Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/caM2Fs4GOQPH_JvCeD0lTYROJOQ.roa
File: caM2Fs4GOQPH_JvCeD0lTYROJOQ.roa (raw, json)
Hash identifier: Ecm6vYDnumSz2wUPKlXff920JmZyJ9KeDasH6zw4wM4=
Subject key identifier: 71:A3:36:16:CE:06:39:03:C7:FC:9B:C2:78:3D:25:4D:84:4E:24:E4
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189F56648902820DB8ACEF2FFE00A210D3D
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/caM2Fs4GOQPH_JvCeD0lTYROJOQ.roa
Signing time: Mon 14 Aug 2023 18:54:28 +0000
ROA not before: Mon 14 Aug 2023 18:54:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 213.209.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 13:45:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:66:48:90:28:20:db:8a:ce:f2:ff:e0:0a:21:0d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 14 18:54:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71a33616ce063903c7fc9bc2783d254d844e24e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:ff:67:c6:66:b2:b9:b6:9a:b3:ad:47:f5:
a7:1e:b8:09:41:69:06:05:a8:83:de:d9:ad:af:2c:
55:a1:f1:06:d2:74:e9:36:30:9d:d1:99:e1:92:4a:
c2:f3:94:b7:6e:9b:a8:8f:91:ad:47:f7:0c:7e:60:
dd:fb:0f:de:bd:56:a0:81:11:45:3b:a3:2a:ba:44:
2b:bb:a4:d0:5c:d7:35:97:8b:1b:50:6f:58:d2:7d:
b1:8f:b9:b3:3d:e6:b6:81:ab:db:10:1e:13:f6:dd:
79:23:e6:1f:d7:c1:91:f8:3f:c8:a3:99:a1:57:e3:
07:91:b4:51:d9:2a:e9:9e:ea:83:74:9d:50:b6:b2:
69:57:c6:d0:fb:5f:d8:f3:b7:3c:75:f2:6c:1b:0d:
9b:d5:de:18:ba:9b:c7:6b:c4:0a:00:52:7d:ce:07:
bb:94:9b:25:d5:66:cb:90:f7:39:6d:18:ce:21:08:
d0:94:e8:46:e3:74:07:d8:54:de:91:47:8e:76:a9:
a2:73:d8:ff:90:32:fe:4e:58:57:81:0e:d5:2a:17:
28:cb:60:21:30:7c:ea:38:f3:9b:97:ae:39:94:58:
09:e2:b8:77:0a:ef:c6:76:b6:ed:10:74:e4:8e:f7:
c7:dd:5f:db:06:86:71:c3:e0:96:d6:25:cf:b7:41:
c8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A3:36:16:CE:06:39:03:C7:FC:9B:C2:78:3D:25:4D:84:4E:24:E4
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/caM2Fs4GOQPH_JvCeD0lTYROJOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
75:99:4d:ad:c3:08:e4:f7:ad:1d:20:74:b1:2c:73:7e:84:e5:
f4:86:1c:fa:c4:88:34:87:d9:8a:49:dc:44:8a:1b:4f:e3:7f:
d0:a6:ef:36:ee:1c:d0:49:e5:c0:3b:39:f5:72:7f:02:14:60:
64:a2:71:b0:a8:9e:8b:71:d6:f3:a3:c0:86:a8:8b:5c:aa:e8:
6c:11:77:8e:08:ea:f4:4f:6b:20:14:1d:9d:81:1c:8b:d6:2d:
16:4e:87:c8:6b:bc:86:57:c1:15:a4:b2:a1:97:bb:e1:c3:4c:
04:3e:4a:d1:fa:38:27:8e:4d:9b:ef:df:9a:24:74:10:0d:e8:
cb:5e:14:29:81:90:bf:9b:ef:94:65:b3:8b:c8:87:38:51:78:
30:5c:33:ad:b5:7e:c8:9b:96:eb:7c:89:de:93:f5:ed:ec:ac:
1b:c0:c8:11:fc:d8:27:a2:5d:7f:35:27:27:57:d5:3b:c2:86:
0b:41:49:ad:12:e6:f6:91:1f:b1:fd:0b:2e:a0:c7:56:57:06:
45:90:1c:4c:8a:7f:47:36:a4:3f:4e:ea:b1:a2:93:fc:b5:3c:
41:2e:3a:5a:a1:8f:bc:8c:32:5f:8b:77:24:fd:15:4a:31:2c:
4a:c2:4a:57:b6:4a:ba:55:99:f9:dd:57:68:32:34:6a:ea:09:
b9:2f:32:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn1ZkiQKCDbis7y/+AKIQ09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODE0MTg1NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWEzMzYxNmNlMDYzOTAzYzdmYzliYzI3ODNkMjU0ZDg0NGUyNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFj/Z8Zmsrm2mrOtR/WnHrgJQWkG
BaiD3tmtryxVofEG0nTpNjCd0ZnhkkrC85S3bpuoj5GtR/cMfmDd+w/evVaggRFF
O6MqukQru6TQXNc1l4sbUG9Y0n2xj7mzPea2gavbEB4T9t15I+Yf18GR+D/Io5mh
V+MHkbRR2SrpnuqDdJ1QtrJpV8bQ+1/Y87c8dfJsGw2b1d4YupvHa8QKAFJ9zge7
lJsl1WbLkPc5bRjOIQjQlOhG43QH2FTekUeOdqmic9j/kDL+TlhXgQ7VKhcoy2Ah
MHzqOPObl645lFgJ4rh3Cu/GdrbtEHTkjvfH3V/bBoZxw+CW1iXPt0HINQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGjNhbOBjkDx/ybwng9JU2ETiTkMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvY2FNMkZzNEdPUVBIX0p2Q2VEMGxUWVJPSk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGBMA0G
CSqGSIb3DQEBCwUAA4IBAQB1mU2twwjk960dIHSxLHN+hOX0hhz6xIg0h9mKSdxE
ihtP43/Qpu827hzQSeXAOzn1cn8CFGBkonGwqJ6Lcdbzo8CGqItcquhsEXeOCOr0
T2sgFB2dgRyL1i0WTofIa7yGV8EVpLKhl7vhw0wEPkrR+jgnjk2b79+aJHQQDejL
XhQpgZC/m++UZbOLyIc4UXgwXDOttX7Im5brfInek/Xt7KwbwMgR/Ngnol1/NScn
V9U7woYLQUmtEub2kR+x/QsuoMdWVwZFkBxMin9HNqQ/TuqxopP8tTxBLjpaoY+8
jDJfi3ck/RVKMSxKwkpXtkq6VZn53VdoMjRq6gm5LzLE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org