Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/rH1cBBmblBN-eYFB5BfCFndKgqY.roa
File: rH1cBBmblBN-eYFB5BfCFndKgqY.roa (raw, json)
Hash identifier: prqit/LKiyavpMnXVmq2ovHYmafba5ksHgPVERVkklE=
Subject key identifier: AC:7D:5C:04:19:9B:94:13:7E:79:81:41:E4:17:C2:16:77:4A:82:A6
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 018B7C47671DD0963DF3C9E8870732BDCD25
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/rH1cBBmblBN-eYFB5BfCFndKgqY.roa
Signing time: Sun 29 Oct 2023 16:32:16 +0000
ROA not before: Sun 29 Oct 2023 16:32:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15373
IP address blocks: 212.87.224.0/21 maxlen: 21
212.87.232.0/23 maxlen: 23
212.87.234.0/23 maxlen: 23
212.87.238.0/23 maxlen: 23
212.87.236.0/23 maxlen: 23
212.87.253.0/24 maxlen: 24
2a01:698::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:47:67:1d:d0:96:3d:f3:c9:e8:87:07:32:bd:cd:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Oct 29 16:32:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac7d5c04199b94137e798141e417c216774a82a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:21:51:21:d8:98:32:d4:0d:39:57:66:6d:13:
7a:a3:76:aa:bc:a4:6e:d7:a4:75:10:ee:f5:c2:06:
70:c3:17:d2:0e:a3:ce:e9:69:71:ad:29:35:76:b6:
1f:e0:ef:fc:d2:d4:e4:c4:11:4a:f9:7a:b4:32:e4:
f0:06:57:d4:03:a2:68:e3:f1:cb:58:a6:be:cb:8e:
22:1b:33:e7:a4:15:fc:fc:54:02:37:9f:e3:8d:3e:
21:37:8d:56:cc:41:42:ef:73:eb:82:7e:c0:fb:ca:
06:00:36:7a:aa:3f:74:3e:68:ab:db:d3:34:e5:b6:
de:fd:92:89:20:7f:63:88:e1:65:25:52:6c:d3:40:
2f:ea:d2:5e:fe:88:1c:7f:6c:0d:40:75:9f:05:52:
d2:1f:46:a3:cc:a3:cd:5c:43:ed:69:63:b9:5b:4b:
a4:43:92:56:c6:37:29:48:49:d7:94:19:4c:b8:7f:
a5:1e:48:c0:4b:dc:02:1b:f5:9e:20:99:2c:6d:3c:
8c:4b:7a:08:d1:6a:e0:b9:03:34:55:a9:df:fa:aa:
7f:2d:5b:a1:af:a0:89:f0:f1:4f:02:b1:6f:e8:dd:
c6:bd:e9:90:46:94:c7:8b:81:2f:e9:13:0a:23:eb:
0a:b7:a1:e1:9b:e8:48:71:0d:d7:59:2b:81:2e:02:
ee:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7D:5C:04:19:9B:94:13:7E:79:81:41:E4:17:C2:16:77:4A:82:A6
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/rH1cBBmblBN-eYFB5BfCFndKgqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.224.0/20
212.87.253.0/24
IPv6:
2a01:698::/32
Signature Algorithm: sha256WithRSAEncryption
68:51:51:f1:79:c0:97:80:0d:1c:6d:d8:2d:43:44:9d:f2:a0:
6e:24:8e:e6:9b:9c:2b:02:4d:c8:77:54:d7:da:01:25:1e:78:
ff:cc:13:7d:9d:6b:47:cf:d8:5a:d6:76:19:d6:3e:11:82:63:
fa:c9:cc:05:df:b6:05:0d:34:6c:71:89:6a:3c:9f:1e:7c:ab:
3b:7a:62:b9:fa:b1:d9:05:3d:4a:16:2c:a3:33:25:6e:0f:23:
96:2f:33:b1:d0:1d:e8:af:01:42:ea:af:48:e6:05:4a:b3:a2:
f5:12:63:5a:00:fc:2e:ab:6b:e9:cc:22:ba:09:a1:3c:83:8a:
80:50:dd:5d:95:0f:a4:8f:d6:34:e7:d4:6b:fe:2e:87:99:1a:
09:ff:e2:5a:61:ac:79:d6:9a:80:94:81:f2:2b:10:48:66:cd:
86:82:89:19:6f:f7:95:f4:09:02:40:8d:92:7b:8c:98:7f:9a:
54:c9:04:63:bc:64:aa:bc:a3:44:83:21:43:bd:04:f9:c1:62:
f1:92:54:30:8e:54:72:bc:20:2d:ff:4f:78:38:9e:6f:d6:41:
c6:5b:5f:fa:a7:73:b4:2f:39:44:ef:3c:16:36:3e:44:23:68:
72:24:bd:57:e7:18:30:58:0a:f4:58:ba:28:53:db:69:c5:5e:
4f:c3:01:bb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYt8R2cd0JY988nohwcyvc0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjMxMDI5MTYzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdkNWMwNDE5OWI5NDEzN2U3OTgxNDFlNDE3YzIxNjc3NGE4MmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSFRIdiYMtQNOVdmbRN6o3aqvKRu
16R1EO71wgZwwxfSDqPO6WlxrSk1drYf4O/80tTkxBFK+Xq0MuTwBlfUA6Jo4/HL
WKa+y44iGzPnpBX8/FQCN5/jjT4hN41WzEFC73Prgn7A+8oGADZ6qj90Pmir29M0
5bbe/ZKJIH9jiOFlJVJs00Av6tJe/ogcf2wNQHWfBVLSH0ajzKPNXEPtaWO5W0uk
Q5JWxjcpSEnXlBlMuH+lHkjAS9wCG/WeIJksbTyMS3oI0WrguQM0Vanf+qp/LVuh
r6CJ8PFPArFv6N3GvemQRpTHi4Ev6RMKI+sKt6Hhm+hIcQ3XWSuBLgLuiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKx9XAQZm5QTfnmBQeQXwhZ3SoKmMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvckgxY0JCbWJsQk4tZVlGQjVCZkNGbmRLZ3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQE1FfgAwQA
1Ff9MA0EAgACMAcDBQAqAQaYMA0GCSqGSIb3DQEBCwUAA4IBAQBoUVHxecCXgA0c
bdgtQ0Sd8qBuJI7mm5wrAk3Id1TX2gElHnj/zBN9nWtHz9ha1nYZ1j4RgmP6ycwF
37YFDTRscYlqPJ8efKs7emK5+rHZBT1KFiyjMyVuDyOWLzOx0B3orwFC6q9I5gVK
s6L1EmNaAPwuq2vpzCK6CaE8g4qAUN1dlQ+kj9Y059Rr/i6HmRoJ/+JaYax51pqA
lIHyKxBIZs2GgokZb/eV9AkCQI2Se4yYf5pUyQRjvGSqvKNEgyFDvQT5wWLxklQw
jlRyvCAt/094OJ5v1kHGW1/6p3O0LzlE7zwWNj5EI2hyJL1X5xgwWAr0WLooU9tp
xV5PwwG7
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:09 2024 by rpki-client on console-ams.rpki-client.org