Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/EthGpA5zC3qtgs4MqVCktFgN98U.roa
File: EthGpA5zC3qtgs4MqVCktFgN98U.roa (raw, json)
Hash identifier: NXJjbu0RjbDDLPZ650W0yOVuXpQh+IenS6fb6JUUGdo=
Subject key identifier: 12:D8:46:A4:0E:73:0B:7A:AD:82:CE:0C:A9:50:A4:B4:58:0D:F7:C5
Certificate issuer: /CN=b0beed6ede9eb285bd2a6abb985adcdbe8f2779a
Certificate serial: 018CC9BA7C23DC4E82FAFBC7C0442B30793E
Authority key identifier: B0:BE:ED:6E:DE:9E:B2:85:BD:2A:6A:BB:98:5A:DC:DB:E8:F2:77:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sL7tbt6esoW9Kmq7mFrc2-jyd5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/EthGpA5zC3qtgs4MqVCktFgN98U.roa
Signing time: Tue 02 Jan 2024 10:31:31 +0000
ROA not before: Tue 02 Jan 2024 10:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 131.117.201.0/24 maxlen: 24
131.117.202.0/24 maxlen: 24
131.117.203.0/24 maxlen: 24
131.117.204.0/24 maxlen: 24
131.117.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 09:18:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:7c:23:dc:4e:82:fa:fb:c7:c0:44:2b:30:79:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0beed6ede9eb285bd2a6abb985adcdbe8f2779a
Validity
Not Before: Jan 2 10:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12d846a40e730b7aad82ce0ca950a4b4580df7c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cb:e8:3a:54:85:6d:f1:be:0d:47:a4:49:10:
69:2c:48:a5:c1:5e:b8:03:7c:76:1f:cd:3b:12:65:
ac:c1:6f:2d:6a:5d:67:b7:8b:49:5c:de:14:f6:13:
0a:73:81:20:d3:fe:13:31:2e:4f:16:84:ab:7c:38:
18:94:80:45:68:90:5f:61:d1:06:da:f6:b3:70:e4:
f9:09:96:7d:85:5b:9d:43:92:92:3b:6f:51:49:66:
52:f9:d5:74:cf:22:99:29:b1:29:3b:6c:76:2e:50:
fc:24:62:94:de:0e:6b:a8:f8:f2:db:41:bb:d9:de:
35:ec:c7:96:2c:a7:0d:3f:ff:0f:ef:e0:24:19:70:
98:12:c3:a8:bf:a7:6f:94:68:dd:3b:24:77:64:b9:
be:9a:61:9d:80:49:28:37:67:73:53:0f:be:f9:e3:
43:74:69:fd:7b:9d:b8:12:bc:46:9c:7c:da:c8:e3:
ba:5d:17:43:76:08:dd:25:10:5f:7b:4f:ab:ed:f1:
e9:4a:76:8c:47:1f:e4:ff:47:66:0e:3d:c1:83:9b:
fd:ce:1f:7f:3d:f1:8e:8a:f6:25:d9:58:e2:12:06:
08:69:c2:63:70:f9:84:5c:8e:92:ab:f5:a3:cc:1a:
57:fe:a4:7f:7b:b6:4d:f8:ef:36:19:83:e2:17:6f:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D8:46:A4:0E:73:0B:7A:AD:82:CE:0C:A9:50:A4:B4:58:0D:F7:C5
X509v3 Authority Key Identifier:
keyid:B0:BE:ED:6E:DE:9E:B2:85:BD:2A:6A:BB:98:5A:DC:DB:E8:F2:77:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL7tbt6esoW9Kmq7mFrc2-jyd5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/EthGpA5zC3qtgs4MqVCktFgN98U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/sL7tbt6esoW9Kmq7mFrc2-jyd5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.200.0-131.117.204.255
Signature Algorithm: sha256WithRSAEncryption
75:88:90:6b:4a:f1:58:67:e1:d0:de:cd:41:b3:9f:54:7a:a8:
48:b2:25:dc:bc:bb:fd:06:11:5d:15:27:a6:24:4c:51:47:45:
2f:8a:d8:5e:e8:8f:96:9d:60:53:8b:06:5a:95:60:94:3e:cc:
25:aa:be:df:a5:9c:5e:8d:96:5e:25:1a:cb:a2:07:d3:f2:f5:
fa:f9:23:d6:39:3d:b5:6b:76:a3:7c:f0:46:ef:3f:d7:64:88:
32:15:ba:47:8a:82:a4:eb:92:62:31:97:e7:42:bb:6f:a6:55:
52:16:ec:e3:3a:e4:a9:02:7b:6c:d8:e5:82:2c:54:c6:3d:c0:
f5:cb:34:f0:84:d6:ac:41:19:74:b3:20:98:c9:39:c4:50:99:
d6:6f:e3:e0:ab:e3:0d:90:d0:f9:d6:b5:09:a1:ae:b1:da:f7:
65:27:5b:61:f5:7b:2a:0f:cf:ce:32:f1:d0:c4:02:3a:1e:bd:
79:3f:be:e4:cd:a7:e9:f6:86:6a:bd:3d:2c:04:9e:ea:91:34:
55:4a:35:b0:da:70:cb:d7:68:dc:e2:56:4c:d0:b4:c1:e1:45:
35:99:97:5b:fc:b3:1f:96:1b:8c:f8:c2:71:32:b0:c2:8c:bf:
70:f3:00:c7:24:ac:a3:74:ea:75:6b:2c:6e:a7:f3:08:77:cb:
e9:8f:15:16
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJunwj3E6C+vvHwEQrMHk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmVlZDZlZGU5ZWIyODViZDJhNmFiYjk4NWFkY2RiZThm
Mjc3OWEwHhcNMjQwMTAyMTAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQ4NDZhNDBlNzMwYjdhYWQ4MmNlMGNhOTUwYTRiNDU4MGRmN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMvoOlSFbfG+DUekSRBpLEilwV64
A3x2H807EmWswW8tal1nt4tJXN4U9hMKc4Eg0/4TMS5PFoSrfDgYlIBFaJBfYdEG
2vazcOT5CZZ9hVudQ5KSO29RSWZS+dV0zyKZKbEpO2x2LlD8JGKU3g5rqPjy20G7
2d417MeWLKcNP/8P7+AkGXCYEsOov6dvlGjdOyR3ZLm+mmGdgEkoN2dzUw+++eND
dGn9e524ErxGnHzayOO6XRdDdgjdJRBfe0+r7fHpSnaMRx/k/0dmDj3Bg5v9zh9/
PfGOivYl2VjiEgYIacJjcPmEXI6Sq/WjzBpX/qR/e7ZN+O82GYPiF29ljwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBLYRqQOcwt6rYLODKlQpLRYDffFMB8GA1UdIwQY
MBaAFLC+7W7enrKFvSpqu5ha3Nvo8neaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0w3dGJ0NmVzb1c5S21xN21GcmMyLWp5ZDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hZDBkNmQtZjk0OS00NmRiLTk4MWYt
YjM4ZDdmNzA5ZDcwLzEvRXRoR3BBNXpDM3F0Z3M0TXFWQ2t0RmdOOThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hZDBkNmQtZjk0OS00NmRiLTk4MWYtYjM4ZDdmNzA5ZDcw
LzEvc0w3dGJ0NmVzb1c5S21xN21GcmMyLWp5ZDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAODdcgD
BACDdcwwDQYJKoZIhvcNAQELBQADggEBAHWIkGtK8Vhn4dDezUGzn1R6qEiyJdy8
u/0GEV0VJ6YkTFFHRS+K2F7oj5adYFOLBlqVYJQ+zCWqvt+lnF6Nll4lGsuiB9Py
9fr5I9Y5PbVrdqN88EbvP9dkiDIVukeKgqTrkmIxl+dCu2+mVVIW7OM65KkCe2zY
5YIsVMY9wPXLNPCE1qxBGXSzIJjJOcRQmdZv4+Cr4w2Q0PnWtQmhrrHa92UnW2H1
eyoPz84y8dDEAjoevXk/vuTNp+n2hmq9PSwEnuqRNFVKNbDacMvXaNziVkzQtMHh
RTWZl1v8sx+WG4z4wnEysMKMv3DzAMckrKN06nVrLG6n8wh3y+mPFRY=
-----END CERTIFICATE-----
Generated at Fri Jul 12 10:42:06 2024 by rpki-client on console-ams.rpki-client.org