Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BRhYfnzT9bWpz7MeEhys79wAefg.roa
File: BRhYfnzT9bWpz7MeEhys79wAefg.roa (raw, json)
Hash identifier: /EZuRVdpGPA6aqa3hmHTH9UeqBbAa+td1bsg74IVaOg=
Subject key identifier: 05:18:58:7E:7C:D3:F5:B5:A9:CF:B3:1E:12:1C:AC:EF:DC:00:79:F8
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018B616820684B29CEFD468BCF4DF79390CF
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BRhYfnzT9bWpz7MeEhys79wAefg.roa
Signing time: Tue 24 Oct 2023 11:18:15 +0000
ROA not before: Tue 24 Oct 2023 11:18:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 213.209.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Nov 2023 15:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:68:20:68:4b:29:ce:fd:46:8b:cf:4d:f7:93:90:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Oct 24 11:18:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0518587e7cd3f5b5a9cfb31e121cacefdc0079f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:d3:1b:d7:7a:22:0c:36:1e:dc:60:7f:c2:
e9:61:5d:a4:f7:4e:87:72:7a:b0:ec:6c:4d:c8:81:
b1:40:e0:43:0e:95:03:fa:cc:7e:8d:91:75:d0:2d:
af:a6:61:ab:f6:b9:b7:d2:14:18:26:7e:75:27:15:
8f:b6:a8:6f:39:ec:c3:87:32:6b:c5:ae:92:59:77:
43:f9:a0:be:ae:26:95:fe:3d:c0:2e:e9:04:4b:3f:
8e:3d:2b:39:2b:97:39:b3:04:fc:03:5a:a0:bc:3a:
fa:2f:ca:89:58:89:bd:22:fd:91:d6:3f:c3:5f:ea:
be:12:61:59:a4:ad:93:f3:67:7a:87:94:7f:0a:9f:
eb:41:11:30:8d:c7:ec:c8:ae:be:c6:19:8b:a7:11:
91:db:79:fb:10:d6:9e:0c:ca:68:91:de:7a:8a:a6:
97:81:80:83:cc:01:97:ea:93:9a:9c:52:6f:55:95:
5b:3b:cb:00:7f:ac:ef:2b:2f:b4:37:56:b7:b1:6c:
59:7e:ad:26:dd:39:5b:38:5b:16:01:de:c1:67:78:
11:9c:1d:04:7e:17:2f:ef:f7:ee:96:8f:f3:82:05:
b2:91:ae:60:39:4d:84:f1:32:d2:45:bf:06:9e:49:
55:01:eb:60:78:1d:a3:1f:3b:5f:68:08:ea:dc:2a:
78:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:18:58:7E:7C:D3:F5:B5:A9:CF:B3:1E:12:1C:AC:EF:DC:00:79:F8
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BRhYfnzT9bWpz7MeEhys79wAefg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.143.0/24
Signature Algorithm: sha256WithRSAEncryption
12:7c:9e:93:42:93:ae:97:46:ed:93:66:d5:07:02:70:47:a2:
69:36:85:33:32:93:71:8e:32:26:12:3e:c6:ca:78:03:cc:41:
ab:cf:93:7a:ef:30:6b:c5:b2:d2:c8:d9:83:0e:14:07:97:94:
24:16:91:f2:e9:b4:ea:c7:d6:12:b4:ea:d0:d2:f3:41:fa:1b:
1e:41:7e:da:e2:50:ab:3a:cf:bb:5e:f6:22:a9:6f:ec:c3:50:
ea:0a:ac:5f:35:d5:93:61:85:61:20:21:50:cc:8e:ff:e9:8f:
89:14:2c:0e:8e:77:3a:6c:5a:df:5a:5f:db:7f:8d:e0:8c:56:
f0:53:ed:be:48:77:ee:1c:f4:65:f3:69:fd:3d:15:81:9c:58:
00:c4:13:4e:d1:7f:e5:0a:43:5f:6f:bd:9c:d0:ed:96:0b:82:
21:6f:c1:9f:fb:4b:48:97:8f:f4:55:f7:e9:5a:91:08:a9:23:
f0:a3:5a:e5:ee:b5:a6:0e:05:c3:ce:f4:96:68:6d:ac:14:72:
e7:62:04:1f:f9:d9:72:fb:ad:69:83:02:ab:db:b8:bc:be:98:
a7:e7:18:77:d5:94:a3:e2:30:d5:4d:74:a4:73:34:d1:a9:b6:
3f:20:a3:e7:21:98:de:84:da:c6:18:89:3a:3d:f7:49:90:1b:
b8:81:09:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYthaCBoSynO/UaLz033k5DPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMxMDI0MTExODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE4NTg3ZTdjZDNmNWI1YTljZmIzMWUxMjFjYWNlZmRjMDA3OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG3TG9d6Igw2Htxgf8LpYV2k906H
cnqw7GxNyIGxQOBDDpUD+sx+jZF10C2vpmGr9rm30hQYJn51JxWPtqhvOezDhzJr
xa6SWXdD+aC+riaV/j3ALukESz+OPSs5K5c5swT8A1qgvDr6L8qJWIm9Iv2R1j/D
X+q+EmFZpK2T82d6h5R/Cp/rQREwjcfsyK6+xhmLpxGR23n7ENaeDMpokd56iqaX
gYCDzAGX6pOanFJvVZVbO8sAf6zvKy+0N1a3sWxZfq0m3TlbOFsWAd7BZ3gRnB0E
fhcv7/fulo/zggWyka5gOU2E8TLSRb8GnklVAetgeB2jHztfaAjq3Cp4twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUYWH580/W1qc+zHhIcrO/cAHn4MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvQlJoWWZuelQ5YldwejdNZUVoeXM3OXdBZWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGPMA0G
CSqGSIb3DQEBCwUAA4IBAQASfJ6TQpOul0btk2bVBwJwR6JpNoUzMpNxjjImEj7G
yngDzEGrz5N67zBrxbLSyNmDDhQHl5QkFpHy6bTqx9YStOrQ0vNB+hseQX7a4lCr
Os+7XvYiqW/sw1DqCqxfNdWTYYVhICFQzI7/6Y+JFCwOjnc6bFrfWl/bf43gjFbw
U+2+SHfuHPRl82n9PRWBnFgAxBNO0X/lCkNfb72c0O2WC4Ihb8Gf+0tIl4/0Vffp
WpEIqSPwo1rl7rWmDgXDzvSWaG2sFHLnYgQf+dly+61pgwKr27i8vpin5xh31ZSj
4jDVTXSkczTRqbY/IKPnIZjehNrGGIk6PfdJkBu4gQm/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org