Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/n2OfpHjxGe4KDN8lh4JamO5O_bM.roa
File: n2OfpHjxGe4KDN8lh4JamO5O_bM.roa (raw, json)
Hash identifier: kUhVKtNvhryzZ6Ya65wcBIDKayqO48N1wmA3QCfWqVA=
Subject key identifier: 9F:63:9F:A4:78:F1:19:EE:0A:0C:DF:25:87:82:5A:98:EE:4E:FD:B3
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38C625E101FB5CDDDB26CA7CD83633
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/n2OfpHjxGe4KDN8lh4JamO5O_bM.roa
Signing time: Sun 01 Jan 2023 16:44:52 +0000
ROA not before: Sun 01 Jan 2023 16:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 212.111.216.0/23 maxlen: 24
212.111.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Nov 2023 10:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c6:25:e1:01:fb:5c:dd:db:26:ca:7c:d8:36:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f639fa478f119ee0a0cdf2587825a98ee4efdb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a4:41:d4:db:4a:de:16:b7:e5:ed:6d:bb:2d:
9b:e0:f4:a4:4a:22:05:45:c8:21:f8:b4:a3:d3:87:
74:7b:44:d1:d2:45:1a:c5:f5:c6:4a:30:f2:94:28:
bb:be:c6:07:0e:a5:7b:72:68:2c:1d:d4:bd:6b:20:
d3:0d:92:94:fb:52:07:fb:cb:14:ca:0b:df:88:2d:
10:d6:4b:d2:16:dd:9a:87:c8:e0:b7:4c:2f:7a:6c:
08:ad:85:81:80:eb:8b:9d:89:87:db:59:c8:f0:55:
a2:ba:20:c6:5c:8a:44:cb:70:fc:0d:74:6c:7c:a2:
fb:74:8c:ef:13:7e:6c:df:10:63:32:e4:48:5c:0b:
cd:aa:5a:31:83:15:d6:78:7e:e8:0b:ee:0b:e9:38:
34:4e:de:41:a5:25:87:ff:f1:b7:c7:7a:d4:c3:dc:
20:87:87:91:e1:1f:59:82:c9:fb:81:dc:13:64:7d:
b4:8a:08:92:7d:11:a0:38:01:6d:5f:3b:0e:34:c5:
a4:93:18:d8:fb:8f:5a:e5:44:f0:a0:4b:47:b9:d6:
cf:c3:2e:4f:a5:2d:6e:fb:1a:38:9d:af:a9:a4:b8:
6a:76:a1:ca:08:94:ff:c0:bc:5b:98:36:85:a0:fa:
55:8f:d7:80:16:d7:32:77:01:1c:3c:81:ed:b2:f9:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:63:9F:A4:78:F1:19:EE:0A:0C:DF:25:87:82:5A:98:EE:4E:FD:B3
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/n2OfpHjxGe4KDN8lh4JamO5O_bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.216.0/23
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
73:ef:cf:82:65:cd:e2:16:ce:7f:cc:43:9f:0b:0f:c1:12:a7:
2b:6b:22:c7:fa:d8:80:bc:83:59:ec:df:6c:61:87:b0:52:fb:
f5:ee:03:18:44:e6:57:43:b9:a9:46:54:97:c8:b7:f5:a5:d0:
2d:03:94:8a:0d:45:7d:a0:20:89:9e:52:f6:70:31:92:a3:0b:
7b:01:79:99:28:01:9a:4a:25:21:87:51:31:8b:69:94:eb:cf:
fe:3e:9c:c8:cb:00:42:90:bf:7a:45:1c:f5:94:88:f3:9e:c5:
e0:0d:ad:57:5b:78:58:91:b5:a7:ea:95:29:20:c3:42:30:6b:
0c:69:1d:09:82:ab:15:f5:c3:7d:80:79:ae:5a:a3:de:bf:73:
ca:15:f7:f6:f5:7f:c5:09:11:f8:e5:ed:1d:b7:79:7e:45:1b:
18:00:6b:df:03:c1:97:5b:4c:9e:43:1a:a0:6d:44:90:cf:d6:
f3:f5:01:63:ec:60:86:0c:c0:b7:db:5d:ae:90:44:19:26:e0:
c8:e3:35:20:e4:6f:d8:7b:12:94:e5:5e:63:31:23:23:bc:e6:
a9:e6:ab:d0:d9:5a:b1:30:b9:87:48:2d:00:22:08:0d:e2:f2:
d5:e7:a0:59:12:7d:17:f6:a1:d8:70:a2:e1:9c:58:e1:a6:23:
a6:71:fd:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuOMYl4QH7XN3bJsp82DYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjYzOWZhNDc4ZjExOWVlMGEwY2RmMjU4NzgyNWE5OGVlNGVmZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqRB1NtK3ha35e1tuy2b4PSkSiIF
Rcgh+LSj04d0e0TR0kUaxfXGSjDylCi7vsYHDqV7cmgsHdS9ayDTDZKU+1IH+8sU
ygvfiC0Q1kvSFt2ah8jgt0wvemwIrYWBgOuLnYmH21nI8FWiuiDGXIpEy3D8DXRs
fKL7dIzvE35s3xBjMuRIXAvNqloxgxXWeH7oC+4L6Tg0Tt5BpSWH//G3x3rUw9wg
h4eR4R9Zgsn7gdwTZH20igiSfRGgOAFtXzsONMWkkxjY+49a5UTwoEtHudbPwy5P
pS1u+xo4na+ppLhqdqHKCJT/wLxbmDaFoPpVj9eAFtcydwEcPIHtsvl+BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ9jn6R48RnuCgzfJYeCWpjuTv2zMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvbjJPZnBIanhHZTRLRE44bGg0SmFtTzVPX2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1G/YAwQC
1G/cMA0GCSqGSIb3DQEBCwUAA4IBAQBz78+CZc3iFs5/zEOfCw/BEqcrayLH+tiA
vINZ7N9sYYewUvv17gMYROZXQ7mpRlSXyLf1pdAtA5SKDUV9oCCJnlL2cDGSowt7
AXmZKAGaSiUhh1Exi2mU68/+PpzIywBCkL96RRz1lIjznsXgDa1XW3hYkbWn6pUp
IMNCMGsMaR0JgqsV9cN9gHmuWqPev3PKFff29X/FCRH45e0dt3l+RRsYAGvfA8GX
W0yeQxqgbUSQz9bz9QFj7GCGDMC3212ukEQZJuDI4zUg5G/YexKU5V5jMSMjvOap
5qvQ2VqxMLmHSC0AIggN4vLV56BZEn0X9qHYcKLhnFjhpiOmcf3W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org