Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/M0C0iVbhR75xGGe_FG4dNjpnqVY.roa
File: M0C0iVbhR75xGGe_FG4dNjpnqVY.roa (raw, json)
Hash identifier: EzVdNpIALXrjhAt2xTRo/GI4+G/BNtF8Mf/LDA4F/hA=
Subject key identifier: 33:40:B4:89:56:E1:47:BE:71:18:67:BF:14:6E:1D:36:3A:67:A9:56
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018687EFF3EEFDB2D91C96E80CCECB13D177
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/M0C0iVbhR75xGGe_FG4dNjpnqVY.roa
Signing time: Sat 25 Feb 2023 09:38:14 +0000
ROA not before: Sat 25 Feb 2023 09:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12687
IP address blocks: 212.111.206.0/24 maxlen: 24
212.111.205.0/24 maxlen: 24
212.111.202.0/23 maxlen: 24
212.111.201.0/24 maxlen: 24
212.111.213.0/24 maxlen: 24
212.111.212.0/23 maxlen: 23
212.111.208.0/22 maxlen: 22
212.111.192.0/19 maxlen: 24
212.111.192.0/20 maxlen: 24
212.111.192.0/21 maxlen: 24
212.111.199.0/24 maxlen: 24
212.111.198.0/24 maxlen: 24
2a01:5c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:87:ef:f3:ee:fd:b2:d9:1c:96:e8:0c:ce:cb:13:d1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 25 09:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3340b48956e147be711867bf146e1d363a67a956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b5:81:c1:22:75:f0:6d:2c:a5:fe:3a:b6:d7:
c9:25:28:5d:43:f0:36:a8:e0:8b:3d:ef:eb:6d:89:
6b:26:45:59:27:fc:7a:5c:4c:8b:a2:91:ad:bd:09:
10:8b:89:18:fa:76:43:91:89:f0:74:b8:32:a5:a6:
b2:fc:31:92:21:95:cd:2d:97:67:33:19:08:d0:39:
c8:2e:c3:e6:11:1b:c9:17:6a:70:30:74:57:ea:3f:
32:e9:ba:6a:28:9c:c2:85:fd:c2:d5:57:06:b2:61:
db:38:de:03:a8:16:02:83:59:72:72:79:30:ec:0f:
3b:3b:4f:6a:51:ae:7c:9b:c0:ec:37:ee:bb:42:9b:
28:e9:4a:75:44:17:a3:78:57:a4:ce:7d:ab:c2:53:
63:f3:61:a3:63:50:0d:cf:e0:60:f2:63:11:36:be:
1d:f9:46:da:78:3c:db:3c:55:17:f7:bd:39:0e:92:
1c:8b:ad:b6:22:4b:bf:81:7f:97:52:08:3e:d0:7a:
08:a6:9a:e8:5c:33:c8:55:10:42:6e:fc:4d:b9:5c:
b5:db:e1:b7:74:a1:19:73:f6:a4:c5:64:00:53:f8:
27:eb:b0:5f:cb:f0:07:e2:17:83:77:8c:a2:28:44:
d4:0b:96:a4:a0:f7:a4:2c:65:f4:f8:8b:d3:b2:a0:
01:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:40:B4:89:56:E1:47:BE:71:18:67:BF:14:6E:1D:36:3A:67:A9:56
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/M0C0iVbhR75xGGe_FG4dNjpnqVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.192.0/19
IPv6:
2a01:5c40::/32
Signature Algorithm: sha256WithRSAEncryption
5e:1e:00:00:9a:f9:0d:80:59:a1:9a:e0:c3:da:05:d1:fa:b1:
49:78:58:a3:be:3a:08:b6:1d:4d:88:42:74:f5:81:ba:19:14:
d7:8d:e2:76:93:5c:f5:c6:94:37:50:48:4d:27:9e:38:f3:02:
1d:85:05:c1:91:a9:d1:2e:02:25:13:a7:28:ff:b9:f4:69:bc:
6d:a0:cb:0e:94:80:dc:17:60:78:ae:2c:3f:18:1b:05:87:ad:
11:76:7b:db:ee:05:b6:bf:66:b8:e6:22:35:01:81:9d:bb:ba:
8a:ad:b8:58:ec:60:b5:ad:a8:11:78:53:b3:4e:f5:bf:e1:1a:
06:2f:a7:99:b2:94:6c:6e:ac:3b:23:01:60:4b:00:1f:38:01:
1c:1b:8d:a7:aa:09:26:f9:cf:b3:b9:41:75:dd:0a:26:52:3d:
46:17:6e:a9:ed:3d:af:78:5f:f1:25:63:51:07:c5:49:56:24:
4c:1e:c9:a7:db:ee:a8:86:55:f1:39:55:16:e3:32:b0:88:66:
a0:f1:4e:f6:e6:f9:ba:f5:83:dc:92:63:1b:1a:49:5c:0e:05:
63:d1:80:26:d2:9a:91:71:35:5c:2f:23:b6:c5:e6:a2:20:d9:
95:55:cb:ff:e9:f6:a6:25:ee:be:15:2a:70:e2:08:5f:b5:1e:
26:96:1e:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaH7/Pu/bLZHJboDM7LE9F3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMjI1MDkzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQwYjQ4OTU2ZTE0N2JlNzExODY3YmYxNDZlMWQzNjNhNjdhOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7WBwSJ18G0spf46ttfJJShdQ/A2
qOCLPe/rbYlrJkVZJ/x6XEyLopGtvQkQi4kY+nZDkYnwdLgypaay/DGSIZXNLZdn
MxkI0DnILsPmERvJF2pwMHRX6j8y6bpqKJzChf3C1VcGsmHbON4DqBYCg1lycnkw
7A87O09qUa58m8DsN+67Qpso6Up1RBejeFekzn2rwlNj82GjY1ANz+Bg8mMRNr4d
+UbaeDzbPFUX9705DpIci622Iku/gX+XUgg+0HoIpproXDPIVRBCbvxNuVy12+G3
dKEZc/akxWQAU/gn67Bfy/AH4heDd4yiKETUC5akoPekLGX0+IvTsqABLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDNAtIlW4Ue+cRhnvxRuHTY6Z6lWMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvTTBDMGlWYmhSNzV4R0dlX0ZHNGROanBucVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1G/AMA0E
AgACMAcDBQAqAVxAMA0GCSqGSIb3DQEBCwUAA4IBAQBeHgAAmvkNgFmhmuDD2gXR
+rFJeFijvjoIth1NiEJ09YG6GRTXjeJ2k1z1xpQ3UEhNJ5448wIdhQXBkanRLgIl
E6co/7n0abxtoMsOlIDcF2B4riw/GBsFh60Rdnvb7gW2v2a45iI1AYGdu7qKrbhY
7GC1ragReFOzTvW/4RoGL6eZspRsbqw7IwFgSwAfOAEcG42nqgkm+c+zuUF13Qom
Uj1GF26p7T2veF/xJWNRB8VJViRMHsmn2+6ohlXxOVUW4zKwiGag8U725vm69YPc
kmMbGklcDgVj0YAm0pqRcTVcLyO2xeaiINmVVcv/6famJe6+FSpw4ghftR4mlh5J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org