Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/38XsXI6ULTAwCO1gIpa4auBAjWo.roa
File: 38XsXI6ULTAwCO1gIpa4auBAjWo.roa (raw, json)
Hash identifier: NcILng6tE1pT1rzlY8V+ogHFHfq/FhfoTPFg1MbTG04=
Subject key identifier: DF:C5:EC:5C:8E:94:2D:30:30:08:ED:60:22:96:B8:6A:E0:40:8D:6A
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 01856F42A6057AC01EE3454585DF05C5A64F
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/38XsXI6ULTAwCO1gIpa4auBAjWo.roa
Signing time: Sun 01 Jan 2023 21:35:16 +0000
ROA not before: Sun 01 Jan 2023 21:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202667
IP address blocks: 212.87.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a6:05:7a:c0:1e:e3:45:45:85:df:05:c5:a6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 21:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfc5ec5c8e942d303008ed602296b86ae0408d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:df:fd:64:f9:99:ba:8f:f2:b1:60:c4:ab:0f:
95:29:6d:10:12:ce:27:21:50:93:a5:54:09:56:00:
53:04:40:99:c9:3f:8f:bc:36:bb:da:b4:2a:0b:9c:
a3:55:d8:a0:9c:b5:d5:d3:76:df:1d:a5:31:40:93:
41:c6:01:29:12:01:2c:4f:16:95:a0:9e:76:9b:ec:
70:50:56:3f:26:bc:44:4d:6d:5c:9f:2f:43:db:fe:
96:51:d0:b5:8a:b9:f2:de:be:9b:9b:bd:ba:95:e9:
ba:18:89:08:34:3a:8b:30:45:b4:a5:17:8a:09:92:
eb:75:d2:63:4d:be:90:68:23:cc:fd:4d:7d:67:22:
95:ee:d4:dd:35:78:3d:1f:a1:ed:6b:6f:99:b8:6f:
31:45:e6:e7:32:10:8c:a0:ac:e2:36:b9:54:33:4d:
16:74:3b:e3:40:9f:11:1f:a9:3b:21:e4:53:d7:1e:
f7:53:b2:fd:43:67:67:63:0e:5f:d1:d6:b3:c4:f0:
53:cf:54:81:d1:ec:5f:f9:49:92:de:ac:22:d3:e1:
f2:19:dc:44:13:66:8f:d0:62:1d:8e:9f:01:4b:6d:
ff:9a:51:b5:04:43:d2:68:9b:b4:e6:e3:34:7f:3b:
19:0e:50:50:ea:3d:39:34:05:dd:63:a6:2b:e4:58:
70:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C5:EC:5C:8E:94:2D:30:30:08:ED:60:22:96:B8:6A:E0:40:8D:6A
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/38XsXI6ULTAwCO1gIpa4auBAjWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.252.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:16:f2:bb:79:e8:6c:d2:c9:85:de:01:35:cf:d1:91:39:dd:
a6:10:33:88:26:31:b2:86:bb:41:bb:22:b6:f9:2a:5a:5b:cb:
72:0c:a2:6c:40:3d:19:7b:a7:0a:18:af:c0:5a:60:af:f2:70:
a7:ce:16:39:ce:67:f8:26:ff:46:d4:d4:de:02:83:fe:d4:b6:
47:02:66:5c:bb:88:ea:ed:45:7b:8a:9d:1a:30:a5:ba:1d:12:
32:ea:b1:05:f2:9f:7c:9f:2f:0d:17:0e:8a:aa:57:37:16:c4:
2a:22:a5:c6:e2:73:64:0e:3f:14:f9:0e:c3:bc:b6:d9:99:10:
47:cb:6b:c2:e4:cb:40:b6:af:e8:a0:61:36:b3:c2:ab:0a:a4:
1d:bd:df:57:98:5e:dd:59:f3:17:4f:d2:65:05:0c:04:85:06:
e2:8e:4d:9f:d9:c0:6f:98:3c:36:6c:da:34:ce:3f:7b:b6:98:
26:77:96:ac:8a:8c:e6:db:e6:a5:f4:fc:20:e7:45:8b:13:d7:
d1:75:9e:5d:74:d8:6c:7a:69:40:8e:44:c6:ce:32:e0:8f:4e:
e5:4c:53:45:b7:1f:9d:e7:2d:d4:aa:7c:9c:7a:fa:b1:be:2d:
3d:31:b0:95:34:f0:14:41:5b:d4:30:40:83:8a:0e:7b:88:09:
c6:37:56:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqYFesAe40VFhd8FxaZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjMwMTAxMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmM1ZWM1YzhlOTQyZDMwMzAwOGVkNjAyMjk2Yjg2YWUwNDA4ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod/9ZPmZuo/ysWDEqw+VKW0QEs4n
IVCTpVQJVgBTBECZyT+PvDa72rQqC5yjVdignLXV03bfHaUxQJNBxgEpEgEsTxaV
oJ52m+xwUFY/JrxETW1cny9D2/6WUdC1irny3r6bm726lem6GIkINDqLMEW0pReK
CZLrddJjTb6QaCPM/U19ZyKV7tTdNXg9H6Hta2+ZuG8xRebnMhCMoKziNrlUM00W
dDvjQJ8RH6k7IeRT1x73U7L9Q2dnYw5f0dazxPBTz1SB0exf+UmS3qwi0+HyGdxE
E2aP0GIdjp8BS23/mlG1BEPSaJu05uM0fzsZDlBQ6j05NAXdY6Yr5Fhw7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/F7FyOlC0wMAjtYCKWuGrgQI1qMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvMzhYc1hJNlVMVEF3Q08xZ0lwYTRhdUJBaldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Ff8MA0G
CSqGSIb3DQEBCwUAA4IBAQCNFvK7eehs0smF3gE1z9GROd2mEDOIJjGyhrtBuyK2
+SpaW8tyDKJsQD0Ze6cKGK/AWmCv8nCnzhY5zmf4Jv9G1NTeAoP+1LZHAmZcu4jq
7UV7ip0aMKW6HRIy6rEF8p98ny8NFw6Kqlc3FsQqIqXG4nNkDj8U+Q7DvLbZmRBH
y2vC5MtAtq/ooGE2s8KrCqQdvd9XmF7dWfMXT9JlBQwEhQbijk2f2cBvmDw2bNo0
zj97tpgmd5asiozm2+al9Pwg50WLE9fRdZ5ddNhsemlAjkTGzjLgj07lTFNFtx+d
5y3Uqnycevqxvi09MbCVNPAUQVvUMECDig57iAnGN1Yi
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:24 2024 by rpki-client on console-fra.rpki-client.org