Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/nDy-bLYxCJO6jwl3pYAmpoEZrIQ.roa
File: nDy-bLYxCJO6jwl3pYAmpoEZrIQ.roa (raw, json)
Hash identifier: g0wirHRl1EGTRqT7pRAnamH/tC0WK34gHvVwFnws++Y=
Subject key identifier: 9C:3C:BE:6C:B6:31:08:93:BA:8F:09:77:A5:80:26:A6:81:19:AC:84
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB385A3D9BEA00A4B320F95839C4B8
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/nDy-bLYxCJO6jwl3pYAmpoEZrIQ.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205473
IP address blocks: 212.126.116.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.114.0/24 maxlen: 24
212.126.115.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
2a04:2dc0:1d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Aug 2024 05:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:38:5a:3d:9b:ea:00:a4:b3:20:f9:58:39:c4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c3cbe6cb6310893ba8f0977a58026a68119ac84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:1d:3c:0b:9e:a4:68:a5:e5:ef:52:bf:8e:
98:0c:e6:b6:53:07:74:e3:66:cf:2d:06:ce:1f:4c:
c8:01:00:e7:19:d2:1c:d7:66:bf:3a:ee:ed:95:6c:
5e:89:d2:14:62:01:47:6b:ea:bf:21:fc:bd:9a:f6:
d6:ff:96:3c:e6:e6:5b:f9:8a:2a:b2:5b:d2:1a:0f:
24:37:09:13:3c:0a:c4:41:d3:d6:60:e5:e2:ea:70:
f6:72:fc:d5:78:50:04:66:e8:75:1c:9e:09:25:ad:
0b:2a:fc:07:e5:ab:c0:3c:c8:0b:3f:d0:39:73:75:
1b:c7:75:5f:11:d8:d7:b0:8d:6c:6a:cf:15:17:02:
6c:a7:36:f5:fc:11:72:07:c3:0d:0b:62:f2:a2:08:
31:56:86:0e:9c:d1:b2:54:92:f6:02:3f:6c:f0:c3:
be:93:71:cc:e5:81:bf:09:36:ce:1c:f3:61:bf:bb:
79:0f:c3:5f:a1:ce:bb:0d:cd:18:b5:5d:3e:69:69:
ff:51:4d:89:ec:45:db:54:e2:8d:86:4c:87:40:8b:
b8:ba:76:0d:04:63:19:e2:63:60:f9:4a:91:b4:1b:
18:94:65:5c:07:c9:aa:a7:67:2f:d2:55:89:ae:e1:
4b:56:a4:94:bb:21:b2:d3:2d:3c:f4:bb:79:c6:e1:
72:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3C:BE:6C:B6:31:08:93:BA:8F:09:77:A5:80:26:A6:81:19:AC:84
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/nDy-bLYxCJO6jwl3pYAmpoEZrIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0-212.126.116.255
212.126.126.0/24
IPv6:
2a04:2dc0:1d::/48
Signature Algorithm: sha256WithRSAEncryption
1b:6d:4e:6d:4e:f8:d1:1f:fa:f4:b9:66:c1:0d:d4:bf:53:fd:
ad:6e:b4:d5:a2:95:d5:ea:e1:c2:0c:7e:ba:54:e6:21:35:88:
b2:7c:90:36:b1:7b:61:1f:b2:83:3d:4b:57:78:28:de:f4:ad:
2f:f4:87:b5:1b:4d:89:17:7d:71:4b:1e:52:f7:d0:fc:b1:64:
2a:6f:68:e6:f1:27:ce:37:5c:69:28:a7:fd:96:70:ab:25:07:
ac:af:0e:4e:5c:83:44:52:59:a4:3e:b2:6e:44:50:60:30:94:
0e:9a:44:39:87:ef:19:20:c6:4f:6f:c1:34:ad:0d:df:42:fe:
87:56:f4:8c:ac:b7:c7:30:7c:03:79:e2:47:fd:0b:64:78:d4:
88:b8:cc:57:a0:99:d4:a8:8c:52:57:48:ef:fc:30:41:6e:76:
24:1a:f3:24:bc:01:60:3e:61:07:b5:3e:c0:62:0c:31:21:bf:
8f:8e:73:60:41:6f:7f:c3:df:86:c7:d3:af:be:2b:dc:76:b4:
6f:c8:06:b6:56:b6:79:13:91:15:aa:47:c5:b1:e4:fc:24:06:
15:b8:79:75:67:11:99:cf:9e:e5:b5:92:f9:a9:e8:e7:54:2c:
b3:5c:ff:ac:c3:08:bf:42:91:65:e9:dd:01:d0:29:21:bc:58:
13:04:5e:e7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2zhaPZvqAKSzIPlYOcS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNjYmU2Y2I2MzEwODkzYmE4ZjA5NzdhNTgwMjZhNjgxMTlhYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2sdPAuepGil5e9Sv46YDOa2Uwd0
42bPLQbOH0zIAQDnGdIc12a/Ou7tlWxeidIUYgFHa+q/Ify9mvbW/5Y85uZb+Yoq
slvSGg8kNwkTPArEQdPWYOXi6nD2cvzVeFAEZuh1HJ4JJa0LKvwH5avAPMgLP9A5
c3Ubx3VfEdjXsI1sas8VFwJspzb1/BFyB8MNC2LyoggxVoYOnNGyVJL2Aj9s8MO+
k3HM5YG/CTbOHPNhv7t5D8Nfoc67Dc0YtV0+aWn/UU2J7EXbVOKNhkyHQIu4unYN
BGMZ4mNg+UqRtBsYlGVcB8mqp2cv0lWJruFLVqSUuyGy0y089Lt5xuFy9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJw8vmy2MQiTuo8Jd6WAJqaBGayEMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL25EeS1iTFl4Q0pPNmp3bDNwWUFtcG9FWnJJUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPgYIKwYBBQUHAQcBAf8ELzAtMBoEAgABMBQwDAMEANR+
cQMEANR+dAMEANR+fjAPBAIAAjAJAwcAKgQtwAAdMA0GCSqGSIb3DQEBCwUAA4IB
AQAbbU5tTvjRH/r0uWbBDdS/U/2tbrTVopXV6uHCDH66VOYhNYiyfJA2sXthH7KD
PUtXeCje9K0v9Ie1G02JF31xSx5S99D8sWQqb2jm8SfON1xpKKf9lnCrJQesrw5O
XINEUlmkPrJuRFBgMJQOmkQ5h+8ZIMZPb8E0rQ3fQv6HVvSMrLfHMHwDeeJH/Qtk
eNSIuMxXoJnUqIxSV0jv/DBBbnYkGvMkvAFgPmEHtT7AYgwxIb+PjnNgQW9/w9+G
x9OvvivcdrRvyAa2VrZ5E5EVqkfFseT8JAYVuHl1ZxGZz57ltZL5qejnVCyzXP+s
wwi/QpFl6d0B0CkhvFgTBF7n
-----END CERTIFICATE-----
Generated at Thu Aug 22 07:36:07 2024 by rpki-client on console-ams.rpki-client.org