Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/baIaWVEZF4MYPNgpH4eReVka2tE.roa
File: baIaWVEZF4MYPNgpH4eReVka2tE.roa (raw, json)
Hash identifier: zUv4CYACIWLGLLp/oT3ArpgdLlQfuxFFLp9Ppx642zE=
Subject key identifier: 6D:A2:1A:59:51:19:17:83:18:3C:D8:29:1F:87:91:79:59:1A:DA:D1
Certificate issuer: /CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Certificate serial: 018570799B3149EFBC849C7515F0312765C5
Authority key identifier: 10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/baIaWVEZF4MYPNgpH4eReVka2tE.roa
Signing time: Mon 02 Jan 2023 03:14:55 +0000
ROA not before: Mon 02 Jan 2023 03:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15656
IP address blocks: 212.146.129.0/24 maxlen: 24
212.146.132.0/24 maxlen: 24
212.146.128.0/24 maxlen: 24
212.146.131.0/24 maxlen: 24
212.146.130.0/24 maxlen: 24
212.146.135.0/24 maxlen: 24
212.146.134.0/24 maxlen: 24
212.146.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:9b:31:49:ef:bc:84:9c:75:15:f0:31:27:65:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Validity
Not Before: Jan 2 03:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da21a5951191783183cd8291f879179591adad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:29:f3:53:ed:12:06:c3:fb:b0:63:08:1c:7b:
4b:05:21:61:c3:b6:08:a9:1b:83:39:76:31:2a:c2:
02:9d:2b:e5:71:c2:83:26:76:51:07:fc:3f:0e:db:
18:e4:cf:99:d8:98:d8:2f:1c:aa:8c:4a:c9:33:fa:
cf:7c:06:86:48:1f:10:b6:3d:50:34:95:df:b8:13:
52:fc:a6:ad:ca:f9:85:e8:9a:02:80:be:ba:7e:c4:
e5:fc:f8:f3:42:1b:5d:46:e2:83:53:bf:45:59:53:
dc:0a:1c:a3:7e:04:61:03:e7:a8:39:fa:f7:d4:a1:
75:c8:72:8d:a7:bc:af:47:99:a9:38:e0:ab:16:58:
3a:2f:c0:93:b0:ce:e2:ca:0a:73:03:14:da:e5:72:
38:0f:3c:f6:19:18:69:33:32:8f:38:37:2f:8d:3c:
e4:7a:6a:1c:cd:34:2c:56:56:bf:4f:3d:d0:e6:c9:
bc:a8:56:79:2a:8b:f0:69:12:d8:25:a7:f6:6c:8b:
6c:83:44:09:fa:18:36:d2:0b:6e:d3:1a:60:e2:11:
5e:bc:e7:06:70:d1:32:c9:e2:4b:48:fb:1a:15:db:
4c:01:77:25:f9:f7:e4:20:b6:16:90:7e:7c:ce:d5:
c7:e8:24:6a:25:ae:40:a8:7d:7b:65:9b:25:0d:95:
0c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A2:1A:59:51:19:17:83:18:3C:D8:29:1F:87:91:79:59:1A:DA:D1
X509v3 Authority Key Identifier:
keyid:10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/baIaWVEZF4MYPNgpH4eReVka2tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.146.128.0/21
Signature Algorithm: sha256WithRSAEncryption
66:3e:7a:60:f2:35:05:28:e4:47:d2:31:13:72:b8:b6:b9:3a:
48:8e:47:05:ea:a0:97:5b:ff:d3:53:a0:27:62:cb:13:3e:4f:
41:d7:af:f7:92:a2:0c:59:b8:be:55:41:db:77:26:f8:7d:da:
4d:ed:40:81:0c:9f:97:07:fd:ac:e2:d2:0e:7d:20:0c:06:b6:
4e:6b:d4:1a:0c:ab:ee:69:1e:d7:13:71:d5:9f:a1:2a:a0:15:
86:e0:5c:fe:80:f2:75:71:74:10:bd:46:61:6c:de:06:c5:23:
8e:44:8c:ed:37:9a:44:3a:f7:57:a8:cd:de:74:45:a9:86:d9:
57:a5:68:7d:74:c8:fa:70:25:d7:de:53:4c:4e:5f:b9:e2:56:
ed:e1:80:52:c1:b9:31:c7:b5:7e:10:f4:76:bb:20:81:76:e3:
55:d3:13:2a:c0:da:85:67:3a:45:08:d3:d6:d4:a1:42:ae:72:
b7:c3:14:94:75:54:a1:31:04:de:c3:53:7d:61:95:bc:8c:5a:
e5:fb:98:1c:e7:d0:9f:fc:c3:08:a5:95:65:41:55:07:fd:f8:
37:11:9c:e1:ab:9a:1c:74:68:00:01:f1:53:df:6d:14:0e:e2:
93:fe:98:35:9f:f0:7f:2d:ab:79:4b:11:a1:36:f7:41:1a:02:
03:35:7e:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweZsxSe+8hJx1FfAxJ2XFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzcxZGQ3ZGVhMjJlMzVmZGFmMTliNTFiODM5ZjQzNzIx
MjcwYmEwHhcNMjMwMTAyMDMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGEyMWE1OTUxMTkxNzgzMTgzY2Q4MjkxZjg3OTE3OTU5MWFkYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSnzU+0SBsP7sGMIHHtLBSFhw7YI
qRuDOXYxKsICnSvlccKDJnZRB/w/DtsY5M+Z2JjYLxyqjErJM/rPfAaGSB8Qtj1Q
NJXfuBNS/KatyvmF6JoCgL66fsTl/PjzQhtdRuKDU79FWVPcChyjfgRhA+eoOfr3
1KF1yHKNp7yvR5mpOOCrFlg6L8CTsM7iygpzAxTa5XI4Dzz2GRhpMzKPODcvjTzk
emoczTQsVla/Tz3Q5sm8qFZ5KovwaRLYJaf2bItsg0QJ+hg20gtu0xpg4hFevOcG
cNEyyeJLSPsaFdtMAXcl+ffkILYWkH58ztXH6CRqJa5AqH17ZZslDZUMRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2iGllRGReDGDzYKR+HkXlZGtrRMB8GA1UdIwQY
MBaAFBB3Hdfeoi41/a8ZtRuDn0NyEnC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGIt
ZGE4NTFhNzE1ZmE0LzEvYmFJYVdWRVpGNE1ZUE5ncEg0ZVJlVmthMnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGItZGE4NTFhNzE1ZmE0
LzEvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1JKAMA0G
CSqGSIb3DQEBCwUAA4IBAQBmPnpg8jUFKORH0jETcri2uTpIjkcF6qCXW//TU6An
YssTPk9B16/3kqIMWbi+VUHbdyb4fdpN7UCBDJ+XB/2s4tIOfSAMBrZOa9QaDKvu
aR7XE3HVn6EqoBWG4Fz+gPJ1cXQQvUZhbN4GxSOORIztN5pEOvdXqM3edEWphtlX
pWh9dMj6cCXX3lNMTl+54lbt4YBSwbkxx7V+EPR2uyCBduNV0xMqwNqFZzpFCNPW
1KFCrnK3wxSUdVShMQTew1N9YZW8jFrl+5gc59Cf/MMIpZVlQVUH/fg3EZzhq5oc
dGgAAfFT320UDuKT/pg1n/B/Lat5SxGhNvdBGgIDNX51
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:05 2024 by rpki-client on console-ams.rpki-client.org