Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/Dr3VKBjp_nXhrqs_7VmXc56s1d4.roa
File: Dr3VKBjp_nXhrqs_7VmXc56s1d4.roa (raw, json)
Hash identifier: 2uKUatRVdl0PhcY3E43iWUjHTiFZTr37peOU5AVTay8=
Subject key identifier: 0E:BD:D5:28:18:E9:FE:75:E1:AE:AB:3F:ED:59:97:73:9E:AC:D5:DE
Certificate issuer: /CN=ed2fa686d18c8020afc6adf55afdbe660dbaac15
Certificate serial: 01856D2F4DD30F67EFFEBDA5A7C89A628F38
Authority key identifier: ED:2F:A6:86:D1:8C:80:20:AF:C6:AD:F5:5A:FD:BE:66:0D:BA:AC:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7S-mhtGMgCCvxq31Wv2-Zg26rBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/Dr3VKBjp_nXhrqs_7VmXc56s1d4.roa
Signing time: Sun 01 Jan 2023 11:54:54 +0000
ROA not before: Sun 01 Jan 2023 11:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212870
IP address blocks: 212.104.212.0/22 maxlen: 22
91.198.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:4d:d3:0f:67:ef:fe:bd:a5:a7:c8:9a:62:8f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed2fa686d18c8020afc6adf55afdbe660dbaac15
Validity
Not Before: Jan 1 11:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ebdd52818e9fe75e1aeab3fed5997739eacd5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:39:4f:ec:5f:81:9f:80:29:a8:6c:1a:6c:fe:
ce:c1:69:66:93:cb:0e:32:3e:dd:10:3e:d7:c1:28:
9a:64:e3:04:1e:79:ca:0a:be:1d:f2:f8:f3:07:4a:
b4:7b:c7:77:a3:b9:1e:65:d6:e3:f3:e3:e5:b1:b1:
5d:63:2f:fb:11:e2:25:05:81:26:39:1b:f4:68:31:
c4:2f:b0:fd:9d:10:8f:3f:2f:9d:35:da:f9:de:cd:
b1:c2:11:01:bf:b3:44:0a:36:06:5c:33:00:bd:ca:
56:c6:26:2c:72:bb:d4:95:8b:95:d2:52:49:8f:0f:
e7:ce:48:1d:bd:7a:65:a4:1c:d7:e3:35:09:5d:f7:
4d:d3:3c:eb:15:55:3e:69:06:7f:0e:c4:06:65:bf:
91:b3:00:c6:d3:90:7c:5c:19:87:59:7f:97:47:68:
8f:80:ee:26:83:5f:e5:a0:75:ad:45:00:ec:19:3c:
be:4f:ee:b9:da:d2:27:30:03:b9:1f:4c:0e:f5:ad:
31:f9:9c:6b:54:25:0b:10:06:91:c6:84:61:cb:e1:
21:81:4b:07:cc:91:fe:2f:7a:12:a1:dd:78:bd:b6:
62:d3:a5:d8:8d:0c:a3:75:4b:18:cc:4b:9b:71:46:
75:e7:c6:7b:20:00:56:04:69:7d:ec:54:39:87:22:
83:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BD:D5:28:18:E9:FE:75:E1:AE:AB:3F:ED:59:97:73:9E:AC:D5:DE
X509v3 Authority Key Identifier:
keyid:ED:2F:A6:86:D1:8C:80:20:AF:C6:AD:F5:5A:FD:BE:66:0D:BA:AC:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7S-mhtGMgCCvxq31Wv2-Zg26rBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/Dr3VKBjp_nXhrqs_7VmXc56s1d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d78fc5-bf3e-4686-8d85-c33f8a21122c/1/7S-mhtGMgCCvxq31Wv2-Zg26rBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.188.0/24
212.104.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:c9:4d:d6:68:92:1d:58:c0:22:2f:21:0b:c6:c0:ac:ce:26:
41:2d:2d:a7:1e:0d:da:2c:09:c4:d9:05:15:ff:d8:29:74:ff:
1f:d3:bb:dc:0f:ea:c0:65:d1:42:d6:33:c5:4f:34:98:d6:1c:
f3:f6:36:5f:90:9e:57:b1:90:e7:de:78:9a:fd:c0:19:2a:1a:
5e:18:13:2a:58:73:7b:55:96:0a:be:6c:56:65:1b:31:5a:f6:
4f:48:aa:38:73:41:23:81:bb:1c:29:16:a6:ab:a7:af:5f:f4:
13:60:81:d5:f9:34:ea:a2:26:2d:55:62:5c:d2:b3:89:5b:db:
1b:d0:4d:eb:0c:a7:44:dd:ed:a8:5c:d7:b4:01:42:7d:53:8e:
d8:6f:81:09:62:33:9b:ce:6d:5e:fb:04:31:ed:2c:19:ab:42:
8d:45:2e:e4:70:5f:28:f1:e0:28:13:4e:ff:a0:d2:6f:1b:8f:
72:93:de:a5:2a:c0:5a:f0:a0:64:b6:a8:16:eb:39:ef:49:d7:
1f:03:0d:a2:83:bb:16:1d:8c:db:67:e1:19:a7:e5:4c:98:2a:
f9:ad:26:c5:05:94:15:bc:47:49:ff:e5:1d:ec:bc:2b:8d:4b:
8d:0a:94:10:b8:b3:3d:41:ba:29:be:b7:d4:00:9d:9d:b6:b4:
67:11:e2:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtL03TD2fv/r2lp8iaYo84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMmZhNjg2ZDE4YzgwMjBhZmM2YWRmNTVhZmRiZTY2MGRi
YWFjMTUwHhcNMjMwMTAxMTE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJkZDUyODE4ZTlmZTc1ZTFhZWFiM2ZlZDU5OTc3MzllYWNkNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzlP7F+Bn4ApqGwabP7OwWlmk8sO
Mj7dED7XwSiaZOMEHnnKCr4d8vjzB0q0e8d3o7keZdbj8+PlsbFdYy/7EeIlBYEm
ORv0aDHEL7D9nRCPPy+dNdr53s2xwhEBv7NECjYGXDMAvcpWxiYscrvUlYuV0lJJ
jw/nzkgdvXplpBzX4zUJXfdN0zzrFVU+aQZ/DsQGZb+RswDG05B8XBmHWX+XR2iP
gO4mg1/loHWtRQDsGTy+T+652tInMAO5H0wO9a0x+ZxrVCULEAaRxoRhy+EhgUsH
zJH+L3oSod14vbZi06XYjQyjdUsYzEubcUZ158Z7IABWBGl97FQ5hyKDrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA691SgY6f514a6rP+1Zl3OerNXeMB8GA1UdIwQY
MBaAFO0vpobRjIAgr8at9Vr9vmYNuqwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1MtbWh0R01nQ0N2eHEzMVd2Mi1aZzI2ckJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kNzhmYzUtYmYzZS00Njg2LThkODUt
YzMzZjhhMjExMjJjLzEvRHIzVktCanBfblhocnFzXzdWbVhjNTZzMWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kNzhmYzUtYmYzZS00Njg2LThkODUtYzMzZjhhMjExMjJj
LzEvN1MtbWh0R01nQ0N2eHEzMVd2Mi1aZzI2ckJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8a8AwQC
1GjUMA0GCSqGSIb3DQEBCwUAA4IBAQBKyU3WaJIdWMAiLyELxsCsziZBLS2nHg3a
LAnE2QUV/9gpdP8f07vcD+rAZdFC1jPFTzSY1hzz9jZfkJ5XsZDn3nia/cAZKhpe
GBMqWHN7VZYKvmxWZRsxWvZPSKo4c0EjgbscKRamq6evX/QTYIHV+TTqoiYtVWJc
0rOJW9sb0E3rDKdE3e2oXNe0AUJ9U47Yb4EJYjObzm1e+wQx7SwZq0KNRS7kcF8o
8eAoE07/oNJvG49yk96lKsBa8KBktqgW6znvSdcfAw2ig7sWHYzbZ+EZp+VMmCr5
rSbFBZQVvEdJ/+Ud7LwrjUuNCpQQuLM9QbopvrfUAJ2dtrRnEeII
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:02 2024 by rpki-client on console-fra.rpki-client.org