Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/_40GVUbafwQhajB63c6DmYgilMo.roa
File: _40GVUbafwQhajB63c6DmYgilMo.roa (raw, json)
Hash identifier: ONamHlLUabBWZrXAnQeOhsAZZxTCgFB2HH+7AO5xAUU=
Subject key identifier: FF:8D:06:55:46:DA:7F:04:21:6A:30:7A:DD:CE:83:99:88:22:94:CA
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 01856C4A6D66FEAA98A84A81B359053D2BDB
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/_40GVUbafwQhajB63c6DmYgilMo.roa
Signing time: Sun 01 Jan 2023 07:44:55 +0000
ROA not before: Sun 01 Jan 2023 07:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205473
IP address blocks: 212.126.116.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jan 2023 05:04:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:6d:66:fe:aa:98:a8:4a:81:b3:59:05:3d:2b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 07:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff8d065546da7f04216a307addce8399882294ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:49:c9:0c:e9:6a:f7:3c:44:36:bc:29:12:d1:
f1:50:e9:60:ed:48:b5:e6:a5:91:05:4d:9b:1d:f4:
13:58:ca:de:92:7a:cd:37:5c:fc:6f:e6:f0:b8:97:
b0:cd:22:30:6c:de:4d:f4:2c:1c:b0:37:66:b3:c9:
85:7f:7c:33:94:0e:8c:bf:4f:be:74:b0:e4:3f:44:
33:89:3f:c8:e3:3e:7f:f4:1a:8f:fd:82:f8:33:02:
16:e5:91:77:72:49:2b:23:35:d5:64:44:2f:a4:ad:
06:81:ed:05:64:79:3f:9e:3b:e6:fd:bf:d9:6e:d0:
ce:1a:a9:ef:43:19:b0:31:0e:e3:78:4e:eb:41:d0:
d5:10:1a:91:80:d3:30:8d:ad:56:86:8e:7b:2d:c0:
26:f0:3f:61:18:ff:38:32:d4:83:be:ff:bd:c5:ea:
84:27:df:70:fc:07:98:3f:c6:07:d7:f1:b0:9f:12:
7a:90:86:a8:86:ce:46:b0:0e:26:cf:bc:79:83:09:
b1:d2:41:7d:f1:4d:a8:10:94:4f:1d:b1:1a:bd:4e:
03:ba:50:29:55:11:45:2e:79:e7:2a:72:48:8d:8f:
ba:a1:8a:32:ab:a4:4b:4c:db:f2:98:55:6f:dd:9a:
7e:14:8a:ea:ae:35:3a:dc:20:dd:db:43:ad:07:26:
78:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8D:06:55:46:DA:7F:04:21:6A:30:7A:DD:CE:83:99:88:22:94:CA
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/_40GVUbafwQhajB63c6DmYgilMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.116.0/24
212.126.126.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b9:b7:1f:06:e4:95:ed:b5:80:22:c7:82:a7:cd:89:97:21:
64:7a:df:6c:db:45:9b:30:40:41:b0:bf:cf:7e:d3:03:51:03:
a0:e8:b0:ac:e4:62:ab:0b:aa:66:18:25:d1:ac:ae:92:13:10:
07:e9:a4:8a:03:10:07:4b:f1:70:28:78:8c:65:b3:0c:45:81:
c5:30:b5:5c:c5:92:99:cd:e7:59:9a:4d:af:86:bc:8b:c2:06:
7a:df:cc:f1:f3:d1:5b:f3:08:f0:ab:b8:35:d8:28:d2:75:31:
38:ac:d9:72:42:1c:3d:57:f3:a1:fb:9b:58:f0:77:e3:80:41:
b9:c1:43:58:a9:5d:6f:4b:63:bf:56:95:56:fa:e5:9b:83:31:
06:53:ab:2a:02:ce:6a:af:26:37:af:0a:db:a8:b8:97:3b:8f:
23:17:6c:fc:96:74:d9:7d:af:4e:57:c5:63:9f:1f:7d:b3:21:
ba:b3:e5:39:01:47:c2:41:13:e2:e8:5d:3e:21:87:c0:94:51:
c2:ce:85:ab:a2:c9:a3:d2:c0:c7:97:1e:62:da:7a:a5:b8:14:
68:f1:c9:a8:24:b1:fa:ad:93:1a:28:6d:87:7d:c6:8d:12:b9:
54:a4:c1:e5:38:a1:07:40:6b:8b:87:d5:ec:81:bd:f5:3f:9f:
37:7a:78:04
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsSm1m/qqYqEqBs1kFPSvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjMwMTAxMDc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjhkMDY1NTQ2ZGE3ZjA0MjE2YTMwN2FkZGNlODM5OTg4MjI5NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EnJDOlq9zxENrwpEtHxUOlg7Ui1
5qWRBU2bHfQTWMreknrNN1z8b+bwuJewzSIwbN5N9CwcsDdms8mFf3wzlA6Mv0++
dLDkP0QziT/I4z5/9BqP/YL4MwIW5ZF3ckkrIzXVZEQvpK0Gge0FZHk/njvm/b/Z
btDOGqnvQxmwMQ7jeE7rQdDVEBqRgNMwja1Who57LcAm8D9hGP84MtSDvv+9xeqE
J99w/AeYP8YH1/GwnxJ6kIaohs5GsA4mz7x5gwmx0kF98U2oEJRPHbEavU4DulAp
VRFFLnnnKnJIjY+6oYoyq6RLTNvymFVv3Zp+FIrqrjU63CDd20OtByZ4uwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP+NBlVG2n8EIWowet3Og5mIIpTKMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL180MEdWVWJhZndRaGFqQjYzYzZEbVlnaWxNby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADUfnQD
BADUfn4wDQYJKoZIhvcNAQELBQADggEBAEy5tx8G5JXttYAix4KnzYmXIWR632zb
RZswQEGwv89+0wNRA6DosKzkYqsLqmYYJdGsrpITEAfppIoDEAdL8XAoeIxlswxF
gcUwtVzFkpnN51maTa+GvIvCBnrfzPHz0VvzCPCruDXYKNJ1MTis2XJCHD1X86H7
m1jwd+OAQbnBQ1ipXW9LY79WlVb65ZuDMQZTqyoCzmqvJjevCtuouJc7jyMXbPyW
dNl9r05XxWOfH32zIbqz5TkBR8JBE+LoXT4hh8CUUcLOhauiyaPSwMeXHmLaeqW4
FGjxyagksfqtkxoobYd9xo0SuVSkweU4oQdAa4uH1eyBvfU/nzd6eAQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:58 2024 by rpki-client on console-fra.rpki-client.org