Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/7xAxgoq6sDnDILCCeFHwfddJbqw.roa
File: 7xAxgoq6sDnDILCCeFHwfddJbqw.roa (raw, json)
Hash identifier: iDn2SDK5ae5Zete+ySkUdUc1KFrNADky8omviDqTun4=
Subject key identifier: EF:10:31:82:8A:BA:B0:39:C3:20:B0:82:78:51:F0:7D:D7:49:6E:AC
Certificate issuer: /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial: 018CC5012BC8C7D135A25BF9B77197506B6F
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/7xAxgoq6sDnDILCCeFHwfddJbqw.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12349
IP address blocks: 212.64.225.0/24 maxlen: 24
164.59.128.0/23 maxlen: 24
164.59.130.0/24 maxlen: 24
164.59.136.0/21 maxlen: 24
164.59.144.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 14:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2b:c8:c7:d1:35:a2:5b:f9:b7:71:97:50:6b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef1031828abab039c320b0827851f07dd7496eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:77:a6:a9:7a:1f:0f:bd:65:00:f0:eb:98:
c4:85:b1:ef:36:24:11:6f:44:59:ac:ee:8c:91:5f:
56:f7:db:5a:43:0a:80:d1:c8:46:4c:26:42:25:fb:
ef:c9:92:1b:84:b3:be:56:51:0b:76:82:61:f3:58:
69:6f:a4:e8:32:41:fa:90:d8:d2:1f:37:d2:bd:e5:
0f:2c:af:0b:05:92:ef:08:88:5b:76:92:03:9c:42:
86:57:d8:ad:ef:09:15:ba:5d:55:35:77:ea:85:b2:
fc:5c:1f:9d:a4:e4:fc:69:9a:2a:74:b7:7e:d1:d9:
99:dd:e0:e7:b0:4e:5d:ad:f5:fa:b9:64:f5:54:f8:
2b:68:ba:44:0f:31:62:00:e0:b0:17:29:13:8f:a4:
b1:d6:05:c4:92:25:a0:be:6f:01:33:d3:18:ba:b4:
dd:84:4c:bf:3a:b4:c1:28:60:9c:d7:ae:31:64:11:
56:e1:3a:ef:5b:79:08:aa:88:8f:9c:f0:6a:0b:c5:
0c:36:12:e7:39:7c:31:61:64:11:87:2f:f4:6a:6d:
c3:3a:ee:f2:97:3a:c6:e2:e7:8a:31:ab:4d:8f:0d:
19:4d:bd:4a:6b:c4:e9:ec:28:4b:77:38:9b:5b:cb:
a5:fd:e6:d7:ac:dd:eb:49:d0:2b:be:11:89:95:df:
fa:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:10:31:82:8A:BA:B0:39:C3:20:B0:82:78:51:F0:7D:D7:49:6E:AC
X509v3 Authority Key Identifier:
keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/7xAxgoq6sDnDILCCeFHwfddJbqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.59.128.0-164.59.130.255
164.59.136.0-164.59.145.255
212.64.225.0/24
Signature Algorithm: sha256WithRSAEncryption
14:37:f8:49:cb:0e:d4:7e:6a:d8:bb:5d:cc:dd:85:81:32:87:
9b:16:ee:73:4e:34:d6:94:80:e1:1f:a4:30:24:fc:aa:26:d4:
16:23:8f:0c:2b:1a:ea:89:30:37:e4:ce:52:0a:66:ee:41:06:
8e:7f:b7:0f:66:70:5b:39:bf:15:f6:53:08:b1:92:f8:6c:d7:
14:10:ea:52:88:9b:2b:5d:ff:19:d9:a0:52:ab:fe:a0:1e:3a:
16:e9:04:a6:86:a2:4e:29:bb:21:bd:5e:c7:85:2a:36:0e:cf:
76:35:b7:c1:0e:e1:f1:7b:06:35:02:38:65:e1:5a:9c:62:97:
ba:45:df:07:71:66:a5:fd:00:5a:2f:69:6c:d9:22:f9:c5:8c:
59:f6:70:e5:aa:bf:e8:39:d3:b2:0f:a6:1f:87:7c:ae:a6:dc:
1d:03:c5:47:8d:a3:31:cb:93:32:9a:43:62:6e:3c:e6:d0:7a:
c6:f4:a2:98:ca:11:cb:55:68:1d:cc:41:60:9d:5f:a3:d5:d8:
b3:36:3e:f9:f9:25:d8:7e:eb:39:24:f2:f5:7f:4b:15:0d:a3:
c5:14:9e:02:c6:c9:53:35:6c:2a:bf:a7:73:51:9c:5b:70:82:
87:02:61:4a:2b:9b:f9:69:85:5b:4f:48:2a:ea:a3:21:8f:e3:
22:d7:4d:30
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFASvIx9E1olv5t3GXUGtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjEwMzE4MjhhYmFiMDM5YzMyMGIwODI3ODUxZjA3ZGQ3NDk2ZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWx3pql6Hw+9ZQDw65jEhbHvNiQR
b0RZrO6MkV9W99taQwqA0chGTCZCJfvvyZIbhLO+VlELdoJh81hpb6ToMkH6kNjS
HzfSveUPLK8LBZLvCIhbdpIDnEKGV9it7wkVul1VNXfqhbL8XB+dpOT8aZoqdLd+
0dmZ3eDnsE5drfX6uWT1VPgraLpEDzFiAOCwFykTj6Sx1gXEkiWgvm8BM9MYurTd
hEy/OrTBKGCc164xZBFW4TrvW3kIqoiPnPBqC8UMNhLnOXwxYWQRhy/0am3DOu7y
lzrG4ueKMatNjw0ZTb1Ka8Tp7ChLdzibW8ul/ebXrN3rSdArvhGJld/6awIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFO8QMYKKurA5wyCwgnhR8H3XSW6sMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvN3hBeGdvcTZzRG5ESUxDQ2VGSHdmZGRKYnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAekO4AD
BACkO4IwDAMEA6Q7iAMEAaQ7kAMEANRA4TANBgkqhkiG9w0BAQsFAAOCAQEAFDf4
ScsO1H5q2LtdzN2FgTKHmxbuc0401pSA4R+kMCT8qibUFiOPDCsa6okwN+TOUgpm
7kEGjn+3D2ZwWzm/FfZTCLGS+GzXFBDqUoibK13/GdmgUqv+oB46FukEpoaiTim7
Ib1ex4UqNg7PdjW3wQ7h8XsGNQI4ZeFanGKXukXfB3Fmpf0AWi9pbNki+cWMWfZw
5aq/6DnTsg+mH4d8rqbcHQPFR42jMcuTMppDYm485tB6xvSimMoRy1VoHcxBYJ1f
o9XYszY++fkl2H7rOSTy9X9LFQ2jxRSeAsbJUzVsKr+nc1GcW3CChwJhSiub+WmF
W09IKuqjIY/jItdNMA==
-----END CERTIFICATE-----
Generated at Sat Jun 22 15:49:20 2024 by rpki-client on console-fra.rpki-client.org