Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/EFBKJKJhXjRcBBmp9Ihe6HFWjmM.roa
File: EFBKJKJhXjRcBBmp9Ihe6HFWjmM.roa (raw, json)
Hash identifier: VKqqOeOtaeqNomUpG7jKT6/iQH8BTkLPgjZoAxWZt64=
Subject key identifier: 10:50:4A:24:A2:61:5E:34:5C:04:19:A9:F4:88:5E:E8:71:56:8E:63
Certificate issuer: /CN=da3220272a469aed65cc2a7f6d97fca991f7ec81
Certificate serial: 01856FC26A642EEA136452172EEFFA2490FD
Authority key identifier: DA:32:20:27:2A:46:9A:ED:65:CC:2A:7F:6D:97:FC:A9:91:F7:EC:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2jIgJypGmu1lzCp_bZf8qZH37IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/EFBKJKJhXjRcBBmp9Ihe6HFWjmM.roa
Signing time: Sun 01 Jan 2023 23:54:50 +0000
ROA not before: Sun 01 Jan 2023 23:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12907
IP address blocks: 213.252.0.0/18 maxlen: 18
2a04:d740::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:6a:64:2e:ea:13:64:52:17:2e:ef:fa:24:90:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da3220272a469aed65cc2a7f6d97fca991f7ec81
Validity
Not Before: Jan 1 23:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10504a24a2615e345c0419a9f4885ee871568e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e3:6d:e6:35:c3:7c:43:45:3f:7f:d8:95:c4:
00:6f:bd:ed:43:ec:61:dd:8d:9e:49:f1:a4:d0:fb:
a3:cb:dc:1b:9a:52:ce:a5:03:f6:1c:82:a8:77:66:
1b:a9:6e:69:0e:20:eb:c5:f5:2f:dc:f1:55:8b:2b:
e0:8b:cf:70:e0:39:4d:66:71:d9:ad:60:9f:e7:16:
1d:a0:c7:c0:90:b0:09:ed:ea:c2:47:60:c6:c1:7a:
eb:e6:e8:19:bd:fa:dc:e2:03:0c:cb:e4:26:cf:e8:
03:53:c7:7e:d1:93:48:42:0c:f3:23:17:88:8d:8d:
be:ef:4b:2e:77:33:2d:38:70:34:e6:cc:e2:a2:7c:
88:64:be:fd:6e:e3:ed:39:1b:c7:03:be:c6:4b:a5:
09:3d:1a:45:eb:40:1e:62:87:bb:49:72:dc:da:e4:
07:e7:de:ff:45:4e:04:72:63:4f:84:5f:a4:29:c6:
ee:71:7d:8f:c5:cb:30:69:5b:81:71:74:b7:bf:77:
88:10:43:f5:be:88:f6:a6:4d:ea:9e:6b:d9:48:3c:
3f:de:0f:51:23:26:df:55:31:b4:0d:f3:79:6b:11:
8c:73:71:13:03:02:0d:ea:cb:4b:43:e3:67:31:68:
c1:68:b7:d9:b7:59:6c:e4:a2:8d:be:de:78:46:d7:
95:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:50:4A:24:A2:61:5E:34:5C:04:19:A9:F4:88:5E:E8:71:56:8E:63
X509v3 Authority Key Identifier:
keyid:DA:32:20:27:2A:46:9A:ED:65:CC:2A:7F:6D:97:FC:A9:91:F7:EC:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jIgJypGmu1lzCp_bZf8qZH37IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/EFBKJKJhXjRcBBmp9Ihe6HFWjmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/2jIgJypGmu1lzCp_bZf8qZH37IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.0.0/18
IPv6:
2a04:d740::/29
Signature Algorithm: sha256WithRSAEncryption
07:41:04:0f:ee:3d:a9:03:19:de:d9:58:25:18:86:b4:8c:07:
39:7e:8d:2e:0a:56:4a:37:19:79:cf:0a:15:f4:2c:c5:fd:8b:
a6:71:e8:56:ec:1f:3e:78:47:96:c4:62:9c:80:b9:19:5d:f5:
b6:41:5f:3c:0e:d6:65:ec:a6:b6:00:b7:4a:24:e9:25:a4:3f:
3d:e9:9b:de:63:67:49:5e:c2:f9:c1:f5:34:6f:3d:cc:90:72:
12:7e:95:c3:46:55:e7:67:d5:3e:07:0a:a6:a6:94:f8:60:ac:
56:15:eb:0b:0a:56:28:f3:2a:05:08:ea:44:ec:e7:3f:de:95:
36:8e:32:c9:aa:9d:9f:2f:a1:e0:51:e2:18:06:0c:1e:77:fe:
bd:94:05:1b:f0:85:de:f4:3b:8b:34:79:f5:03:8d:cd:63:a2:
f6:68:e9:a2:1e:3d:1a:bc:30:75:2a:11:10:57:58:ff:6b:cd:
c7:07:d7:2c:01:2b:0e:82:51:e1:1d:92:1e:ee:ea:6c:fb:3f:
54:76:84:78:59:ec:77:cc:5f:f8:e2:ef:89:ac:50:ae:cc:65:
e0:02:6d:48:bf:81:6c:95:70:2b:44:29:61:0e:48:e5:db:ab:
db:c8:36:1e:17:a8:f8:59:24:1a:b9:2d:1d:e1:83:89:01:40:
eb:32:c3:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwmpkLuoTZFIXLu/6JJD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMzIyMDI3MmE0NjlhZWQ2NWNjMmE3ZjZkOTdmY2E5OTFm
N2VjODEwHhcNMjMwMTAxMjM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDUwNGEyNGEyNjE1ZTM0NWMwNDE5YTlmNDg4NWVlODcxNTY4ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeNt5jXDfENFP3/YlcQAb73tQ+xh
3Y2eSfGk0Pujy9wbmlLOpQP2HIKod2YbqW5pDiDrxfUv3PFViyvgi89w4DlNZnHZ
rWCf5xYdoMfAkLAJ7erCR2DGwXrr5ugZvfrc4gMMy+Qmz+gDU8d+0ZNIQgzzIxeI
jY2+70sudzMtOHA05szionyIZL79buPtORvHA77GS6UJPRpF60AeYoe7SXLc2uQH
597/RU4EcmNPhF+kKcbucX2PxcswaVuBcXS3v3eIEEP1voj2pk3qnmvZSDw/3g9R
IybfVTG0DfN5axGMc3ETAwIN6stLQ+NnMWjBaLfZt1ls5KKNvt54RteVqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBBQSiSiYV40XAQZqfSIXuhxVo5jMB8GA1UdIwQY
MBaAFNoyICcqRprtZcwqf22X/KmR9+yBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmpJZ0p5cEdtdTFsekNwX2JaZjhxWkgzN0lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9mNDExNmEtN2Y0MC00NTI5LWEzY2Mt
MjQxZWVjZmY5YWIwLzEvRUZCS0pLSmhYalJjQkJtcDlJaGU2SEZXam1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9mNDExNmEtN2Y0MC00NTI5LWEzY2MtMjQxZWVjZmY5YWIw
LzEvMmpJZ0p5cEdtdTFsekNwX2JaZjhxWkgzN0lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQG1fwAMA0E
AgACMAcDBQMqBNdAMA0GCSqGSIb3DQEBCwUAA4IBAQAHQQQP7j2pAxne2VglGIa0
jAc5fo0uClZKNxl5zwoV9CzF/YumcehW7B8+eEeWxGKcgLkZXfW2QV88DtZl7Ka2
ALdKJOklpD896ZveY2dJXsL5wfU0bz3MkHISfpXDRlXnZ9U+BwqmppT4YKxWFesL
ClYo8yoFCOpE7Oc/3pU2jjLJqp2fL6HgUeIYBgwed/69lAUb8IXe9DuLNHn1A43N
Y6L2aOmiHj0avDB1KhEQV1j/a83HB9csASsOglHhHZIe7ups+z9UdoR4Wex3zF/4
4u+JrFCuzGXgAm1Iv4FslXArRClhDkjl26vbyDYeF6j4WSQauS0d4YOJAUDrMsM0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:08 2024 by rpki-client on console-ams.rpki-client.org