Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/2gf75ybNcWte-YXJViT6ywLPiEQ.roa
File: 2gf75ybNcWte-YXJViT6ywLPiEQ.roa (raw, json)
Hash identifier: sU6E1UCITbRMWtM1MTurOfkYKw7Drz7Sbjs3vORYXUo=
Subject key identifier: DA:07:FB:E7:26:CD:71:6B:5E:F9:85:C9:56:24:FA:CB:02:CF:88:44
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 018CCA2B7A7E221ECF099443B9512DE133B2
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/2gf75ybNcWte-YXJViT6ywLPiEQ.roa
Signing time: Tue 02 Jan 2024 12:34:56 +0000
ROA not before: Tue 02 Jan 2024 12:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2600
IP address blocks: 212.109.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 11:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:7a:7e:22:1e:cf:09:94:43:b9:51:2d:e1:33:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Jan 2 12:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da07fbe726cd716b5ef985c95624facb02cf8844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a5:0a:19:d9:ac:5f:b5:06:05:80:21:6c:21:
f5:4d:45:f5:6b:cb:a6:ef:28:43:ff:9b:63:e6:f8:
50:28:5f:82:92:8b:8e:17:0a:b8:4a:ad:2c:b8:0d:
b4:38:1d:4b:cb:b7:2d:4e:e5:37:ec:09:41:11:c5:
1f:7a:86:39:66:16:c9:ef:c1:97:b4:93:81:54:64:
a7:cd:2c:54:44:bd:05:24:18:a9:31:45:88:66:3c:
7c:85:0c:7b:84:08:2d:dc:57:0c:8d:60:51:7f:39:
f7:42:17:4f:eb:39:47:6a:ae:84:df:f7:42:06:28:
19:5e:25:eb:eb:1c:b6:27:93:b3:02:34:86:fa:fa:
ca:fd:82:b5:97:ca:73:5a:6a:9f:e0:f2:e0:0a:7e:
06:c9:fe:80:8f:95:50:27:35:97:57:69:1b:d9:4c:
fc:ec:3c:bb:b9:df:4e:27:90:55:c9:48:76:83:d6:
c2:f2:7b:f3:1f:0f:87:0f:e1:e0:c2:0c:d5:fd:4a:
81:a4:da:57:f6:39:cc:44:54:91:1a:ad:8c:68:a4:
ba:f7:ec:d9:18:bd:34:4a:7e:b6:ad:f9:6a:40:e1:
a1:a9:5a:6f:fd:91:e6:74:ac:7e:b3:29:2f:90:a9:
f7:d6:2e:cd:de:c8:e5:29:b9:66:94:5f:23:5a:a6:
47:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:07:FB:E7:26:CD:71:6B:5E:F9:85:C9:56:24:FA:CB:02:CF:88:44
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/2gf75ybNcWte-YXJViT6ywLPiEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.224.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:fc:18:ce:39:5c:66:02:0e:47:30:63:a7:0a:ea:0a:75:c6:
71:5c:1b:d5:1b:91:1a:b4:eb:fe:f6:a4:b2:4e:77:4f:21:54:
23:2c:02:c6:19:cb:85:80:4b:7e:bf:13:c0:8c:19:0f:d7:d3:
3f:5c:51:29:0d:9a:25:e3:cd:56:dd:d9:87:97:c7:fc:47:05:
9d:aa:ff:84:cc:36:31:15:88:29:44:0a:f8:d5:7b:68:c7:fa:
24:fd:20:87:38:a8:1f:e2:22:ba:de:d0:41:57:52:4f:11:3a:
e9:aa:95:33:62:b0:c5:4d:29:da:04:e1:d2:43:8a:e0:99:4b:
ba:9c:f0:ba:37:2d:3d:63:4d:f0:b4:d9:ae:da:8e:7b:27:b6:
7f:0b:0c:ca:27:f4:be:e1:d4:7d:db:8e:ea:11:c2:5a:14:65:
b1:e1:c8:e9:ef:53:7d:dd:f1:f0:eb:cb:51:fc:37:ad:26:f6:
f5:df:ba:0b:bc:60:13:97:c3:b2:37:43:a4:db:e4:e2:5e:a0:
f6:02:80:da:ec:9e:31:3b:e0:ff:4d:b4:92:2f:75:cd:36:82:
9d:d8:d7:db:d0:b1:06:50:cb:08:62:5c:79:80:7d:11:74:96:
ab:cd:05:80:7d:31:0d:86:85:43:a3:4b:71:09:38:83:8f:73:
2b:7d:1b:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK3p+Ih7PCZRDuVEt4TOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjQwMTAyMTIzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA3ZmJlNzI2Y2Q3MTZiNWVmOTg1Yzk1NjI0ZmFjYjAyY2Y4ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqUKGdmsX7UGBYAhbCH1TUX1a8um
7yhD/5tj5vhQKF+CkouOFwq4Sq0suA20OB1Ly7ctTuU37AlBEcUfeoY5ZhbJ78GX
tJOBVGSnzSxURL0FJBipMUWIZjx8hQx7hAgt3FcMjWBRfzn3QhdP6zlHaq6E3/dC
BigZXiXr6xy2J5OzAjSG+vrK/YK1l8pzWmqf4PLgCn4Gyf6Aj5VQJzWXV2kb2Uz8
7Dy7ud9OJ5BVyUh2g9bC8nvzHw+HD+HgwgzV/UqBpNpX9jnMRFSRGq2MaKS69+zZ
GL00Sn62rflqQOGhqVpv/ZHmdKx+sykvkKn31i7N3sjlKblmlF8jWqZH/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoH++cmzXFrXvmFyVYk+ssCz4hEMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvMmdmNzV5Yk5jV3RlLVlYSlZpVDZ5d0xQaUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1G3gMA0G
CSqGSIb3DQEBCwUAA4IBAQC8/BjOOVxmAg5HMGOnCuoKdcZxXBvVG5EatOv+9qSy
TndPIVQjLALGGcuFgEt+vxPAjBkP19M/XFEpDZol481W3dmHl8f8RwWdqv+EzDYx
FYgpRAr41Xtox/ok/SCHOKgf4iK63tBBV1JPETrpqpUzYrDFTSnaBOHSQ4rgmUu6
nPC6Ny09Y03wtNmu2o57J7Z/CwzKJ/S+4dR9247qEcJaFGWx4cjp71N93fHw68tR
/DetJvb137oLvGATl8OyN0Ok2+TiXqD2AoDa7J4xO+D/TbSSL3XNNoKd2Nfb0LEG
UMsIYlx5gH0RdJarzQWAfTENhoVDo0txCTiDj3MrfRtr
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:36:38 2024 by rpki-client on console-fra.rpki-client.org