Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/3CNyRYm31CFh2AtCPSuzw1heYd0.roa
File: 3CNyRYm31CFh2AtCPSuzw1heYd0.roa (raw, json)
Hash identifier: bw018CsFGuofj4JAFpd4YTrveMvVrVYI/RTxiUR9vDo=
Subject key identifier: DC:23:72:45:89:B7:D4:21:61:D8:0B:42:3D:2B:B3:C3:58:5E:61:DD
Certificate issuer: /CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Certificate serial: 018573CCF50B73C7B48CFAD608A7E6800D26
Authority key identifier: 32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/3CNyRYm31CFh2AtCPSuzw1heYd0.roa
Signing time: Mon 02 Jan 2023 18:44:49 +0000
ROA not before: Mon 02 Jan 2023 18:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12610
IP address blocks: 213.214.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:f5:0b:73:c7:b4:8c:fa:d6:08:a7:e6:80:0d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Validity
Not Before: Jan 2 18:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc23724589b7d42161d80b423d2bb3c3585e61dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c1:94:2c:24:67:e3:23:0c:6c:ac:28:23:60:
c7:56:77:e1:be:f6:4b:16:74:5f:9a:c4:c0:55:50:
07:ad:35:f2:a7:66:10:67:e2:b2:0e:18:03:c9:c4:
83:e9:3e:97:ed:27:b2:a4:5b:69:9e:bc:31:e7:17:
68:42:92:9d:5b:7c:d4:e5:f0:5f:ac:be:1a:05:cf:
b6:07:25:18:4a:af:df:ea:ff:20:3a:89:3d:ac:14:
5e:d9:b5:f5:b6:93:dc:ec:0d:72:9a:62:0e:bf:b3:
53:92:01:5b:05:44:4e:f8:80:3d:e1:2b:dd:65:d6:
4b:e5:90:03:c4:34:ea:dd:7f:21:83:6a:f9:d6:b3:
2b:87:df:7f:d7:c0:a7:74:04:52:8f:64:1f:7a:b5:
3b:73:29:fa:55:2f:25:dd:1f:ba:ec:a1:d1:bb:9f:
14:38:58:81:13:08:e4:48:5d:64:2e:3e:51:20:e6:
7c:df:3d:8c:39:18:5f:8f:40:a9:5f:d0:73:4c:9d:
67:db:b3:bd:bf:f7:81:8d:38:b6:8a:f8:35:3b:8f:
bb:9f:01:03:c9:03:4f:7c:90:b3:83:61:fa:07:a3:
b6:ec:19:7e:0a:87:08:d8:8a:76:17:bb:e0:03:71:
98:9d:68:54:d4:c2:11:38:6d:0a:97:9d:ea:e2:07:
86:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:72:45:89:B7:D4:21:61:D8:0B:42:3D:2B:B3:C3:58:5E:61:DD
X509v3 Authority Key Identifier:
keyid:32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/3CNyRYm31CFh2AtCPSuzw1heYd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.214.24.0/21
Signature Algorithm: sha256WithRSAEncryption
79:3e:dc:81:3f:4d:ae:08:f2:ef:66:84:c4:62:1b:a2:aa:6c:
1d:25:f0:88:f5:b9:7f:ad:e4:89:ac:de:31:3a:3c:11:de:4d:
a2:fb:02:5e:7b:8d:63:08:f6:5e:7f:34:86:ea:bf:be:ce:7c:
df:89:70:91:38:93:1b:f9:81:6b:c4:14:c5:80:7c:93:92:27:
f5:9a:70:e5:6b:bc:a5:b9:7a:47:c7:49:66:0c:74:9b:9b:1d:
d9:aa:92:c2:72:05:c2:63:b5:6a:48:fc:a3:26:fe:84:3f:c0:
5c:45:42:45:84:87:54:a8:04:97:cb:1f:9f:e9:b7:7f:c5:8e:
4b:e1:06:9f:17:f4:2f:e8:e3:47:e8:f2:c6:ad:7c:10:eb:67:
0d:69:f6:21:1f:f2:a5:5f:df:88:b4:4d:8a:97:c2:91:c6:ec:
85:3c:3a:06:01:56:5a:ce:09:18:eb:42:9e:69:d0:2a:71:b1:
10:b2:17:18:86:42:a3:42:bc:d3:44:c2:35:d7:1a:3a:91:05:
2d:c1:81:33:ae:b9:46:e9:80:0d:87:d8:ec:f6:ec:62:0e:90:
3e:e0:66:fd:d7:30:0b:e3:ba:70:93:58:d2:77:25:21:39:fa:
6f:a7:68:16:fe:4f:d0:88:bc:82:3e:d0:f4:eb:3b:81:e5:2c:
a0:4b:98:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzzPULc8e0jPrWCKfmgA0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTBkNThkNzdiMGZhNWRjZWM0ZjQyYWU5NmYzNDdiYzgw
ZGFhM2UwHhcNMjMwMTAyMTg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzIzNzI0NTg5YjdkNDIxNjFkODBiNDIzZDJiYjNjMzU4NWU2MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMGULCRn4yMMbKwoI2DHVnfhvvZL
FnRfmsTAVVAHrTXyp2YQZ+KyDhgDycSD6T6X7SeypFtpnrwx5xdoQpKdW3zU5fBf
rL4aBc+2ByUYSq/f6v8gOok9rBRe2bX1tpPc7A1ymmIOv7NTkgFbBURO+IA94Svd
ZdZL5ZADxDTq3X8hg2r51rMrh99/18CndARSj2QferU7cyn6VS8l3R+67KHRu58U
OFiBEwjkSF1kLj5RIOZ83z2MORhfj0CpX9BzTJ1n27O9v/eBjTi2ivg1O4+7nwED
yQNPfJCzg2H6B6O27Bl+CocI2Ip2F7vgA3GYnWhU1MIROG0Kl53q4geGowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwjckWJt9QhYdgLQj0rs8NYXmHdMB8GA1UdIwQY
MBaAFDJQ1Y13sPpdzsT0KulvNHvIDao+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUt
M2UzMGE0YzRiODI2LzEvM0NOeVJZbTMxQ0ZoMkF0Q1BTdXp3MWhlWWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUtM2UzMGE0YzRiODI2
LzEvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1dYYMA0G
CSqGSIb3DQEBCwUAA4IBAQB5PtyBP02uCPLvZoTEYhuiqmwdJfCI9bl/reSJrN4x
OjwR3k2i+wJee41jCPZefzSG6r++znzfiXCROJMb+YFrxBTFgHyTkif1mnDla7yl
uXpHx0lmDHSbmx3ZqpLCcgXCY7VqSPyjJv6EP8BcRUJFhIdUqASXyx+f6bd/xY5L
4QafF/Qv6ONH6PLGrXwQ62cNafYhH/KlX9+ItE2Kl8KRxuyFPDoGAVZazgkY60Ke
adAqcbEQshcYhkKjQrzTRMI11xo6kQUtwYEzrrlG6YANh9js9uxiDpA+4Gb91zAL
47pwk1jSdyUhOfpvp2gW/k/QiLyCPtD06zuB5SygS5jq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:35 2024 by rpki-client on console-fra.rpki-client.org