Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/e95H7yaqObhkmOaVfnDuazMdimQ.roa
File: e95H7yaqObhkmOaVfnDuazMdimQ.roa (raw, json)
Hash identifier: gGnf9FaeodZ0Ap11MCrNdxx47I5f3fqZzmwZTwZpICw=
Subject key identifier: 7B:DE:47:EF:26:AA:39:B8:64:98:E6:95:7E:70:EE:6B:33:1D:8A:64
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 018B8B02216566AFAF88C505AF6DB9190491
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/e95H7yaqObhkmOaVfnDuazMdimQ.roa
Signing time: Wed 01 Nov 2023 13:10:54 +0000
ROA not before: Wed 01 Nov 2023 13:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34397
IP address blocks: 213.210.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Nov 2023 07:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:02:21:65:66:af:af:88:c5:05:af:6d:b9:19:04:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Nov 1 13:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bde47ef26aa39b86498e6957e70ee6b331d8a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2a:e2:78:ab:72:ae:a0:24:ae:e9:8b:d8:9d:
b0:cd:41:a9:51:1f:a1:00:eb:1d:ce:d3:c8:88:83:
dc:f1:0f:b6:e3:be:dd:3f:da:18:67:f3:d3:b7:ea:
4c:7c:c8:0b:cd:01:01:80:56:e8:10:22:ba:e3:92:
20:7c:45:d0:fd:ab:a1:a1:8c:92:87:a8:74:28:b4:
5d:29:36:7b:b8:25:59:e3:11:1c:f5:ff:2e:ac:65:
a0:96:d8:bf:35:a2:24:22:fb:7d:5c:34:ef:d9:c6:
63:1b:86:e5:1b:5e:50:fd:ff:8f:95:94:12:d5:89:
84:52:8c:f1:8a:a1:15:dc:cc:77:75:9a:49:79:88:
1d:fc:f3:ef:9e:88:72:64:fd:92:b8:20:f0:ab:00:
8d:d6:ae:15:96:c8:25:25:a9:00:38:61:bb:87:d0:
dd:8f:8b:b6:f6:2c:e3:e4:f1:4d:ad:f1:23:80:c1:
20:14:df:e9:29:32:d5:cd:18:34:95:73:04:3f:9a:
4c:2e:0d:98:62:fa:5d:1c:e8:b1:45:18:7b:b5:76:
0d:70:50:f5:6c:74:af:a6:d7:a3:b5:cf:bd:59:a7:
d7:28:89:52:40:d3:be:b1:af:03:b6:21:c3:d9:86:
95:de:4c:14:10:26:12:84:2f:f0:b1:a0:f2:21:09:
9c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:DE:47:EF:26:AA:39:B8:64:98:E6:95:7E:70:EE:6B:33:1D:8A:64
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/e95H7yaqObhkmOaVfnDuazMdimQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.210.216.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:8d:c1:5c:ce:86:2d:1a:81:9d:17:55:dd:87:4e:cd:81:4e:
5a:7b:14:f8:7d:59:ed:06:69:0e:86:5d:43:a2:27:58:c8:97:
47:85:2e:4d:0f:fa:e8:e3:ed:aa:ef:a2:d0:f2:b2:7a:bc:29:
c4:b3:cb:16:a4:f3:2b:12:40:2e:cd:9e:70:d7:65:79:e0:e1:
37:29:08:dd:eb:9a:10:b1:78:ce:2b:97:a1:de:61:7b:ac:cf:
ea:ed:30:a6:c8:9b:89:33:82:d2:dd:28:f4:e3:f2:20:35:4a:
dc:08:d9:f3:b2:f8:51:02:87:c6:4a:c4:9a:fa:6a:89:f2:4b:
8b:90:7f:73:3c:3e:a7:8a:ee:a0:1e:a6:ea:65:b6:1c:01:09:
fb:ca:21:8c:65:22:71:3c:7b:ca:e4:3a:c7:c0:1c:9b:a2:f0:
d8:ed:0b:eb:9a:54:f6:22:36:88:2a:a2:3f:be:ba:10:7b:93:
7e:4e:e5:2d:a5:ca:d7:fc:38:e2:98:f1:9c:11:45:05:95:d7:
ca:bd:0f:9d:54:a7:ea:e6:5c:51:e4:f3:fe:79:20:9c:10:8d:
16:15:07:33:77:66:50:ab:c2:c8:06:d2:25:3b:67:cf:72:29:
82:68:f7:da:ce:fd:46:f6:b0:e6:65:55:18:2b:36:ab:f5:d0:
4b:07:75:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuLAiFlZq+viMUFr225GQSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjMxMTAxMTMxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmRlNDdlZjI2YWEzOWI4NjQ5OGU2OTU3ZTcwZWU2YjMzMWQ4YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApirieKtyrqAkrumL2J2wzUGpUR+h
AOsdztPIiIPc8Q+2477dP9oYZ/PTt+pMfMgLzQEBgFboECK645IgfEXQ/auhoYyS
h6h0KLRdKTZ7uCVZ4xEc9f8urGWglti/NaIkIvt9XDTv2cZjG4blG15Q/f+PlZQS
1YmEUozxiqEV3Mx3dZpJeYgd/PPvnohyZP2SuCDwqwCN1q4VlsglJakAOGG7h9Dd
j4u29izj5PFNrfEjgMEgFN/pKTLVzRg0lXMEP5pMLg2YYvpdHOixRRh7tXYNcFD1
bHSvptejtc+9WafXKIlSQNO+sa8DtiHD2YaV3kwUECYShC/wsaDyIQmcpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHveR+8mqjm4ZJjmlX5w7mszHYpkMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvZTk1SDd5YXFPYmhrbU9hVmZuRHVhek1kaW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dLYMA0G
CSqGSIb3DQEBCwUAA4IBAQBKjcFczoYtGoGdF1Xdh07NgU5aexT4fVntBmkOhl1D
oidYyJdHhS5ND/ro4+2q76LQ8rJ6vCnEs8sWpPMrEkAuzZ5w12V54OE3KQjd65oQ
sXjOK5eh3mF7rM/q7TCmyJuJM4LS3Sj04/IgNUrcCNnzsvhRAofGSsSa+mqJ8kuL
kH9zPD6niu6gHqbqZbYcAQn7yiGMZSJxPHvK5DrHwBybovDY7QvrmlT2IjaIKqI/
vroQe5N+TuUtpcrX/DjimPGcEUUFldfKvQ+dVKfq5lxR5PP+eSCcEI0WFQczd2ZQ
q8LIBtIlO2fPcimCaPfazv1G9rDmZVUYKzar9dBLB3Xe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:10 2024 by rpki-client on console-ams.rpki-client.org