Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/wWiYnYkp0ZC01F-0GlEeH8dnyP0.roa
File: wWiYnYkp0ZC01F-0GlEeH8dnyP0.roa (raw, json)
Hash identifier: qRpwhOXahDxzk0vFkGhb5Rb2xGJJDOlL/+1DDuETM3A=
Subject key identifier: C1:68:98:9D:89:29:D1:90:B4:D4:5F:B4:1A:51:1E:1F:C7:67:C8:FD
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 018DB7E78CB24690521CEED95E7828AE9FAE
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/wWiYnYkp0ZC01F-0GlEeH8dnyP0.roa
Signing time: Sat 17 Feb 2024 16:30:21 +0000
ROA not before: Sat 17 Feb 2024 16:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 212.30.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 17:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b7:e7:8c:b2:46:90:52:1c:ee:d9:5e:78:28:ae:9f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Feb 17 16:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c168989d8929d190b4d45fb41a511e1fc767c8fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:25:3e:4e:84:4f:99:19:ba:75:dc:80:63:8f:
59:01:01:06:f0:e6:8c:d9:37:c8:87:55:ba:5b:1c:
52:9f:cd:8f:69:5e:df:43:99:92:ea:72:bb:c9:a5:
21:3e:30:c5:cd:d2:1a:da:9a:78:77:4f:c2:e2:6f:
8b:7e:e2:cf:14:1a:45:f2:ac:8c:2b:1a:12:a0:24:
01:8e:3a:1d:3a:ea:5c:06:56:dc:9d:67:a3:5b:a0:
c8:af:ee:ba:7f:42:1e:7f:8b:09:e1:90:3d:59:2a:
96:dd:79:3a:68:24:ff:12:93:3f:cb:87:c0:78:48:
73:39:70:6f:6c:73:e7:f2:d2:26:bd:cb:cb:f1:c0:
b2:53:06:45:fc:25:11:f5:2e:13:ba:4d:69:3d:df:
63:08:84:a3:ce:c9:1b:14:db:b4:28:0d:9c:0c:ec:
dd:90:36:96:b8:ef:3e:93:a2:92:c2:2b:39:d7:c8:
f0:38:10:92:a9:95:59:6d:4f:35:d0:41:e2:a3:b8:
2b:52:b6:ff:d1:ac:a7:5f:ee:d4:75:da:e1:58:fd:
8d:b9:63:9d:46:4b:e2:4b:e2:9d:4e:18:2f:07:43:
8f:e0:e5:7b:c7:6f:70:33:c2:2e:9e:4d:20:72:0b:
3a:dc:6c:a9:57:3b:48:fe:bd:70:a3:96:e4:04:fd:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:68:98:9D:89:29:D1:90:B4:D4:5F:B4:1A:51:1E:1F:C7:67:C8:FD
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/wWiYnYkp0ZC01F-0GlEeH8dnyP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.38.0/24
Signature Algorithm: sha256WithRSAEncryption
68:88:a1:48:b2:b3:6c:0f:d4:f0:e8:36:0b:5c:04:e2:bf:58:
72:c1:e2:00:0b:91:f0:96:5f:d6:30:d4:7b:58:c5:38:27:9b:
bd:ca:ae:b3:58:c0:94:b1:e5:38:07:9d:64:04:1c:a4:2a:48:
21:ae:e3:13:52:f1:77:95:d9:6f:bd:04:9a:93:58:e3:d8:1c:
1a:13:aa:87:ca:00:71:45:e0:96:ed:38:37:ce:00:8a:98:c7:
9b:fb:69:da:69:cd:a6:a1:9e:42:cc:30:ca:20:ac:8c:e9:b2:
ff:0f:5c:50:a6:8e:8e:ad:85:f1:61:06:ab:27:25:db:b1:ed:
02:bd:d1:d4:78:ac:e5:3d:74:72:c5:07:23:69:11:aa:48:96:
d2:26:e5:4d:49:78:fd:7e:c2:13:d5:e9:84:8f:97:57:34:11:
99:af:e0:15:91:40:81:df:4f:a4:af:93:65:f6:92:9a:ae:72:
64:c9:a1:fd:2e:d3:c2:89:c1:1a:e4:2d:54:cf:ab:9a:02:73:
44:41:3c:16:a8:81:f8:1c:ba:7a:7a:11:b1:51:f0:1c:d9:3b:
44:6f:15:e4:b4:03:1a:be:f9:c8:09:fc:50:5d:bc:1b:87:7f:
6a:c2:51:e9:06:97:34:43:d7:e0:60:f2:ea:fc:34:e8:ad:94:
ca:7e:9d:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2354yyRpBSHO7ZXngorp+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMjE3MTYzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY4OTg5ZDg5MjlkMTkwYjRkNDVmYjQxYTUxMWUxZmM3NjdjOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSU+ToRPmRm6ddyAY49ZAQEG8OaM
2TfIh1W6WxxSn82PaV7fQ5mS6nK7yaUhPjDFzdIa2pp4d0/C4m+LfuLPFBpF8qyM
KxoSoCQBjjodOupcBlbcnWejW6DIr+66f0Ief4sJ4ZA9WSqW3Xk6aCT/EpM/y4fA
eEhzOXBvbHPn8tImvcvL8cCyUwZF/CUR9S4Tuk1pPd9jCISjzskbFNu0KA2cDOzd
kDaWuO8+k6KSwis518jwOBCSqZVZbU810EHio7grUrb/0aynX+7UddrhWP2NuWOd
RkviS+KdThgvB0OP4OV7x29wM8Iunk0gcgs63GypVztI/r1wo5bkBP1XvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFomJ2JKdGQtNRftBpRHh/HZ8j9MB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvd1dpWW5Za3AwWkMwMUYtMEdsRWVIOGRueVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B4mMA0G
CSqGSIb3DQEBCwUAA4IBAQBoiKFIsrNsD9Tw6DYLXATiv1hyweIAC5Hwll/WMNR7
WMU4J5u9yq6zWMCUseU4B51kBBykKkghruMTUvF3ldlvvQSak1jj2BwaE6qHygBx
ReCW7Tg3zgCKmMeb+2naac2moZ5CzDDKIKyM6bL/D1xQpo6OrYXxYQarJyXbse0C
vdHUeKzlPXRyxQcjaRGqSJbSJuVNSXj9fsIT1emEj5dXNBGZr+AVkUCB30+kr5Nl
9pKarnJkyaH9LtPCicEa5C1Uz6uaAnNEQTwWqIH4HLp6ehGxUfAc2TtEbxXktAMa
vvnICfxQXbwbh39qwlHpBpc0Q9fgYPLq/DTorZTKfp1b
-----END CERTIFICATE-----
Generated at Wed Feb 21 21:59:55 2024 by rpki-client on console-ams.rpki-client.org