Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/rp1UOgP6zvElZFHHtzxvdyMvc3M.roa
File: rp1UOgP6zvElZFHHtzxvdyMvc3M.roa (raw, json)
Hash identifier: hyDzyM9jLj8GRth568yqNj5/ApK5hZ0pqXEzGBwxIfA=
Subject key identifier: AE:9D:54:3A:03:FA:CE:F1:25:64:51:C7:B7:3C:6F:77:23:2F:73:73
Certificate issuer: /CN=c8d0fc8259075cd675f319d7af4fa713048a515c
Certificate serial: 018570150CBB4AB1E42B6B1ECA80804BE750
Authority key identifier: C8:D0:FC:82:59:07:5C:D6:75:F3:19:D7:AF:4F:A7:13:04:8A:51:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/rp1UOgP6zvElZFHHtzxvdyMvc3M.roa
Signing time: Mon 02 Jan 2023 01:25:05 +0000
ROA not before: Mon 02 Jan 2023 01:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12409
IP address blocks: 212.94.192.0/19 maxlen: 19
2a0a:fc80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:0c:bb:4a:b1:e4:2b:6b:1e:ca:80:80:4b:e7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d0fc8259075cd675f319d7af4fa713048a515c
Validity
Not Before: Jan 2 01:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae9d543a03facef1256451c7b73c6f77232f7373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a8:20:25:b6:f5:18:e8:70:38:6d:cf:24:e0:
11:47:29:8b:04:55:79:59:41:6f:c4:14:c6:48:fd:
18:e8:4f:9b:4c:a5:10:a4:21:4a:8a:ca:ea:d9:5a:
8e:67:4d:2d:ce:08:ec:48:3f:27:67:43:1f:2e:91:
47:c5:85:ee:e5:47:27:3f:46:d3:15:ff:7d:e2:2d:
22:0b:d3:3c:b4:4c:d5:57:60:8d:54:0c:fb:d9:7c:
31:ea:57:88:4c:aa:4f:7b:4c:21:f6:d5:20:d4:03:
89:9a:18:76:6e:ea:70:43:6b:da:bf:b2:a6:84:39:
d7:74:2b:77:1b:ad:be:45:0e:52:c8:70:4d:00:57:
61:11:41:a2:12:d6:9a:0f:08:48:3f:cd:63:74:88:
7f:e2:6c:30:41:56:e2:bd:68:e5:21:97:ea:c9:b6:
0a:bc:55:3e:2c:85:e2:87:cf:14:d1:a8:3c:aa:cc:
91:4a:be:96:c0:9c:14:0e:cc:bf:09:23:4a:67:e8:
74:72:2e:37:51:2c:e3:65:91:fa:86:6c:99:c0:c3:
b6:d8:bb:b5:9d:6e:dd:28:20:c0:b7:ab:5f:9f:86:
ce:35:ee:75:44:66:4e:08:54:be:4d:6c:bf:dd:75:
d7:15:5a:eb:25:b5:7e:8a:0f:5c:ed:c8:ae:12:f4:
97:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9D:54:3A:03:FA:CE:F1:25:64:51:C7:B7:3C:6F:77:23:2F:73:73
X509v3 Authority Key Identifier:
keyid:C8:D0:FC:82:59:07:5C:D6:75:F3:19:D7:AF:4F:A7:13:04:8A:51:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/rp1UOgP6zvElZFHHtzxvdyMvc3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/yND8glkHXNZ18xnXr0-nEwSKUVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.94.192.0/19
IPv6:
2a0a:fc80::/32
Signature Algorithm: sha256WithRSAEncryption
81:e7:bd:63:e6:61:f8:ff:96:11:c6:75:d6:ca:c7:c8:de:fa:
67:52:e8:25:99:51:2c:a1:af:c1:ae:c7:ed:a6:d2:35:a6:65:
0a:39:25:df:c4:e0:ba:71:5f:1d:aa:f3:74:c3:fd:ac:29:31:
9e:9a:31:cd:98:b8:4b:13:17:f3:0b:2e:cb:a9:7b:f4:ec:f1:
ba:c8:b2:d9:8f:bb:90:b9:9f:db:1f:57:03:ef:6f:17:e6:76:
fc:87:5a:58:0d:24:d5:cd:9d:72:b8:cf:4f:07:f3:37:24:84:
cf:cc:88:05:f3:09:51:c8:04:7a:0c:fa:40:3f:a0:7f:7b:f1:
c8:3c:74:45:71:ba:7e:4e:21:95:54:c6:3b:2d:02:59:27:bb:
57:a5:85:5a:ab:d5:ba:61:c4:56:09:4c:51:6d:1d:b7:f5:06:
27:84:45:c2:9a:ca:39:76:4e:95:af:d4:19:cc:5c:86:4c:2d:
ff:d1:37:d3:db:be:ef:5e:e9:68:db:95:7f:0f:ea:52:66:f0:
00:7e:2a:9c:e2:3c:c8:a5:2c:ba:2f:af:5d:75:c3:01:25:7b:
bd:bc:72:68:7f:04:09:1a:a6:4b:73:ca:3e:25:57:06:b2:9e:
14:0b:fa:b5:28:3e:e5:cb:f3:9a:c2:46:13:9a:f1:b1:5d:03:
b5:3f:08:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFQy7SrHkK2seyoCAS+dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDBmYzgyNTkwNzVjZDY3NWYzMTlkN2FmNGZhNzEzMDQ4
YTUxNWMwHhcNMjMwMTAyMDEyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTlkNTQzYTAzZmFjZWYxMjU2NDUxYzdiNzNjNmY3NzIzMmY3MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKggJbb1GOhwOG3PJOARRymLBFV5
WUFvxBTGSP0Y6E+bTKUQpCFKisrq2VqOZ00tzgjsSD8nZ0MfLpFHxYXu5UcnP0bT
Ff994i0iC9M8tEzVV2CNVAz72Xwx6leITKpPe0wh9tUg1AOJmhh2bupwQ2vav7Km
hDnXdCt3G62+RQ5SyHBNAFdhEUGiEtaaDwhIP81jdIh/4mwwQVbivWjlIZfqybYK
vFU+LIXih88U0ag8qsyRSr6WwJwUDsy/CSNKZ+h0ci43USzjZZH6hmyZwMO22Lu1
nW7dKCDAt6tfn4bONe51RGZOCFS+TWy/3XXXFVrrJbV+ig9c7ciuEvSXjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK6dVDoD+s7xJWRRx7c8b3cjL3NzMB8GA1UdIwQY
MBaAFMjQ/IJZB1zWdfMZ169PpxMEilFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5EOGdsa0hYTloxOHhuWHIwLW5Fd1NLVVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80NWM4NjItOWUzMy00NWM4LWE3Mjgt
N2EyZmQxMDI2OWJlLzEvcnAxVU9nUDZ6dkVsWkZISHR6eHZkeU12YzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80NWM4NjItOWUzMy00NWM4LWE3MjgtN2EyZmQxMDI2OWJl
LzEveU5EOGdsa0hYTloxOHhuWHIwLW5Fd1NLVVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1F7AMA0E
AgACMAcDBQAqCvyAMA0GCSqGSIb3DQEBCwUAA4IBAQCB571j5mH4/5YRxnXWysfI
3vpnUuglmVEsoa/BrsftptI1pmUKOSXfxOC6cV8dqvN0w/2sKTGemjHNmLhLExfz
Cy7LqXv07PG6yLLZj7uQuZ/bH1cD728X5nb8h1pYDSTVzZ1yuM9PB/M3JITPzIgF
8wlRyAR6DPpAP6B/e/HIPHRFcbp+TiGVVMY7LQJZJ7tXpYVaq9W6YcRWCUxRbR23
9QYnhEXCmso5dk6Vr9QZzFyGTC3/0TfT277vXulo25V/D+pSZvAAfiqc4jzIpSy6
L69ddcMBJXu9vHJofwQJGqZLc8o+JVcGsp4UC/q1KD7ly/OawkYTmvGxXQO1Pwg0
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:13 2024 by rpki-client on console-fra.rpki-client.org