633nMj7Tk1
6YJvU9VRCfErbf1hd/s/bEMeTs3pJUwSJSoi0OOj85rHIpDHJ+SXEaIYC+HYfism
0Ne1zhWd/s2bLAVolSiV67tru3Xle7FNcoislJADxDoJQy7robNjDTgYhJHpZq4b
SG7fOsT0I7+GsOUMuYb9VuS1ITgKrMKTVwu2CUkq8XWw8Qf+7Os0ewz+rxr5YDR+
+3KC/XtdWMVDfQC5EJlIgV5aCHDsUXwDcAnwq4MclVmoUypBr8mK6kMbAA+I40E7
OkK5jeAq1qxQ3QeLpIvG2eM1EOZ2PLsgDYW6d0GoBM0QWeU+BKbC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:24 2024 by rpki-client on console-ams.rpki-client.org