Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/0FmXYD0r3YzL_MPThw85gfAqndM.roa
File: 0FmXYD0r3YzL_MPThw85gfAqndM.roa (raw, json)
Hash identifier: YFjiQD6xlBygAkwoQRUa0NZSfncO6TtqOR/xqyD1MBc=
Subject key identifier: D0:59:97:60:3D:2B:DD:8C:CB:FC:C3:D3:87:0F:39:81:F0:2A:9D:D3
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018B1853EFE0EE40F9F640B69F6D594A993B
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/0FmXYD0r3YzL_MPThw85gfAqndM.roa
Signing time: Tue 10 Oct 2023 06:43:55 +0000
ROA not before: Tue 10 Oct 2023 06:43:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31645
IP address blocks: 212.12.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:53:ef:e0:ee:40:f9:f6:40:b6:9f:6d:59:4a:99:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Oct 10 06:43:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d05997603d2bdd8ccbfcc3d3870f3981f02a9dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:57:c7:56:a9:1f:be:ef:aa:91:ca:4a:75:
3c:95:7b:aa:44:42:68:6c:ff:d1:8e:a5:86:ae:d5:
29:89:62:f0:b6:65:82:37:06:b0:3c:f8:b1:7c:10:
2a:6a:41:c7:00:58:be:0a:91:10:44:6c:dc:51:67:
b0:96:fd:a5:0e:07:3c:be:1c:1b:41:37:2c:b5:85:
92:cf:99:53:99:3c:14:63:24:19:66:db:db:85:23:
05:73:bf:f7:be:30:6a:fd:f4:fd:f0:77:9e:a8:c6:
a0:37:84:6d:2e:de:01:fc:87:83:80:04:11:20:25:
14:c8:f5:e6:19:b7:da:4b:75:9a:01:b1:67:a3:27:
e9:82:df:d9:c5:b2:a6:46:81:db:e0:9d:fd:29:8c:
47:c3:e2:26:54:f8:fc:c7:ff:fd:02:f3:b3:66:b8:
30:8b:47:0b:75:2f:a2:1b:9b:4a:d3:23:99:f4:ac:
7f:5c:47:7f:ac:84:c4:e9:e0:8e:9e:65:e7:d2:92:
52:09:0b:6b:75:91:69:1d:f4:60:4e:c0:5f:ad:7d:
53:71:66:ec:6d:bb:32:65:54:0f:9e:b4:e9:8c:be:
2c:c1:49:ee:4b:0d:55:2d:a8:fb:c7:13:17:6d:87:
21:90:7a:5c:58:48:72:d2:bc:e6:55:71:b9:9d:1f:
ad:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:59:97:60:3D:2B:DD:8C:CB:FC:C3:D3:87:0F:39:81:F0:2A:9D:D3
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/0FmXYD0r3YzL_MPThw85gfAqndM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.12.154.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:33:74:96:37:51:1c:ac:63:52:b9:d2:23:5f:7b:68:d1:7b:
4c:6b:f6:b7:0b:ed:88:9a:40:64:37:52:d5:7f:f1:ef:47:d2:
b8:a3:5a:4b:c4:32:67:1a:d7:8f:05:25:92:41:4d:5a:51:74:
35:4a:39:0a:42:59:bd:2b:c0:92:4e:23:31:ee:d7:4b:cd:c0:
91:50:0c:73:8e:d4:1d:1a:2e:91:31:3c:8e:2b:f0:94:6e:7a:
cf:2e:65:57:72:24:26:3e:b8:29:b6:be:10:72:31:55:94:f6:
e4:e1:bc:7c:94:4a:03:cb:90:53:e8:81:b2:6a:2a:1a:75:14:
b7:7f:9a:25:52:37:f1:82:68:e6:5e:d1:fe:65:d4:28:2b:43:
60:c7:60:94:ec:a1:ff:4c:53:30:fc:bc:a0:3a:5f:fe:dc:f1:
8c:3b:9f:95:0d:38:e4:05:4b:79:f9:de:2a:6b:1b:71:30:11:
6f:e8:b7:72:7a:ac:bb:01:eb:99:d7:e0:82:3b:41:ef:22:f0:
eb:e4:c6:cd:c3:5a:08:84:90:9b:fa:91:7f:a1:e7:36:7f:1f:
99:3b:b9:ef:e9:92:7a:a7:3f:5e:49:fd:bb:a3:3d:8a:b9:ed:
d4:55:76:c1:fe:79:5f:ff:68:3e:b2:41:1d:07:2b:34:c4:a2:
79:bf:ba:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsYU+/g7kD59kC2n21ZSpk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMxMDEwMDY0MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU5OTc2MDNkMmJkZDhjY2JmY2MzZDM4NzBmMzk4MWYwMmE5ZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TJXx1apH77vqpHKSnU8lXuqREJo
bP/RjqWGrtUpiWLwtmWCNwawPPixfBAqakHHAFi+CpEQRGzcUWewlv2lDgc8vhwb
QTcstYWSz5lTmTwUYyQZZtvbhSMFc7/3vjBq/fT98HeeqMagN4RtLt4B/IeDgAQR
ICUUyPXmGbfaS3WaAbFnoyfpgt/ZxbKmRoHb4J39KYxHw+ImVPj8x//9AvOzZrgw
i0cLdS+iG5tK0yOZ9Kx/XEd/rITE6eCOnmXn0pJSCQtrdZFpHfRgTsBfrX1TcWbs
bbsyZVQPnrTpjL4swUnuSw1VLaj7xxMXbYchkHpcWEhy0rzmVXG5nR+tqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBZl2A9K92My/zD04cPOYHwKp3TMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvMEZtWFlEMHIzWXpMX01QVGh3ODVnZkFxbmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AyaMA0G
CSqGSIb3DQEBCwUAA4IBAQC3M3SWN1EcrGNSudIjX3to0XtMa/a3C+2ImkBkN1LV
f/HvR9K4o1pLxDJnGtePBSWSQU1aUXQ1SjkKQlm9K8CSTiMx7tdLzcCRUAxzjtQd
Gi6RMTyOK/CUbnrPLmVXciQmPrgptr4QcjFVlPbk4bx8lEoDy5BT6IGyaioadRS3
f5olUjfxgmjmXtH+ZdQoK0Ngx2CU7KH/TFMw/LygOl/+3PGMO5+VDTjkBUt5+d4q
axtxMBFv6Ldyeqy7AeuZ1+CCO0HvIvDr5MbNw1oIhJCb+pF/oec2fx+ZO7nv6ZJ6
pz9eSf27oz2Kue3UVXbB/nlf/2g+skEdBys0xKJ5v7q0
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:59 2024 by rpki-client on console-fra.rpki-client.org