Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/cdUphfEbixVK2cUi0m_twmE9xf8.roa
File: cdUphfEbixVK2cUi0m_twmE9xf8.roa (raw, json)
Hash identifier: lrhLkXufpa8h6LEoAZbMcbF7NwNGAxtShEkOBQnmi14=
Subject key identifier: 71:D5:29:85:F1:1B:8B:15:4A:D9:C5:22:D2:6F:ED:C2:61:3D:C5:FF
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38CF0271D3732305288CC5C0BD2706
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/cdUphfEbixVK2cUi0m_twmE9xf8.roa
Signing time: Sun 01 Jan 2023 16:44:54 +0000
ROA not before: Sun 01 Jan 2023 16:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204879
IP address blocks: 212.111.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:cf:02:71:d3:73:23:05:28:8c:c5:c0:bd:27:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71d52985f11b8b154ad9c522d26fedc2613dc5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:74:af:f3:41:94:0f:90:e3:7c:04:aa:93:b7:
c3:fd:25:c8:b5:29:94:c3:e0:bb:11:20:b1:a0:55:
91:dd:17:99:4d:75:bf:61:09:ba:59:1c:1b:5d:74:
d2:77:46:23:92:1a:d6:37:0b:33:56:6c:ee:0e:76:
5e:59:bf:0b:0e:1a:e4:5e:96:0b:cd:ee:7b:be:51:
ef:8d:0e:fb:7b:a4:f2:b0:00:61:27:8a:b5:22:f0:
83:ac:40:fe:5e:6c:74:73:6f:05:be:aa:45:85:1f:
c5:0b:85:d1:db:4f:9c:80:25:d5:4b:0a:a2:03:0d:
95:a9:20:6a:92:ec:34:dc:3c:18:06:66:e5:a0:28:
30:1a:58:da:69:19:50:d0:41:a3:c6:b4:42:7d:39:
70:0f:a2:29:ab:23:ba:7e:96:3f:1d:73:c5:4c:a0:
d2:b5:2c:8a:ee:22:49:03:1d:e4:4c:ab:43:a0:9b:
07:e0:6e:c4:30:05:94:43:bf:3a:a3:98:9e:f0:7d:
1c:9e:6d:22:5a:fe:e0:a7:17:fe:44:54:ee:3d:f2:
04:5e:14:db:3b:eb:50:da:74:f1:16:6f:f0:8c:60:
87:ba:6f:a5:35:f5:39:a6:82:9a:2c:16:7a:55:c6:
a5:96:82:97:ed:4a:67:70:75:31:9f:3b:98:a7:95:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D5:29:85:F1:1B:8B:15:4A:D9:C5:22:D2:6F:ED:C2:61:3D:C5:FF
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/cdUphfEbixVK2cUi0m_twmE9xf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.209.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d0:bb:08:f4:f3:0b:80:a7:b9:b9:50:83:7e:2c:ae:96:24:
22:40:31:18:78:fb:6f:9e:ef:1a:fa:86:e1:da:ba:2e:97:41:
dc:00:10:d5:eb:4a:b1:6b:83:d4:6a:19:ab:93:ab:a1:e8:d3:
0d:af:53:d2:d7:46:7f:9d:ec:f7:04:52:d7:10:da:01:8d:21:
16:76:c2:7a:c8:b8:ae:c5:58:19:d4:ba:3c:36:57:81:9d:b4:
21:37:cb:15:41:04:cf:0b:16:24:14:f6:da:37:54:5a:71:a9:
d5:81:b0:2b:b6:17:dd:09:a7:54:5e:a9:9e:05:07:67:22:b9:
06:49:19:b3:b8:1a:c5:fd:69:3f:c6:8b:69:06:dc:1e:63:5f:
16:01:f5:a2:a3:c3:1c:ee:fa:63:7b:dc:c1:61:d1:43:9b:81:
ca:db:a6:c4:4a:1c:c4:5b:e9:ad:9d:ed:18:67:f4:c0:61:0f:
55:44:03:fb:78:93:63:09:e6:b9:4b:1a:bf:4c:25:d0:cc:e8:
62:c2:d3:1d:89:e0:96:4f:4e:e0:8c:70:33:77:d2:d9:1c:27:
f6:35:67:fc:ed:ff:a4:ab:56:2c:93:24:57:42:45:b5:aa:9c:
5e:81:f8:da:f6:df:3b:af:67:fb:0e:fb:41:6a:f5:c5:0b:7d:
7f:d0:1f:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOM8CcdNzIwUojMXAvScGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ1Mjk4NWYxMWI4YjE1NGFkOWM1MjJkMjZmZWRjMjYxM2RjNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunSv80GUD5DjfASqk7fD/SXItSmU
w+C7ESCxoFWR3ReZTXW/YQm6WRwbXXTSd0YjkhrWNwszVmzuDnZeWb8LDhrkXpYL
ze57vlHvjQ77e6TysABhJ4q1IvCDrED+Xmx0c28FvqpFhR/FC4XR20+cgCXVSwqi
Aw2VqSBqkuw03DwYBmbloCgwGljaaRlQ0EGjxrRCfTlwD6IpqyO6fpY/HXPFTKDS
tSyK7iJJAx3kTKtDoJsH4G7EMAWUQ786o5ie8H0cnm0iWv7gpxf+RFTuPfIEXhTb
O+tQ2nTxFm/wjGCHum+lNfU5poKaLBZ6VcalloKX7UpncHUxnzuYp5VTlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHVKYXxG4sVStnFItJv7cJhPcX/MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvY2RVcGhmRWJpeFZLMmNVaTBtX3R3bUU5eGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1G/RMA0G
CSqGSIb3DQEBCwUAA4IBAQBn0LsI9PMLgKe5uVCDfiyuliQiQDEYePtvnu8a+obh
2roul0HcABDV60qxa4PUahmrk6uh6NMNr1PS10Z/nez3BFLXENoBjSEWdsJ6yLiu
xVgZ1Lo8NleBnbQhN8sVQQTPCxYkFPbaN1RacanVgbArthfdCadUXqmeBQdnIrkG
SRmzuBrF/Wk/xotpBtweY18WAfWio8Mc7vpje9zBYdFDm4HK26bEShzEW+mtne0Y
Z/TAYQ9VRAP7eJNjCea5Sxq/TCXQzOhiwtMdieCWT07gjHAzd9LZHCf2NWf87f+k
q1YskyRXQkW1qpxegfja9t87r2f7DvtBavXFC31/0B9/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org