Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/269f66-0fc1-4658-b367-9c30f656fd5b/1/CNdZ2j05lQFE4YhboIvxgdbTBkk.roa
File: CNdZ2j05lQFE4YhboIvxgdbTBkk.roa (raw, json)
Hash identifier: kCMLy2/OUEY+EzUEqarok1alAAO+N7bGmC2yKmednWM=
Subject key identifier: 08:D7:59:DA:3D:39:95:01:44:E1:88:5B:A0:8B:F1:81:D6:D3:06:49
Certificate issuer: /CN=9df589672bc2a345dc11e9ff162500ec15dadd1d
Certificate serial: 01856C65DE1934F550469E5A995AB89B19BA
Authority key identifier: 9D:F5:89:67:2B:C2:A3:45:DC:11:E9:FF:16:25:00:EC:15:DA:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfWJZyvCo0XcEen_FiUA7BXa3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/269f66-0fc1-4658-b367-9c30f656fd5b/1/CNdZ2j05lQFE4YhboIvxgdbTBkk.roa
Signing time: Sun 01 Jan 2023 08:14:53 +0000
ROA not before: Sun 01 Jan 2023 08:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39078
IP address blocks: 212.23.220.0/24 maxlen: 24
2a12:3600::/30 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:de:19:34:f5:50:46:9e:5a:99:5a:b8:9b:19:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df589672bc2a345dc11e9ff162500ec15dadd1d
Validity
Not Before: Jan 1 08:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d759da3d39950144e1885ba08bf181d6d30649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fc:1b:06:50:03:da:b3:83:df:cb:e3:a0:86:
8f:03:d0:1e:0b:37:d2:cd:06:c4:18:05:91:c0:c1:
bd:27:82:28:9f:b8:8a:26:b4:da:e5:75:c4:ef:9e:
89:a2:18:79:32:76:95:45:81:ac:9f:85:34:f5:c1:
58:a2:61:38:38:42:e2:ab:f8:cc:1c:64:4c:63:0b:
24:c3:f7:b1:96:be:43:33:c8:14:ef:e9:75:5b:3a:
be:30:65:4f:ba:fd:b0:bd:22:76:fd:0f:8d:d0:0c:
8d:14:18:00:00:da:ac:84:51:fe:12:31:11:17:67:
f9:e6:fa:68:62:a8:20:56:3d:74:d0:40:dc:78:65:
9d:d7:27:40:b7:f0:04:25:42:43:a7:12:a0:9c:4c:
fd:1a:5b:de:56:ef:d2:85:91:72:2e:6d:90:80:62:
83:1c:74:12:17:39:c3:75:a9:09:3b:d9:0c:61:8b:
ad:73:d4:fa:72:a0:9e:6e:ea:b5:de:70:71:f4:9f:
2f:64:36:e8:39:f9:8a:75:05:0e:4f:3c:1e:c9:f4:
81:ab:bf:b6:53:5e:f5:b6:d6:50:66:ae:32:85:f0:
f4:50:5f:ab:3c:02:da:7c:1c:0b:2b:46:94:f6:39:
cc:5b:84:2e:4d:a7:50:d2:fe:e7:db:70:de:7c:e3:
2a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D7:59:DA:3D:39:95:01:44:E1:88:5B:A0:8B:F1:81:D6:D3:06:49
X509v3 Authority Key Identifier:
keyid:9D:F5:89:67:2B:C2:A3:45:DC:11:E9:FF:16:25:00:EC:15:DA:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfWJZyvCo0XcEen_FiUA7BXa3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/269f66-0fc1-4658-b367-9c30f656fd5b/1/CNdZ2j05lQFE4YhboIvxgdbTBkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/269f66-0fc1-4658-b367-9c30f656fd5b/1/nfWJZyvCo0XcEen_FiUA7BXa3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.220.0/24
IPv6:
2a12:3600::/30
Signature Algorithm: sha256WithRSAEncryption
4c:c3:4e:ad:fd:70:77:c3:0e:b2:d8:f2:07:48:6a:65:fb:cd:
d5:15:c0:e1:e3:f2:ca:8a:52:62:b8:60:7e:eb:ec:67:6c:a9:
1b:cc:1a:7a:19:85:64:eb:3a:fc:09:6b:e5:64:91:6d:39:a1:
7d:56:70:2a:45:d9:70:95:17:0d:7d:10:ea:7f:ee:85:49:6f:
4c:76:1a:ce:69:ca:ea:61:cc:87:f3:35:fe:42:2d:cf:9c:ca:
8a:22:75:2d:b9:d5:93:20:90:1b:6a:d5:c3:2a:f0:75:90:40:
48:c3:95:c0:f3:30:b1:5f:f3:11:2d:b5:24:74:ce:3d:ae:e0:
86:59:34:fa:54:1e:e6:17:a6:28:b8:d7:d0:e5:5e:62:3b:3f:
99:ac:5d:03:28:01:f2:6b:7b:25:64:29:6d:59:cb:b1:f6:e6:
99:67:27:87:21:71:50:71:4a:b6:ce:5d:5d:d9:64:fe:15:e6:
ab:7c:dd:bc:9f:80:7a:af:d2:0c:09:77:ea:67:6a:de:f7:e0:
31:79:2e:c8:44:ab:4c:28:40:a9:04:06:2c:82:52:65:1c:d3:
c4:17:75:ed:69:0a:74:f0:97:a3:fd:e6:9a:76:64:94:c8:40:
cc:31:1b:61:86:81:36:65:32:58:41:f3:9d:bd:d7:b8:cf:91:
4a:bc:a0:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsZd4ZNPVQRp5amVq4mxm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjU4OTY3MmJjMmEzNDVkYzExZTlmZjE2MjUwMGVjMTVk
YWRkMWQwHhcNMjMwMTAxMDgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ3NTlkYTNkMzk5NTAxNDRlMTg4NWJhMDhiZjE4MWQ2ZDMwNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPwbBlAD2rOD38vjoIaPA9AeCzfS
zQbEGAWRwMG9J4Ion7iKJrTa5XXE756Johh5MnaVRYGsn4U09cFYomE4OELiq/jM
HGRMYwskw/exlr5DM8gU7+l1Wzq+MGVPuv2wvSJ2/Q+N0AyNFBgAANqshFH+EjER
F2f55vpoYqggVj100EDceGWd1ydAt/AEJUJDpxKgnEz9GlveVu/ShZFyLm2QgGKD
HHQSFznDdakJO9kMYYutc9T6cqCebuq13nBx9J8vZDboOfmKdQUOTzweyfSBq7+2
U171ttZQZq4yhfD0UF+rPALafBwLK0aU9jnMW4QuTadQ0v7n23DefOMq4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjXWdo9OZUBROGIW6CL8YHW0wZJMB8GA1UdIwQY
MBaAFJ31iWcrwqNF3BHp/xYlAOwV2t0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZXSlp5dkNvMFhjRWVuX0ZpVUE3QlhhM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yNjlmNjYtMGZjMS00NjU4LWIzNjct
OWMzMGY2NTZmZDViLzEvQ05kWjJqMDVsUUZFNFloYm9JdnhnZGJUQmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yNjlmNjYtMGZjMS00NjU4LWIzNjctOWMzMGY2NTZmZDVi
LzEvbmZXSlp5dkNvMFhjRWVuX0ZpVUE3QlhhM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1BfcMA0E
AgACMAcDBQIqEjYAMA0GCSqGSIb3DQEBCwUAA4IBAQBMw06t/XB3ww6y2PIHSGpl
+83VFcDh4/LKilJiuGB+6+xnbKkbzBp6GYVk6zr8CWvlZJFtOaF9VnAqRdlwlRcN
fRDqf+6FSW9MdhrOacrqYcyH8zX+Qi3PnMqKInUtudWTIJAbatXDKvB1kEBIw5XA
8zCxX/MRLbUkdM49ruCGWTT6VB7mF6YouNfQ5V5iOz+ZrF0DKAHya3slZCltWcux
9uaZZyeHIXFQcUq2zl1d2WT+FearfN28n4B6r9IMCXfqZ2re9+AxeS7IRKtMKECp
BAYsglJlHNPEF3XtaQp08Jej/eaadmSUyEDMMRthhoE2ZTJYQfOdvde4z5FKvKDN
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:12 2024 by rpki-client on console-ams.rpki-client.org