Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/P0FSiMYfrqO9dmy6A3voLU8cqNs.roa
File: P0FSiMYfrqO9dmy6A3voLU8cqNs.roa (raw, json)
Hash identifier: yooC5NeIImdnHgCdhjrsWaiCkqfhkpzivopzJOBEbFw=
Subject key identifier: 3F:41:52:88:C6:1F:AE:A3:BD:76:6C:BA:03:7B:E8:2D:4F:1C:A8:DB
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 018C0AC6ABDEE60D0C0AA5D4B524EF4C02CE
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/P0FSiMYfrqO9dmy6A3voLU8cqNs.roa
Signing time: Sun 26 Nov 2023 08:37:21 +0000
ROA not before: Sun 26 Nov 2023 08:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34397
IP address blocks: 213.210.196.0/24 maxlen: 24
213.210.192.0/18 maxlen: 18
213.210.195.0/24 maxlen: 24
213.210.216.0/24 maxlen: 24
212.71.51.0/24 maxlen: 24
212.118.96.0/19 maxlen: 19
212.118.100.0/24 maxlen: 24
212.118.102.0/24 maxlen: 24
212.118.107.0/24 maxlen: 24
212.118.106.0/24 maxlen: 24
212.118.108.0/22 maxlen: 22
212.118.115.0/24 maxlen: 24
212.118.119.0/24 maxlen: 24
212.118.124.0/24 maxlen: 24
212.118.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Nov 2023 09:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0a:c6:ab:de:e6:0d:0c:0a:a5:d4:b5:24:ef:4c:02:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Nov 26 08:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f415288c61faea3bd766cba037be82d4f1ca8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e8:c3:6d:7e:7b:66:04:f0:43:86:2d:5d:c0:
c5:74:dc:cb:d6:7f:19:f2:d9:cc:72:47:11:37:0b:
e8:95:c5:34:f6:4a:c2:3e:56:ca:5a:31:05:4f:3a:
7f:b3:7e:d6:10:61:05:03:83:1a:61:1d:70:99:5b:
60:24:09:a5:08:c6:8a:60:40:42:78:76:f8:39:bc:
73:ac:54:97:33:32:01:77:e4:2e:82:cc:3b:ce:d9:
6f:d4:bb:84:24:f9:cd:f5:f2:0e:16:a0:aa:67:de:
67:2b:e0:9f:4c:60:24:08:1d:5f:24:08:75:21:e4:
ed:71:60:d9:5c:82:07:b0:43:9a:81:62:ff:9b:e4:
58:b5:50:35:c5:20:6d:25:3d:22:95:90:7f:03:94:
2f:37:78:9d:04:a1:10:30:99:ef:15:4c:91:08:99:
29:c4:e3:1a:63:21:3e:5d:b7:29:73:a8:d9:65:e3:
e1:13:f9:88:bd:0e:42:48:e4:2b:38:22:a1:36:4e:
ab:ac:1b:b0:5f:88:92:d4:c1:fa:79:3b:92:dd:8e:
fc:fa:5e:22:e5:0e:55:7d:c4:de:bf:4a:02:01:dd:
f3:e4:50:f2:3a:b4:fb:6a:3b:a7:1d:74:69:cb:16:
f3:cb:03:db:2c:fe:d5:19:39:91:d0:dc:65:3e:c0:
71:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:41:52:88:C6:1F:AE:A3:BD:76:6C:BA:03:7B:E8:2D:4F:1C:A8:DB
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/P0FSiMYfrqO9dmy6A3voLU8cqNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.71.51.0/24
212.118.96.0/19
213.210.192.0/18
Signature Algorithm: sha256WithRSAEncryption
2b:52:36:64:8f:3c:f9:28:b8:1f:e0:95:11:a4:7d:a0:2f:8f:
9b:aa:e7:26:72:95:c4:ba:db:f3:0c:c2:4b:4a:a0:45:43:26:
70:72:fe:89:48:26:42:28:5e:5e:43:d8:8a:a6:ba:ff:62:4b:
cb:39:b5:fa:ee:b9:82:f4:b8:37:2c:c8:3b:67:cb:1e:a4:ad:
20:14:4a:da:24:82:90:04:96:3c:2b:bc:28:ac:7c:4a:e4:8b:
ce:3d:db:fd:32:2c:66:08:3b:a8:85:f2:d5:87:47:ea:96:91:
f9:c6:86:66:e8:2e:1c:76:62:1d:f9:b0:eb:70:43:4e:c4:f3:
12:3d:f1:f8:a1:13:c8:cd:10:3b:cc:ba:b1:41:2f:05:56:6c:
ce:a3:d6:9b:63:ad:71:fb:ae:1c:d6:ab:07:f3:20:b5:c3:7f:
9a:2c:82:df:ef:97:d0:5b:33:77:e6:55:be:57:65:3d:f9:7d:
3d:58:ba:2b:79:3b:c8:a3:e9:b9:5d:72:30:0d:df:72:81:69:
b9:72:ab:50:f7:f0:79:7b:8c:14:cd:ed:9a:06:f5:61:6d:98:
25:15:8b:0c:1f:9b:55:02:18:97:60:61:a0:ed:77:c9:e1:d5:
20:5f:62:e4:c7:7c:37:22:ee:ec:9b:4a:49:fd:6c:8f:c0:b7:
31:6f:e2:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwKxqve5g0MCqXUtSTvTALOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjMxMTI2MDgzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQxNTI4OGM2MWZhZWEzYmQ3NjZjYmEwMzdiZTgyZDRmMWNhOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+jDbX57ZgTwQ4YtXcDFdNzL1n8Z
8tnMckcRNwvolcU09krCPlbKWjEFTzp/s37WEGEFA4MaYR1wmVtgJAmlCMaKYEBC
eHb4ObxzrFSXMzIBd+Qugsw7ztlv1LuEJPnN9fIOFqCqZ95nK+CfTGAkCB1fJAh1
IeTtcWDZXIIHsEOagWL/m+RYtVA1xSBtJT0ilZB/A5QvN3idBKEQMJnvFUyRCJkp
xOMaYyE+Xbcpc6jZZePhE/mIvQ5CSOQrOCKhNk6rrBuwX4iS1MH6eTuS3Y78+l4i
5Q5VfcTev0oCAd3z5FDyOrT7ajunHXRpyxbzywPbLP7VGTmR0NxlPsBxEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD9BUojGH66jvXZsugN76C1PHKjbMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvUDBGU2lNWWZycU85ZG15NkEzdm9MVThjcU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1EczAwQF
1HZgAwQG1dLAMA0GCSqGSIb3DQEBCwUAA4IBAQArUjZkjzz5KLgf4JURpH2gL4+b
qucmcpXEutvzDMJLSqBFQyZwcv6JSCZCKF5eQ9iKprr/YkvLObX67rmC9Lg3LMg7
Z8sepK0gFEraJIKQBJY8K7worHxK5IvOPdv9MixmCDuohfLVh0fqlpH5xoZm6C4c
dmId+bDrcENOxPMSPfH4oRPIzRA7zLqxQS8FVmzOo9abY61x+64c1qsH8yC1w3+a
LILf75fQWzN35lW+V2U9+X09WLoreTvIo+m5XXIwDd9ygWm5cqtQ9/B5e4wUze2a
BvVhbZglFYsMH5tVAhiXYGGg7XfJ4dUgX2Lkx3w3Iu7sm0pJ/WyPwLcxb+Jp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:10 2024 by rpki-client on console-ams.rpki-client.org