Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/dhW7AJQdxPtCfoHZjRoz9Pd51Go.roa
File: dhW7AJQdxPtCfoHZjRoz9Pd51Go.roa (raw, json)
Hash identifier: BKOhdSz3VjI+fshSaTaAssmr6svF4u3aQWkfb2kJ5v0=
Subject key identifier: 76:15:BB:00:94:1D:C4:FB:42:7E:81:D9:8D:1A:33:F4:F7:79:D4:6A
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018CC86F886C26DBBAFE8CDC307DB120782C
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/dhW7AJQdxPtCfoHZjRoz9Pd51Go.roa
Signing time: Tue 02 Jan 2024 04:30:01 +0000
ROA not before: Tue 02 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204653
IP address blocks: 212.66.164.0/24 maxlen: 24
212.66.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 22 Jan 2024 13:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:88:6c:26:db:ba:fe:8c:dc:30:7d:b1:20:78:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jan 2 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7615bb00941dc4fb427e81d98d1a33f4f779d46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:13:7e:67:53:b0:3e:e4:91:27:fa:f9:f5:99:
b0:c4:c1:64:53:a8:a2:76:ec:7d:07:94:3d:24:ed:
30:7a:cf:4f:b6:25:0e:be:49:76:e8:ea:a2:77:4b:
cd:b1:8e:98:3a:63:7a:d2:e2:e0:ce:fa:51:c8:d2:
3e:87:12:48:a9:ca:9d:64:bc:99:99:01:c8:e0:ad:
c6:a8:34:e5:ec:ac:a7:16:1b:ca:8e:14:b5:e6:fb:
51:d2:ea:1d:c9:83:14:bb:d6:5e:1e:3d:7d:3e:1a:
fe:9d:e7:25:42:60:a0:fe:00:12:77:16:e5:50:b4:
4a:6c:93:c9:df:e2:cf:1e:55:c8:43:ff:d2:f3:33:
9a:0d:b3:c9:46:dc:52:4d:d5:f0:3f:ec:f1:29:be:
02:0c:a1:dc:67:d2:11:68:dd:75:50:9d:16:98:bc:
ef:9a:8d:9c:18:e4:5e:d6:9b:e9:da:b3:79:c8:49:
ae:ce:99:15:03:ed:31:40:3a:a1:94:c8:0a:71:37:
f0:f8:28:62:74:ba:19:1d:32:47:06:b4:78:76:c0:
b9:79:ba:8a:fc:a5:45:38:7e:54:c2:d4:d8:22:86:
cb:6d:3b:24:6a:31:03:61:13:b1:a7:c1:b8:f7:d7:
ce:1b:53:19:a0:ed:88:8d:f8:cf:5c:cc:d9:20:4e:
3f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:15:BB:00:94:1D:C4:FB:42:7E:81:D9:8D:1A:33:F4:F7:79:D4:6A
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/dhW7AJQdxPtCfoHZjRoz9Pd51Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.66.164.0/24
212.66.166.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:4e:db:0e:1e:e1:c2:2a:c9:cc:7c:f3:1d:57:44:aa:49:d2:
26:45:73:42:90:89:87:10:f1:1a:48:a5:d7:9c:3e:32:42:b2:
f0:72:c4:18:fc:65:9b:5a:03:c3:94:8e:e4:02:8d:3d:53:b2:
d5:fb:57:7f:f6:68:0a:d0:60:43:f4:6d:f5:0d:06:82:2f:42:
fa:99:2a:a5:79:46:6f:28:52:80:80:af:3b:60:57:ea:b4:98:
ed:a9:3c:f9:6f:5c:d4:84:c2:36:67:26:8b:07:fe:96:7c:e3:
43:bc:a2:24:44:48:06:0a:9c:8d:d2:e9:6b:67:1a:cf:c5:87:
81:dc:b0:ab:bf:19:be:bc:20:7d:89:12:ae:37:19:04:35:b0:
de:77:ea:86:1f:c9:a6:70:48:ee:74:0d:e3:43:7e:bd:6d:3b:
c3:32:d6:cc:c1:30:08:b5:9f:41:47:59:52:e1:87:00:37:7a:
63:f5:3b:1a:ec:c8:dc:48:41:77:f5:ff:35:fd:ac:b8:4b:2e:
2d:3b:9e:94:49:51:18:f2:fe:40:e0:bb:b8:32:e5:3a:93:fe:
b7:25:52:f4:2c:06:a7:bf:26:e9:66:93:cd:ae:93:a7:c4:60:
c4:98:65:db:a6:0a:a1:8f:88:a4:b0:37:0b:c2:a2:50:9c:9f:
85:54:15:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb4hsJtu6/ozcMH2xIHgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMTAyMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE1YmIwMDk0MWRjNGZiNDI3ZTgxZDk4ZDFhMzNmNGY3NzlkNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRN+Z1OwPuSRJ/r59ZmwxMFkU6ii
dux9B5Q9JO0wes9PtiUOvkl26Oqid0vNsY6YOmN60uLgzvpRyNI+hxJIqcqdZLyZ
mQHI4K3GqDTl7KynFhvKjhS15vtR0uodyYMUu9ZeHj19Phr+neclQmCg/gASdxbl
ULRKbJPJ3+LPHlXIQ//S8zOaDbPJRtxSTdXwP+zxKb4CDKHcZ9IRaN11UJ0WmLzv
mo2cGORe1pvp2rN5yEmuzpkVA+0xQDqhlMgKcTfw+ChidLoZHTJHBrR4dsC5ebqK
/KVFOH5UwtTYIobLbTskajEDYROxp8G499fOG1MZoO2IjfjPXMzZIE4/cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYVuwCUHcT7Qn6B2Y0aM/T3edRqMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvZGhXN0FKUWR4UHRDZm9IWmpSb3o5UGQ1MUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1EKkAwQB
1EKmMA0GCSqGSIb3DQEBCwUAA4IBAQBOTtsOHuHCKsnMfPMdV0SqSdImRXNCkImH
EPEaSKXXnD4yQrLwcsQY/GWbWgPDlI7kAo09U7LV+1d/9mgK0GBD9G31DQaCL0L6
mSqleUZvKFKAgK87YFfqtJjtqTz5b1zUhMI2ZyaLB/6WfONDvKIkREgGCpyN0ulr
ZxrPxYeB3LCrvxm+vCB9iRKuNxkENbDed+qGH8mmcEjudA3jQ369bTvDMtbMwTAI
tZ9BR1lS4YcAN3pj9Tsa7MjcSEF39f81/ay4Sy4tO56USVEY8v5A4Lu4MuU6k/63
JVL0LAanvybpZpPNrpOnxGDEmGXbpgqhj4iksDcLwqJQnJ+FVBVQ
-----END CERTIFICATE-----
Generated at Mon Jan 22 17:49:59 2024 by rpki-client on console-fra.rpki-client.org