Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/ihWaQGa__j7ECpjCxNMWIeCkaVQ.roa
File: ihWaQGa__j7ECpjCxNMWIeCkaVQ.roa (raw, json)
Hash identifier: bUBqmbts44VYCHgqmwqaiUfJHkdZonJRxaXsjD/L4cI=
Subject key identifier: 8A:15:9A:40:66:BF:FE:3E:C4:0A:98:C2:C4:D3:16:21:E0:A4:69:54
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01938B489546D091D4AE093450BED172857A
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/ihWaQGa__j7ECpjCxNMWIeCkaVQ.roa
Signing time: Tue 03 Dec 2024 06:50:09 +0000
ROA not before: Tue 03 Dec 2024 06:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 212.113.99.0/24 maxlen: 24
212.113.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 10:33:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:48:95:46:d0:91:d4:ae:09:34:50:be:d1:72:85:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Dec 3 06:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a159a4066bffe3ec40a98c2c4d31621e0a46954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:6e:d9:5f:32:d2:17:49:5d:3f:07:07:51:
ab:40:a3:de:14:82:b7:34:3a:19:f5:ab:15:44:99:
0e:7e:aa:48:f8:c4:26:e8:61:f5:4a:0d:2a:06:d1:
ac:e6:8a:59:e3:09:d0:6d:6d:29:c0:98:3e:bf:22:
1d:81:40:ef:13:a6:66:12:43:3c:3f:d5:1a:c7:8c:
2e:c7:3d:b7:ed:19:86:3d:1f:02:35:79:4d:5c:62:
2b:c8:0b:f7:f2:5c:30:34:e4:f6:12:55:f3:1e:40:
a5:71:e8:61:13:c3:96:76:e2:f5:2c:05:49:d9:fb:
e9:27:fa:46:15:0c:d0:10:bc:41:b2:65:d4:40:ef:
5f:97:ff:cd:af:9a:50:75:ba:79:be:e0:b5:68:1a:
18:08:82:1a:45:d1:f7:33:38:fc:b7:2c:e4:21:1a:
da:3e:f9:fa:5a:6f:ef:69:8b:75:c1:e5:eb:9d:7d:
18:67:a9:b0:01:9f:cd:1e:b1:d0:c4:e8:61:29:17:
c6:e2:9a:7a:71:f5:e4:4d:f8:40:99:f7:3b:7d:b4:
82:f6:a8:66:2b:ce:dd:41:85:57:8b:15:6f:83:77:
0d:7c:c7:e8:33:25:12:05:73:3a:15:dc:5e:a7:0b:
a7:42:4c:d5:c8:9e:21:d8:b0:e1:9c:2a:2e:de:b0:
71:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:15:9A:40:66:BF:FE:3E:C4:0A:98:C2:C4:D3:16:21:E0:A4:69:54
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/ihWaQGa__j7ECpjCxNMWIeCkaVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.99.0/24
212.113.112.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:79:82:ef:df:fa:b7:c2:09:f5:94:99:ed:59:53:c1:3b:f2:
69:71:9d:ed:a8:a8:2d:50:ec:a4:aa:28:34:2f:cc:90:8f:93:
dd:9e:f6:66:62:64:ab:73:bf:a8:1e:65:7b:e2:ae:2b:04:f4:
16:1e:f2:da:cd:da:34:40:4a:9c:83:a7:f5:55:d1:3e:7e:09:
9a:80:09:4c:c0:dd:31:64:51:0c:db:36:50:2e:2a:fc:c7:f2:
33:c0:ce:1e:36:da:a1:4e:40:d4:54:85:9f:12:ce:90:88:c0:
5a:5a:d4:76:72:27:6a:b7:9d:3e:9f:dd:31:f6:e0:a0:5b:f6:
64:b0:1b:60:b9:2d:42:9e:88:a0:8b:d0:40:c4:19:7f:13:55:
1f:a2:32:11:07:39:7f:d0:4b:9a:39:6c:05:2e:6d:db:82:07:
ec:d9:43:39:42:ae:99:54:fa:ed:c1:6b:3f:e2:11:1f:d4:7f:
6f:55:2a:fe:e5:fc:d0:1f:2b:4f:0a:ac:2e:01:c8:95:52:7e:
bf:55:82:ec:e1:d4:94:1a:08:2f:63:11:be:52:d2:e6:1d:af:
62:01:aa:2d:a7:63:e7:53:08:c0:e7:e9:da:5d:e9:fb:80:0c:
30:e9:5f:be:c3:08:22:a1:3a:7c:1a:09:12:ea:b1:28:2c:eb:
09:9c:88:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOLSJVG0JHUrgk0UL7RcoV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjQxMjAzMDY1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE1OWE0MDY2YmZmZTNlYzQwYTk4YzJjNGQzMTYyMWUwYTQ2OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWZu2V8y0hdJXT8HB1GrQKPeFIK3
NDoZ9asVRJkOfqpI+MQm6GH1Sg0qBtGs5opZ4wnQbW0pwJg+vyIdgUDvE6ZmEkM8
P9Uax4wuxz237RmGPR8CNXlNXGIryAv38lwwNOT2ElXzHkClcehhE8OWduL1LAVJ
2fvpJ/pGFQzQELxBsmXUQO9fl//Nr5pQdbp5vuC1aBoYCIIaRdH3Mzj8tyzkIRra
Pvn6Wm/vaYt1weXrnX0YZ6mwAZ/NHrHQxOhhKRfG4pp6cfXkTfhAmfc7fbSC9qhm
K87dQYVXixVvg3cNfMfoMyUSBXM6FdxepwunQkzVyJ4h2LDhnCou3rBxCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIoVmkBmv/4+xAqYwsTTFiHgpGlUMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvaWhXYVFHYV9fajdFQ3BqQ3hOTVdJZUNrYVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HFjAwQA
1HFwMA0GCSqGSIb3DQEBCwUAA4IBAQB7eYLv3/q3wgn1lJntWVPBO/JpcZ3tqKgt
UOykqig0L8yQj5PdnvZmYmSrc7+oHmV74q4rBPQWHvLazdo0QEqcg6f1VdE+fgma
gAlMwN0xZFEM2zZQLir8x/IzwM4eNtqhTkDUVIWfEs6QiMBaWtR2cidqt50+n90x
9uCgW/ZksBtguS1Cnoigi9BAxBl/E1UfojIRBzl/0EuaOWwFLm3bggfs2UM5Qq6Z
VPrtwWs/4hEf1H9vVSr+5fzQHytPCqwuAciVUn6/VYLs4dSUGggvYxG+UtLmHa9i
Aaotp2PnUwjA5+naXen7gAww6V++wwgioTp8GgkS6rEoLOsJnIjX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:09 2025 by rpki-client