Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/wZFlUFZkORZYvu5KA6YAvpwAibo.roa
File: wZFlUFZkORZYvu5KA6YAvpwAibo.roa (raw, json)
Hash identifier: a9WpJP9BTsnIn0P0JyFiI3t1CIlR3JozPHxxmlXbO9o=
Subject key identifier: C1:91:65:50:56:64:39:16:58:BE:EE:4A:03:A6:00:BE:9C:00:89:BA
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 0186A14D16BAE69FEED3A4A588F07097CF76
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/wZFlUFZkORZYvu5KA6YAvpwAibo.roa
Signing time: Thu 02 Mar 2023 07:50:29 +0000
ROA not before: Thu 02 Mar 2023 07:50:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8982
IP address blocks: 212.120.0.0/23 maxlen: 23
212.120.0.0/19 maxlen: 19
212.120.3.0/24 maxlen: 24
212.120.2.0/24 maxlen: 24
212.120.4.0/24 maxlen: 24
212.120.8.0/24 maxlen: 24
212.120.10.0/24 maxlen: 24
212.120.9.0/24 maxlen: 24
212.120.11.0/24 maxlen: 24
212.120.5.0/24 maxlen: 24
212.120.7.0/24 maxlen: 24
212.120.6.0/24 maxlen: 24
212.120.12.0/24 maxlen: 24
212.120.14.0/24 maxlen: 24
212.120.13.0/24 maxlen: 24
212.120.15.0/24 maxlen: 24
212.120.17.0/24 maxlen: 24
212.120.16.0/24 maxlen: 24
212.120.19.0/24 maxlen: 24
212.120.18.0/24 maxlen: 24
212.120.20.0/24 maxlen: 24
2a03:2560::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:4d:16:ba:e6:9f:ee:d3:a4:a5:88:f0:70:97:cf:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Mar 2 07:50:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c19165505664391658beee4a03a600be9c0089ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:27:56:53:04:aa:f0:32:fc:11:c7:38:f4:fa:
a2:13:2a:d3:29:dc:2f:07:0b:61:37:ca:86:3c:9b:
72:91:23:66:13:3a:df:20:06:d6:17:db:78:14:d0:
51:75:64:5e:7a:1d:d7:84:c2:5e:28:83:d9:02:a7:
c6:91:47:7d:d4:94:0f:dd:49:38:a1:f0:c6:94:cb:
1f:43:89:a8:cd:e0:ca:dc:a3:c9:29:f3:54:66:9d:
24:d5:14:b2:3c:c5:2a:35:b4:51:20:2d:36:e4:4a:
5d:36:5a:a9:31:54:b5:7f:07:29:d5:2b:fd:12:e4:
ab:41:b0:78:88:f7:42:c5:52:e1:65:98:dc:a5:aa:
c7:83:8b:4d:4e:29:30:18:9c:27:be:7f:72:be:a0:
84:fe:6e:6e:56:17:28:be:d8:0f:18:10:a1:c4:e2:
e8:ab:f7:ec:c0:36:63:0d:86:dc:99:41:2c:83:08:
31:c9:6a:19:fb:21:f8:15:7a:bd:b6:34:6d:c5:22:
14:b7:52:6f:a5:92:d2:40:13:74:c9:bd:e4:74:35:
f8:6c:9d:27:73:95:8b:59:a7:a3:21:1d:35:ae:6c:
23:d0:02:8a:16:e2:42:05:81:50:72:d9:44:c2:d6:
12:7f:ea:df:d1:28:3f:8b:39:11:f5:1a:b8:72:f0:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:91:65:50:56:64:39:16:58:BE:EE:4A:03:A6:00:BE:9C:00:89:BA
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/wZFlUFZkORZYvu5KA6YAvpwAibo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.120.0.0/19
IPv6:
2a03:2560::/32
Signature Algorithm: sha256WithRSAEncryption
dc:8e:78:4a:9f:07:d6:87:c2:f4:0f:06:be:90:a4:62:c5:21:
ce:eb:50:2b:da:aa:67:e5:5a:f3:0a:6a:5e:a4:d1:3e:77:61:
2a:e8:12:7a:23:86:fb:70:fc:4b:be:c0:1e:11:d2:17:bf:df:
be:7b:6e:47:26:48:df:f7:6f:d5:8f:0e:11:1f:85:5a:ff:ad:
d2:54:a5:68:ae:dc:27:4c:c4:79:96:b6:45:6b:56:4e:2a:26:
22:70:a9:74:89:91:4e:f7:b1:8e:a5:5c:de:90:83:3d:67:01:
ea:42:8b:af:7b:06:af:33:a5:3c:ff:40:76:cc:da:a2:d0:5e:
ce:8b:0b:2a:19:35:75:ef:d6:90:12:86:3d:56:fb:d2:5e:f5:
ba:24:0b:6a:84:b1:93:a5:7d:e9:5d:57:ea:d5:27:65:d9:39:
da:fa:83:ac:c0:b7:45:dd:c2:ee:6b:e9:8c:c5:ac:81:52:84:
a5:e6:1e:5a:ca:03:a5:33:12:0b:03:8c:b5:9b:81:33:3b:34:
c9:e6:aa:c2:c2:c0:90:f9:40:ad:b0:24:bc:55:a1:7c:04:8e:
33:8e:ff:ba:33:d4:47:83:5a:2f:75:7a:75:e0:bd:88:44:1d:
e2:a3:d3:c1:9b:71:e7:36:9f:3c:97:c0:74:5e:a2:6e:97:24:
f5:ab:7c:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYahTRa65p/u06SliPBwl892MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMzA5MjFkMjhjNzhlZGU4MTg0MmY3MTJlNmNmNzJiZGU1
YTYwODAwHhcNMjMwMzAyMDc1MDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTkxNjU1MDU2NjQzOTE2NThiZWVlNGEwM2E2MDBiZTljMDA4OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSdWUwSq8DL8Ecc49PqiEyrTKdwv
BwthN8qGPJtykSNmEzrfIAbWF9t4FNBRdWReeh3XhMJeKIPZAqfGkUd91JQP3Uk4
ofDGlMsfQ4mozeDK3KPJKfNUZp0k1RSyPMUqNbRRIC025EpdNlqpMVS1fwcp1Sv9
EuSrQbB4iPdCxVLhZZjcparHg4tNTikwGJwnvn9yvqCE/m5uVhcovtgPGBChxOLo
q/fswDZjDYbcmUEsgwgxyWoZ+yH4FXq9tjRtxSIUt1JvpZLSQBN0yb3kdDX4bJ0n
c5WLWaejIR01rmwj0AKKFuJCBYFQctlEwtYSf+rf0Sg/izkR9Rq4cvAtlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMGRZVBWZDkWWL7uSgOmAL6cAIm6MB8GA1UdIwQY
MBaAFKswkh0ox47egYQvcS5s9yveWmCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2Et
MzU0Mzk5NzI0YjFlLzEvd1pGbFVGWmtPUlpZdnU1S0E2WUF2cHdBaWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2EtMzU0Mzk5NzI0YjFl
LzEvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1HgAMA0E
AgACMAcDBQAqAyVgMA0GCSqGSIb3DQEBCwUAA4IBAQDcjnhKnwfWh8L0Dwa+kKRi
xSHO61Ar2qpn5VrzCmpepNE+d2Eq6BJ6I4b7cPxLvsAeEdIXv9++e25HJkjf92/V
jw4RH4Va/63SVKVortwnTMR5lrZFa1ZOKiYicKl0iZFO97GOpVzekIM9ZwHqQouv
ewavM6U8/0B2zNqi0F7OiwsqGTV179aQEoY9VvvSXvW6JAtqhLGTpX3pXVfq1Sdl
2Tna+oOswLdF3cLua+mMxayBUoSl5h5aygOlMxILA4y1m4EzOzTJ5qrCwsCQ+UCt
sCS8VaF8BI4zjv+6M9RHg1ovdXp14L2IRB3io9PBm3HnNp88l8B0XqJulyT1q3xa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org