Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/Ux7HJY9PqX882As3tz-jf45jUAI.roa
File: Ux7HJY9PqX882As3tz-jf45jUAI.roa (raw, json)
Hash identifier: 1f40a0Vtu00RUculYxrezsW/4yAo97GfZiH/N8mgRB8=
Subject key identifier: 53:1E:C7:25:8F:4F:A9:7F:3C:D8:0B:37:B7:3F:A3:7F:8E:63:50:02
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 0192FAFA02DB0E10E0DB8AB6CCB15381EDF6
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/Ux7HJY9PqX882As3tz-jf45jUAI.roa
Signing time: Tue 05 Nov 2024 06:19:01 +0000
ROA not before: Tue 05 Nov 2024 06:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38195
IP address blocks: 212.124.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 06:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fa:fa:02:db:0e:10:e0:db:8a:b6:cc:b1:53:81:ed:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Nov 5 06:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=531ec7258f4fa97f3cd80b37b73fa37f8e635002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:f7:e8:6a:7e:99:85:68:0c:31:24:3c:c8:
7e:3e:69:00:4a:5e:da:b9:e6:92:58:63:4c:03:75:
c1:c1:2d:d2:e6:d2:b1:10:e5:19:ac:34:9f:fa:2e:
ee:de:85:11:4d:7f:fc:9e:be:31:4a:2d:b6:44:f1:
3b:d4:ff:65:44:cf:37:73:8f:1b:2d:ea:22:8e:b7:
3f:43:be:86:9e:9b:d8:42:7c:86:d3:31:dc:30:ee:
25:94:e8:3d:8a:87:54:80:01:72:94:cf:d5:ae:eb:
99:a7:55:5a:95:20:a8:aa:f2:eb:f0:86:01:ff:cf:
e1:61:c7:9a:33:6b:a9:2b:94:78:54:4d:9c:9e:04:
02:fb:f1:3f:4f:50:6c:74:24:82:d4:5e:13:d0:cf:
f8:a0:3a:47:15:f8:56:3d:26:9f:40:45:20:bf:36:
d7:f5:f1:af:a3:a3:5b:4c:1b:06:0a:8f:5b:fe:53:
62:5b:67:2e:7e:7d:4f:e3:d7:a3:bc:1e:a4:69:bf:
36:4f:59:54:c8:28:bd:b6:5f:97:7e:1b:f0:cc:38:
2a:dd:14:0e:a3:33:42:4f:32:78:0e:6c:ed:e2:60:
27:db:29:6e:85:91:09:89:ee:97:af:33:7e:91:58:
65:cc:e8:66:53:ef:fe:14:09:43:31:21:dd:be:cb:
9e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1E:C7:25:8F:4F:A9:7F:3C:D8:0B:37:B7:3F:A3:7F:8E:63:50:02
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/Ux7HJY9PqX882As3tz-jf45jUAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.124.93.0/24
Signature Algorithm: sha256WithRSAEncryption
55:71:60:0f:1c:42:c2:6b:05:9d:61:40:67:0c:68:ae:6f:1e:
d6:11:6f:29:85:f0:18:74:63:b1:23:8e:8d:03:57:08:20:9a:
03:6f:eb:99:cd:a6:cf:fd:6d:27:2c:8f:08:7d:93:81:6b:1a:
71:22:03:9d:a9:21:82:d7:23:e9:ab:a1:bd:b1:55:25:a0:c8:
3a:b1:c3:d6:2f:d2:21:b9:1f:09:6d:2d:a1:1f:95:9a:73:5a:
f4:20:18:c3:fb:87:ef:44:f4:67:44:00:85:9f:80:bb:5c:c2:
d6:97:e9:15:ff:59:7d:99:7c:6a:fa:43:5e:c5:b6:22:20:09:
4e:94:be:f5:15:73:6e:bf:b8:25:ce:67:7c:ac:1a:25:5b:8d:
40:03:9c:12:8e:8a:0e:c4:97:e8:e9:a8:48:f2:7e:a1:98:96:
d5:31:a9:e8:4b:b9:da:15:fa:80:3c:54:02:1f:82:12:8a:5e:
35:bb:4f:a7:82:bb:bf:9c:e0:b2:22:f7:8c:1d:ca:98:67:34:
75:c6:2d:12:7d:a5:02:7b:49:dc:76:e4:95:15:b1:56:b7:ca:
0a:fb:d9:ef:7f:55:0f:0e:c1:cd:8d:0f:6f:4f:59:d5:8c:d3:
e7:ce:f1:4b:8f:93:f2:44:89:ec:6f:2a:a2:d7:00:e1:f8:61:
6e:ad:3f:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL6+gLbDhDg24q2zLFTge32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjQxMTA1MDYxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFlYzcyNThmNGZhOTdmM2NkODBiMzdiNzNmYTM3ZjhlNjM1MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwof36Gp+mYVoDDEkPMh+PmkASl7a
ueaSWGNMA3XBwS3S5tKxEOUZrDSf+i7u3oURTX/8nr4xSi22RPE71P9lRM83c48b
Leoijrc/Q76GnpvYQnyG0zHcMO4llOg9iodUgAFylM/VruuZp1ValSCoqvLr8IYB
/8/hYceaM2upK5R4VE2cngQC+/E/T1BsdCSC1F4T0M/4oDpHFfhWPSafQEUgvzbX
9fGvo6NbTBsGCo9b/lNiW2cufn1P49ejvB6kab82T1lUyCi9tl+XfhvwzDgq3RQO
ozNCTzJ4Dmzt4mAn2yluhZEJie6XrzN+kVhlzOhmU+/+FAlDMSHdvsueFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMexyWPT6l/PNgLN7c/o3+OY1ACMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvVXg3SEpZOVBxWDg4MkFzM3R6LWpmNDVqVUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1HxdMA0G
CSqGSIb3DQEBCwUAA4IBAQBVcWAPHELCawWdYUBnDGiubx7WEW8phfAYdGOxI46N
A1cIIJoDb+uZzabP/W0nLI8IfZOBaxpxIgOdqSGC1yPpq6G9sVUloMg6scPWL9Ih
uR8JbS2hH5Wac1r0IBjD+4fvRPRnRACFn4C7XMLWl+kV/1l9mXxq+kNexbYiIAlO
lL71FXNuv7glzmd8rBolW41AA5wSjooOxJfo6ahI8n6hmJbVManoS7naFfqAPFQC
H4ISil41u0+ngru/nOCyIveMHcqYZzR1xi0SfaUCe0ncduSVFbFWt8oK+9nvf1UP
DsHNjQ9vT1nVjNPnzvFLj5PyRInsbyqi1wDh+GFurT+u
-----END CERTIFICATE-----
Generated at Tue Nov 12 08:31:07 2024 by rpki-client on console-fra.rpki-client.org