Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1-Lzs0RwgNQB-5KtvA8lGYQ8R8OA.roa
File: 1-Lzs0RwgNQB-5KtvA8lGYQ8R8OA.roa (raw, json)
Hash identifier: KPYJPBdutvzgs5u31neauaYjKvt7JXK49sxS6KoEbUs=
Subject key identifier: F8:BC:EC:D1:1C:20:35:00:7E:E4:AB:6F:03:C9:46:61:0F:11:F0:E0
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38C2DDDC2AB607CA57901E8C38635B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1-Lzs0RwgNQB-5KtvA8lGYQ8R8OA.roa
Signing time: Sun 01 Jan 2023 16:44:51 +0000
ROA not before: Sun 01 Jan 2023 16:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 212.111.220.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c2:dd:dc:2a:b6:07:ca:57:90:1e:8c:38:63:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8bcecd11c2035007ee4ab6f03c946610f11f0e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:d3:14:a5:f1:b0:78:f0:a2:74:f4:8c:3f:
bc:1d:20:38:a7:3e:e0:52:63:0c:22:e0:b5:a4:4a:
26:72:25:59:ab:e4:fc:0d:21:d5:32:67:34:48:e4:
7d:8e:d5:5c:d1:af:08:7b:f1:5c:2a:b3:41:09:5f:
c8:64:25:c3:e7:01:0f:97:ed:d9:93:3a:8f:c7:05:
30:4d:e7:a8:50:84:1d:c3:02:05:ce:7d:d4:15:01:
2f:fc:2a:3a:5e:a1:26:79:ce:6b:98:15:1c:1f:c7:
b5:6e:26:ee:24:33:25:cf:e2:c1:1e:65:fb:12:60:
5f:ee:98:dc:d3:d0:9a:77:7c:a9:4b:ae:17:0e:fe:
a7:af:b5:99:42:09:c3:6f:d3:88:3c:12:fa:39:57:
6e:7c:4c:aa:52:9a:93:f0:06:34:48:81:9a:51:e2:
fe:8b:75:f3:97:5b:98:f8:49:25:1b:b7:6a:e0:dc:
f8:15:bd:ed:6b:50:5f:ac:90:41:34:41:d9:b2:fd:
cb:10:99:8a:00:08:91:1f:26:bb:69:e9:1a:f7:dc:
eb:9a:12:cb:87:1d:08:f5:75:a5:04:be:55:f1:22:
b0:76:c9:94:45:f8:a0:2c:40:58:10:e4:50:4b:f6:
8a:2e:fc:2c:21:dd:c1:bb:84:36:1f:b0:be:a4:57:
75:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BC:EC:D1:1C:20:35:00:7E:E4:AB:6F:03:C9:46:61:0F:11:F0:E0
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/1-Lzs0RwgNQB-5KtvA8lGYQ8R8OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
80:e1:22:95:11:0b:12:3f:ef:10:a2:3b:41:a8:07:dc:06:2a:
ba:36:90:5e:fd:96:2b:ad:3a:76:db:21:79:0f:a3:c3:58:c9:
74:fe:8f:05:76:f4:cc:03:5b:17:04:48:a1:a2:91:b7:bf:5c:
15:75:5b:ed:1b:03:45:ed:ac:fa:a0:6d:92:fd:4c:12:21:69:
65:22:f2:ef:dd:d1:f4:53:d2:ec:39:d0:0b:f5:e9:06:a5:b8:
a2:71:c4:22:3c:a9:ee:29:a2:a6:20:a2:10:f0:fb:98:a3:9f:
5d:33:71:4e:e9:a0:67:fa:bc:52:4b:e5:6f:e6:3d:16:38:13:
98:d5:67:bb:ce:42:1e:a7:f3:c0:2f:9a:49:ed:b0:68:f4:98:
b5:98:61:e5:0a:38:f9:39:28:33:57:a8:c3:75:d8:0d:a5:f6:
bf:16:10:e1:18:dc:58:7d:b6:1e:c6:15:f7:f2:78:e4:dc:90:
15:9e:0a:e4:8d:91:e5:c3:df:e9:95:d9:0d:97:56:5f:12:cc:
17:a1:d6:38:84:ce:6b:97:c4:3a:ee:ac:f9:59:f6:a7:41:c5:
cc:28:e9:2c:16:5e:34:a1:1e:a4:dd:c7:8a:a0:5e:66:b3:25:
1e:81:8c:e5:63:8f:17:e1:35:3b:b8:09:c9:6d:3c:4d:f6:82:
a2:0d:cc:39
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuOMLd3Cq2B8pXkB6MOGNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJjZWNkMTFjMjAzNTAwN2VlNGFiNmYwM2M5NDY2MTBmMTFmMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+rTFKXxsHjwonT0jD+8HSA4pz7g
UmMMIuC1pEomciVZq+T8DSHVMmc0SOR9jtVc0a8Ie/FcKrNBCV/IZCXD5wEPl+3Z
kzqPxwUwTeeoUIQdwwIFzn3UFQEv/Co6XqEmec5rmBUcH8e1bibuJDMlz+LBHmX7
EmBf7pjc09Cad3ypS64XDv6nr7WZQgnDb9OIPBL6OVdufEyqUpqT8AY0SIGaUeL+
i3Xzl1uY+EklG7dq4Nz4Fb3ta1BfrJBBNEHZsv3LEJmKAAiRHya7aeka99zrmhLL
hx0I9XWlBL5V8SKwdsmURfigLEBYEORQS/aKLvwsId3Bu4Q2H7C+pFd1kQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPi87NEcIDUAfuSrbwPJRmEPEfDgMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvMS1MenMwUndnTlFCLTVLdHZBOGxHWVE4UjhPQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2Mz
NC8xL0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtRv3DAN
BgkqhkiG9w0BAQsFAAOCAQEAgOEilRELEj/vEKI7QagH3AYqujaQXv2WK606dtsh
eQ+jw1jJdP6PBXb0zANbFwRIoaKRt79cFXVb7RsDRe2s+qBtkv1MEiFpZSLy793R
9FPS7DnQC/XpBqW4onHEIjyp7imipiCiEPD7mKOfXTNxTumgZ/q8Ukvlb+Y9FjgT
mNVnu85CHqfzwC+aSe2waPSYtZhh5Qo4+TkoM1eow3XYDaX2vxYQ4RjcWH22HsYV
9/J45NyQFZ4K5I2R5cPf6ZXZDZdWXxLMF6HWOITOa5fEOu6s+Vn2p0HFzCjpLBZe
NKEepN3HiqBeZrMlHoGM5WOPF+E1O7gJyW08TfaCog3MOQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:44 2024 by rpki-client on console-fra.rpki-client.org