Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/xS-QU6dzlBJqGnYuqO9iTSM36AY.roa
File: xS-QU6dzlBJqGnYuqO9iTSM36AY.roa (raw, json)
Hash identifier: MFh+t35z63w8b+VKyTEvubVtWrfIrdVPCDDXSJs4h/g=
Subject key identifier: C5:2F:90:53:A7:73:94:12:6A:1A:76:2E:A8:EF:62:4D:23:37:E8:06
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019421B1FD2D2ED7321ABF76AE214A4EC8FF
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/xS-QU6dzlBJqGnYuqO9iTSM36AY.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.116.226.0/23 maxlen: 24
212.116.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 21:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fd:2d:2e:d7:32:1a:bf:76:ae:21:4a:4e:c8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c52f9053a77394126a1a762ea8ef624d2337e806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:89:d5:01:8f:1d:b8:6f:9a:6c:47:f6:b9:ac:
6a:47:de:73:d4:c6:56:c3:c8:14:f1:60:aa:ca:a4:
99:c6:fc:c2:5e:de:fd:72:62:fe:87:5d:11:79:27:
62:09:67:a1:18:ca:1f:a6:9f:6c:77:71:3d:8e:d5:
71:9e:72:40:64:5d:61:b9:21:b9:23:99:74:fc:df:
30:a6:92:61:23:1a:59:ae:bf:c7:b8:1a:64:be:ff:
1b:6d:ef:84:0e:e6:1f:fb:4f:94:12:1c:5f:08:a4:
c4:b1:ce:a1:2a:49:1c:fd:31:12:f5:4b:c2:a2:ad:
d3:1b:ee:9a:4c:51:54:b1:a9:cd:d1:ae:a5:ba:1b:
5d:2e:70:3e:52:ff:24:87:11:25:67:cd:07:10:c3:
1b:9a:9a:dc:54:31:5e:db:1d:49:1e:3e:41:cd:d4:
4e:05:23:2c:d7:93:74:f7:52:fb:18:71:66:d8:74:
56:8c:d9:8e:ec:bc:31:99:f3:99:c9:37:b0:59:43:
5a:a1:da:98:a7:b1:46:d1:d0:e9:9d:33:b6:41:d8:
bc:c2:77:04:ca:75:a1:cf:41:29:08:4d:74:f0:e0:
62:c0:a1:88:f3:35:52:57:6d:9f:40:c8:28:bd:dd:
a4:0e:45:86:a6:04:f8:7e:a6:a6:2e:eb:b2:3d:27:
d9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2F:90:53:A7:73:94:12:6A:1A:76:2E:A8:EF:62:4D:23:37:E8:06
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/xS-QU6dzlBJqGnYuqO9iTSM36AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.226.0/23
212.116.236.0/22
Signature Algorithm: sha256WithRSAEncryption
d9:b2:1f:3d:f6:52:ee:8d:9e:44:d9:5f:77:7f:24:d4:8d:51:
e2:cf:4f:96:5b:1d:1f:f2:25:8f:86:d7:de:10:af:35:7b:9c:
65:07:2f:2b:93:69:b2:d7:c5:09:da:a8:de:3d:55:11:72:48:
6f:0b:49:8c:be:d6:6b:cb:b7:17:42:f2:71:da:e0:9d:3d:aa:
e4:16:ba:02:a1:ba:3d:44:95:3b:7e:55:e1:af:01:c4:9d:66:
54:7a:8a:45:b9:92:e8:b7:a3:65:e1:33:0d:dc:77:6f:c5:60:
c0:45:66:77:d3:77:9c:39:4d:69:7d:37:1c:09:8a:80:c5:a5:
f0:56:80:46:b8:4d:09:16:d6:3e:c7:11:18:f0:e4:fa:76:df:
5d:60:9f:0e:98:da:e0:f7:4c:cd:0c:c1:ad:2e:4e:dc:27:45:
ae:b2:2c:2b:ae:d1:eb:1c:4e:b3:72:88:52:50:0f:a3:84:13:
50:75:11:79:5b:35:ba:d7:cc:ff:ab:a9:5c:6c:87:71:61:36:
4a:bb:52:02:0a:8c:db:fb:58:ae:58:99:ec:e0:b3:74:39:54:
26:ae:69:99:62:30:97:fc:84:29:88:f1:5f:e7:59:f5:e4:c6:
a7:80:d2:43:16:da:d6:64:d2:14:ac:82:96:b5:50:2e:a1:33:
f1:cb:05:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsf0tLtcyGr92riFKTsj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTJmOTA1M2E3NzM5NDEyNmExYTc2MmVhOGVmNjI0ZDIzMzdlODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuInVAY8duG+abEf2uaxqR95z1MZW
w8gU8WCqyqSZxvzCXt79cmL+h10ReSdiCWehGMofpp9sd3E9jtVxnnJAZF1huSG5
I5l0/N8wppJhIxpZrr/HuBpkvv8bbe+EDuYf+0+UEhxfCKTEsc6hKkkc/TES9UvC
oq3TG+6aTFFUsanN0a6luhtdLnA+Uv8khxElZ80HEMMbmprcVDFe2x1JHj5BzdRO
BSMs15N091L7GHFm2HRWjNmO7LwxmfOZyTewWUNaodqYp7FG0dDpnTO2Qdi8wncE
ynWhz0EpCE108OBiwKGI8zVSV22fQMgovd2kDkWGpgT4fqamLuuyPSfZoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMUvkFOnc5QSahp2LqjvYk0jN+gGMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEveFMtUVU2ZHpsQkpxR25ZdXFPOWlUU00zNkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1HTiAwQC
1HTsMA0GCSqGSIb3DQEBCwUAA4IBAQDZsh899lLujZ5E2V93fyTUjVHiz0+WWx0f
8iWPhtfeEK81e5xlBy8rk2my18UJ2qjePVURckhvC0mMvtZry7cXQvJx2uCdPark
FroCobo9RJU7flXhrwHEnWZUeopFuZLot6Nl4TMN3HdvxWDARWZ303ecOU1pfTcc
CYqAxaXwVoBGuE0JFtY+xxEY8OT6dt9dYJ8OmNrg90zNDMGtLk7cJ0WusiwrrtHr
HE6zcohSUA+jhBNQdRF5WzW618z/q6lcbIdxYTZKu1ICCozb+1iuWJns4LN0OVQm
rmmZYjCX/IQpiPFf51n15MangNJDFtrWZNIUrIKWtVAuoTPxywVg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:56 2025 by rpki-client