Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/hQApktmW7FgrRyVQAf3xqmC02iU.roa
File: hQApktmW7FgrRyVQAf3xqmC02iU.roa (raw, json)
Hash identifier: txwJGzDIHKCzonsLR8IRTEf0aUvu+0T9P/W2avu29qM=
Subject key identifier: 85:00:29:92:D9:96:EC:58:2B:47:25:50:01:FD:F1:AA:60:B4:DA:25
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 01856F14D2226C85C390F55A3D90749D0EB8
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/hQApktmW7FgrRyVQAf3xqmC02iU.roa
Signing time: Sun 01 Jan 2023 20:45:13 +0000
ROA not before: Sun 01 Jan 2023 20:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 212.30.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d2:22:6c:85:c3:90:f5:5a:3d:90:74:9d:0e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 1 20:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85002992d996ec582b47255001fdf1aa60b4da25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ec:09:3e:26:0a:80:aa:15:97:d9:ea:c5:9c:
ea:7a:4f:13:da:24:51:44:9f:95:fc:87:b2:c6:53:
c9:34:62:74:56:3f:c7:4e:93:eb:c4:85:81:b6:b8:
15:04:68:dc:a1:bc:24:68:18:0d:99:f6:a3:b2:b9:
b2:95:a4:76:8b:10:48:44:25:b8:e5:8e:d2:d4:6b:
97:70:1e:22:af:05:0d:0c:4d:26:1d:ea:08:0b:6f:
86:b1:cd:29:84:2a:1a:ec:26:f0:69:ea:78:12:74:
4a:99:3e:e4:bf:85:88:e5:a9:11:1d:46:0c:33:e9:
ea:da:39:b2:79:7b:cb:97:30:6f:7b:66:b7:f0:a9:
39:5e:ac:85:80:87:18:4c:e3:e4:1a:25:cf:6e:96:
9e:f1:ec:3b:88:bb:36:9a:24:b2:15:cf:97:4f:c9:
0d:c7:16:1d:3a:0a:b1:78:a6:8b:67:2e:96:18:83:
b3:68:ef:18:58:60:2a:b8:f6:1c:12:25:94:61:65:
89:c5:ad:cd:49:b5:5c:11:a4:b3:e2:24:85:05:db:
b0:27:45:5e:8c:92:06:13:61:89:36:de:08:e6:d8:
56:b2:8e:9b:94:6a:f1:3b:2a:dc:05:91:94:26:ed:
14:53:9e:e6:75:d0:d2:0c:1b:e2:f6:d0:36:24:af:
2a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:00:29:92:D9:96:EC:58:2B:47:25:50:01:FD:F1:AA:60:B4:DA:25
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/hQApktmW7FgrRyVQAf3xqmC02iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.33.0/24
Signature Algorithm: sha256WithRSAEncryption
62:2d:96:7c:4e:0f:65:b7:11:30:0d:b8:06:38:0c:5f:ea:0f:
60:c5:81:95:0b:2e:5a:16:43:cc:0d:51:7f:75:2d:27:66:f9:
91:8c:72:df:b5:63:dc:cb:a6:c7:76:43:b9:53:20:bc:e1:d0:
3c:f3:4b:01:b0:f0:03:66:58:1d:3a:0b:5d:f2:e9:dc:12:a7:
9e:f7:aa:ec:81:f3:ed:85:ca:fc:07:7b:75:ae:b2:53:f3:8c:
c3:67:10:49:56:a8:3c:9d:c8:6a:67:17:2b:2c:02:c2:1e:f5:
49:6d:9b:88:a5:0b:64:1b:b3:88:4b:3f:6d:60:b8:f9:95:c4:
73:28:b4:a5:29:40:d3:c0:68:23:47:57:23:0c:71:a1:95:fc:
c7:cf:93:86:36:03:3d:5c:be:3b:51:c6:2f:10:1a:7d:58:b0:
0b:37:f4:83:7e:77:51:8c:fa:56:af:23:fd:c4:12:ea:87:0f:
07:a5:49:ad:6a:ff:a9:c5:81:ef:ae:ad:a3:1b:d6:33:4c:33:
8d:28:ec:e8:2e:77:ec:2d:8a:5e:a8:d5:98:9d:cd:b4:31:79:
0f:06:fc:30:3e:d0:d5:9e:5b:ad:3e:f2:6a:1c:48:c8:4e:de:
61:be:d3:c5:46:85:96:95:9d:85:24:1e:4c:04:3d:0b:46:70:
23:0a:5a:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNIibIXDkPVaPZB0nQ64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTAwMjk5MmQ5OTZlYzU4MmI0NzI1NTAwMWZkZjFhYTYwYjRkYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguwJPiYKgKoVl9nqxZzqek8T2iRR
RJ+V/IeyxlPJNGJ0Vj/HTpPrxIWBtrgVBGjcobwkaBgNmfajsrmylaR2ixBIRCW4
5Y7S1GuXcB4irwUNDE0mHeoIC2+Gsc0phCoa7Cbwaep4EnRKmT7kv4WI5akRHUYM
M+nq2jmyeXvLlzBve2a38Kk5XqyFgIcYTOPkGiXPbpae8ew7iLs2miSyFc+XT8kN
xxYdOgqxeKaLZy6WGIOzaO8YWGAquPYcEiWUYWWJxa3NSbVcEaSz4iSFBduwJ0Ve
jJIGE2GJNt4I5thWso6blGrxOyrcBZGUJu0UU57mddDSDBvi9tA2JK8qDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUAKZLZluxYK0clUAH98apgtNolMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvaFFBcGt0bVc3RmdyUnlWUUFmM3hxbUMwMmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B4hMA0G
CSqGSIb3DQEBCwUAA4IBAQBiLZZ8Tg9ltxEwDbgGOAxf6g9gxYGVCy5aFkPMDVF/
dS0nZvmRjHLftWPcy6bHdkO5UyC84dA880sBsPADZlgdOgtd8uncEqee96rsgfPt
hcr8B3t1rrJT84zDZxBJVqg8nchqZxcrLALCHvVJbZuIpQtkG7OISz9tYLj5lcRz
KLSlKUDTwGgjR1cjDHGhlfzHz5OGNgM9XL47UcYvEBp9WLALN/SDfndRjPpWryP9
xBLqhw8HpUmtav+pxYHvrq2jG9YzTDONKOzoLnfsLYpeqNWYnc20MXkPBvwwPtDV
nlutPvJqHEjITt5hvtPFRoWWlZ2FJB5MBD0LRnAjClrN
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:51 2024 by rpki-client on console-fra.rpki-client.org