Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/n2sC6unfwgxM3ODqEsmti93x-QY.roa
File: n2sC6unfwgxM3ODqEsmti93x-QY.roa (raw, json)
Hash identifier: hBVXqYsx6UxdyA+P3jF9MhJdYtZgvqawbBVWVL4NO9E=
Subject key identifier: 9F:6B:02:EA:E9:DF:C2:0C:4C:DC:E0:EA:12:C9:AD:8B:DD:F1:F9:06
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C3AB7D5592F8ADA81AA0B49BC125A19B7
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/n2sC6unfwgxM3ODqEsmti93x-QY.roa
Signing time: Tue 05 Dec 2023 16:02:55 +0000
ROA not before: Tue 05 Dec 2023 16:02:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49154
IP address blocks: 212.188.64.0/23 maxlen: 23
212.188.64.0/22 maxlen: 22
212.188.66.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:b7:d5:59:2f:8a:da:81:aa:0b:49:bc:12:5a:19:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 5 16:02:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f6b02eae9dfc20c4cdce0ea12c9ad8bddf1f906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ab:eb:3a:03:41:c0:a1:c6:6a:ef:f6:b6:0e:
25:8b:d0:97:25:cf:21:4a:8f:9c:89:dd:4f:26:5f:
91:7a:0b:d9:ce:6a:8b:92:74:eb:1c:e2:45:16:fd:
6f:ba:41:f5:27:8c:c7:31:0d:c6:ac:fa:5f:6e:6b:
d0:43:6a:88:b6:f1:8e:68:2b:f8:43:cf:85:3a:4d:
ab:45:93:c4:69:f9:e9:d5:43:a1:c7:d1:21:ac:c4:
33:41:b4:4c:e7:37:0a:f1:8c:81:94:b8:f5:de:8a:
84:4b:ec:94:92:fd:aa:4f:ba:28:72:55:41:be:f2:
b1:4a:4d:0e:1e:8c:d7:d8:71:aa:f0:19:0e:5a:20:
24:37:87:cf:c8:ac:f1:8d:8f:5e:25:a6:61:76:3c:
36:03:3f:2a:5e:59:0c:6b:fa:fb:56:95:3f:dd:e2:
da:3e:50:74:a4:1b:d7:20:32:60:04:7c:39:c5:0e:
e1:9e:87:6c:c5:69:2e:d1:11:17:93:86:71:2e:10:
2a:00:7a:f7:82:15:43:7d:df:5f:c9:d7:80:f3:2c:
75:8a:c1:33:7d:43:98:b0:64:d5:08:f4:8a:05:3b:
57:c3:6a:81:8d:be:e3:f1:57:a6:7f:d4:a1:a7:b4:
01:27:52:34:af:00:30:b1:be:a4:0d:29:4e:65:72:
a5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6B:02:EA:E9:DF:C2:0C:4C:DC:E0:EA:12:C9:AD:8B:DD:F1:F9:06
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/n2sC6unfwgxM3ODqEsmti93x-QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.188.64.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:c7:1d:17:65:d9:52:97:a4:f7:a7:69:20:7e:62:2e:63:60:
2a:bf:1e:5d:3a:af:e6:ee:06:3f:47:d0:58:42:ee:56:45:f3:
5a:80:40:41:9e:e6:87:47:17:7a:24:2f:56:46:55:25:b9:de:
5f:79:42:73:98:17:c0:21:59:02:2a:dd:e2:cc:65:b1:08:2e:
93:e7:61:2c:1f:61:15:cd:61:d0:d8:cd:13:d7:3e:78:ad:74:
cd:e0:d4:16:d8:5b:9e:15:04:36:6d:90:f1:72:e8:32:c5:07:
aa:3c:cd:68:fd:44:aa:af:8c:8e:e0:8d:71:64:4d:5e:61:c5:
c1:7f:b1:87:07:46:8a:83:e5:64:98:f3:1d:4a:92:90:10:1b:
3a:47:e2:81:57:21:ce:87:89:d6:46:84:9a:04:33:47:6d:7d:
7d:30:94:81:17:16:2a:8e:0e:f8:95:cb:0c:44:80:f4:0e:7a:
73:53:88:bf:04:cd:a2:54:7a:5c:b7:3a:c5:4c:5b:56:55:a1:
ba:33:12:ba:8f:5f:61:f1:5a:cc:bb:ee:f3:4d:8c:43:a2:b8:
7c:3e:de:da:ec:ac:38:63:cf:7b:15:04:a5:23:78:35:f2:11:
ec:db:1a:bc:be:f8:b1:5c:ee:de:40:8f:86:ab:53:38:8b:7a:
6c:b4:ad:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw6t9VZL4ragaoLSbwSWhm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA1MTYwMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZiMDJlYWU5ZGZjMjBjNGNkY2UwZWExMmM5YWQ4YmRkZjFmOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKvrOgNBwKHGau/2tg4li9CXJc8h
So+cid1PJl+RegvZzmqLknTrHOJFFv1vukH1J4zHMQ3GrPpfbmvQQ2qItvGOaCv4
Q8+FOk2rRZPEafnp1UOhx9EhrMQzQbRM5zcK8YyBlLj13oqES+yUkv2qT7ooclVB
vvKxSk0OHozX2HGq8BkOWiAkN4fPyKzxjY9eJaZhdjw2Az8qXlkMa/r7VpU/3eLa
PlB0pBvXIDJgBHw5xQ7hnodsxWku0REXk4ZxLhAqAHr3ghVDfd9fydeA8yx1isEz
fUOYsGTVCPSKBTtXw2qBjb7j8Vemf9Shp7QBJ1I0rwAwsb6kDSlOZXKldwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9rAurp38IMTNzg6hLJrYvd8fkGMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbjJzQzZ1bmZ3Z3hNM09EcUVzbXRpOTN4LVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1LxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBvxx0XZdlSl6T3p2kgfmIuY2Aqvx5dOq/m7gY/R9BY
Qu5WRfNagEBBnuaHRxd6JC9WRlUlud5feUJzmBfAIVkCKt3izGWxCC6T52EsH2EV
zWHQ2M0T1z54rXTN4NQW2FueFQQ2bZDxcugyxQeqPM1o/USqr4yO4I1xZE1eYcXB
f7GHB0aKg+VkmPMdSpKQEBs6R+KBVyHOh4nWRoSaBDNHbX19MJSBFxYqjg74lcsM
RID0DnpzU4i/BM2iVHpctzrFTFtWVaG6MxK6j19h8VrMu+7zTYxDorh8Pt7a7Kw4
Y897FQSlI3g18hHs2xq8vvixXO7eQI+Gq1M4i3pstK3i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org