Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/pVskL0DAWRlyWW-7swKrwl8WJCM.roa
File: pVskL0DAWRlyWW-7swKrwl8WJCM.roa (raw, json)
Hash identifier: zEsvqH9KMagpPZKx6GreVigy3ar/jlHEmcrp2op/Uac=
Subject key identifier: A5:5B:24:2F:40:C0:59:19:72:59:6F:BB:B3:02:AB:C2:5F:16:24:23
Certificate issuer: /CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Certificate serial: 018CC2DB32F1C53C9A136651A11A68FE7C41
Authority key identifier: 10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/pVskL0DAWRlyWW-7swKrwl8WJCM.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15656
IP address blocks: 212.146.129.0/24 maxlen: 24
212.146.132.0/24 maxlen: 24
212.146.128.0/24 maxlen: 24
212.146.131.0/24 maxlen: 24
212.146.130.0/24 maxlen: 24
212.146.135.0/24 maxlen: 24
212.146.134.0/24 maxlen: 24
212.146.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:32:f1:c5:3c:9a:13:66:51:a1:1a:68:fe:7c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a55b242f40c0591972596fbbb302abc25f162423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b3:fe:38:01:9a:7f:f7:6e:7e:b3:c2:c9:3e:
d2:63:38:68:5c:42:ef:f6:09:bb:da:b6:31:db:11:
b9:f8:12:ba:d7:8d:40:c4:17:3a:fd:8d:15:a8:0f:
03:ba:58:99:f3:68:dd:fb:b8:17:23:d3:9d:0d:49:
57:0a:7f:f7:ba:91:66:f7:2c:a3:8b:9d:09:56:ce:
dd:e1:36:45:94:f8:93:e1:15:4e:8a:8b:dd:4b:66:
b2:d8:90:f8:c3:d1:84:13:04:f9:be:47:23:40:99:
20:e4:1d:41:3a:9c:77:63:ef:bb:e0:be:09:86:f8:
02:0f:65:16:71:fb:21:a0:76:be:47:bd:6a:da:e3:
8c:90:b5:b5:99:27:36:bd:99:c3:c3:36:d1:fe:0d:
48:f5:fe:6b:56:59:2a:4c:08:fc:41:5b:5a:22:e1:
e9:1f:84:b8:a1:fc:aa:eb:9b:61:ec:4a:ed:27:58:
43:fb:10:aa:55:04:e4:24:c1:dd:c2:9c:04:2a:52:
69:40:47:ac:e1:5f:ec:a7:29:7e:5c:27:ce:d7:ec:
d6:8a:77:bf:df:4d:15:0b:61:e6:d1:3c:89:51:36:
c3:67:f3:cb:cd:fc:d2:9f:d6:53:5b:bf:93:b0:aa:
21:fe:9c:99:5d:17:7a:51:49:b3:75:11:42:55:b0:
e8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5B:24:2F:40:C0:59:19:72:59:6F:BB:B3:02:AB:C2:5F:16:24:23
X509v3 Authority Key Identifier:
keyid:10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/pVskL0DAWRlyWW-7swKrwl8WJCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.146.128.0/21
Signature Algorithm: sha256WithRSAEncryption
52:1f:6a:a5:03:d9:cb:8e:a7:be:7d:17:62:58:96:fe:ee:89:
c3:f8:a3:06:e8:fe:05:a8:bb:dd:61:b3:e6:e9:d7:d8:3b:b2:
bc:74:a2:1b:9d:5e:cd:13:d7:79:de:68:1a:e1:72:bf:9e:f0:
ee:96:a9:a2:8e:c7:ae:90:69:75:bf:5d:ee:29:e8:6a:f0:e9:
ab:63:1d:79:5f:8c:0e:ad:e8:92:c6:4b:37:22:71:a9:24:16:
b7:0e:c1:85:77:44:a8:79:fe:e3:b9:be:6c:b5:85:65:f7:1d:
66:4a:6f:b8:4d:ad:4d:d6:65:fa:27:71:8c:65:24:99:a1:d4:
be:e8:ec:d9:4e:60:28:27:22:98:d5:84:76:d0:ac:f6:52:bc:
40:a5:20:e1:2e:48:7f:ae:fc:f8:90:a5:76:52:20:08:4d:e4:
e3:be:77:33:03:1e:47:54:45:87:33:28:b3:df:28:44:02:4a:
d4:ef:c6:e5:a8:f1:6d:e6:af:2f:a1:6b:93:4a:dd:e4:db:60:
a9:47:99:af:09:6f:5e:3b:83:e1:5b:c4:69:d0:9c:bc:ac:c4:
de:c9:a3:fe:f9:1e:28:8c:3e:3e:d3:94:92:d1:c9:df:72:f1:
27:b5:92:02:95:42:86:3b:a3:34:19:6b:3d:38:fa:32:4e:84:
38:1e:60:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zLxxTyaE2ZRoRpo/nxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzcxZGQ3ZGVhMjJlMzVmZGFmMTliNTFiODM5ZjQzNzIx
MjcwYmEwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTViMjQyZjQwYzA1OTE5NzI1OTZmYmJiMzAyYWJjMjVmMTYyNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7P+OAGaf/dufrPCyT7SYzhoXELv
9gm72rYx2xG5+BK6141AxBc6/Y0VqA8DuliZ82jd+7gXI9OdDUlXCn/3upFm9yyj
i50JVs7d4TZFlPiT4RVOiovdS2ay2JD4w9GEEwT5vkcjQJkg5B1BOpx3Y++74L4J
hvgCD2UWcfshoHa+R71q2uOMkLW1mSc2vZnDwzbR/g1I9f5rVlkqTAj8QVtaIuHp
H4S4ofyq65th7ErtJ1hD+xCqVQTkJMHdwpwEKlJpQEes4V/spyl+XCfO1+zWine/
300VC2Hm0TyJUTbDZ/PLzfzSn9ZTW7+TsKoh/pyZXRd6UUmzdRFCVbDolwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVbJC9AwFkZcllvu7MCq8JfFiQjMB8GA1UdIwQY
MBaAFBB3Hdfeoi41/a8ZtRuDn0NyEnC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGIt
ZGE4NTFhNzE1ZmE0LzEvcFZza0wwREFXUmx5V1ctN3N3S3J3bDhXSkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGItZGE4NTFhNzE1ZmE0
LzEvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1JKAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSH2qlA9nLjqe+fRdiWJb+7onD+KMG6P4FqLvdYbPm
6dfYO7K8dKIbnV7NE9d53mga4XK/nvDulqmijseukGl1v13uKehq8OmrYx15X4wO
reiSxks3InGpJBa3DsGFd0Soef7jub5stYVl9x1mSm+4Ta1N1mX6J3GMZSSZodS+
6OzZTmAoJyKY1YR20Kz2UrxApSDhLkh/rvz4kKV2UiAITeTjvnczAx5HVEWHMyiz
3yhEAkrU78blqPFt5q8voWuTSt3k22CpR5mvCW9eO4PhW8Rp0Jy8rMTeyaP++R4o
jD4+05SS0cnfcvEntZIClUKGO6M0GWs9OPoyToQ4HmAe
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:28:06 2025 by rpki-client