Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8c5787-09fa-4988-81a1-75d6be4e5c37/1/2s8Pbl5Zt2P4pi61ykgNzCEUg7Y.roa
File: 2s8Pbl5Zt2P4pi61ykgNzCEUg7Y.roa (raw, json)
Hash identifier: qlrXwArZmvn9oy2pA19cOo+14UzQ5qEBjBPfMt28srQ=
Subject key identifier: DA:CF:0F:6E:5E:59:B7:63:F8:A6:2E:B5:CA:48:0D:CC:21:14:83:B6
Certificate issuer: /CN=66491883cb4c50122fdb2754b6252fdd6fc9d51f
Certificate serial: 018CC5DCB8FA57F7EEBC2BDD0420A6381610
Authority key identifier: 66:49:18:83:CB:4C:50:12:2F:DB:27:54:B6:25:2F:DD:6F:C9:D5:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkkYg8tMUBIv2ydUtiUv3W_J1R8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8c5787-09fa-4988-81a1-75d6be4e5c37/1/2s8Pbl5Zt2P4pi61ykgNzCEUg7Y.roa
Signing time: Mon 01 Jan 2024 16:30:25 +0000
ROA not before: Mon 01 Jan 2024 16:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25244
IP address blocks: 212.126.240.0/21 maxlen: 21
212.126.248.0/21 maxlen: 21
212.126.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b8:fa:57:f7:ee:bc:2b:dd:04:20:a6:38:16:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66491883cb4c50122fdb2754b6252fdd6fc9d51f
Validity
Not Before: Jan 1 16:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dacf0f6e5e59b763f8a62eb5ca480dcc211483b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:85:08:b4:c4:ea:a5:7b:04:60:bf:1f:99:63:
37:ee:d6:a2:d6:e8:08:0d:6b:4b:31:d5:bd:06:58:
79:17:2d:4f:fa:62:38:63:57:4f:3c:25:b2:60:e9:
1f:11:1f:7f:7d:81:3f:83:c0:0a:a2:29:c7:e5:8e:
ab:82:cd:96:b1:d4:75:a3:8f:fd:00:bc:de:a7:31:
5f:92:73:d0:62:0a:bb:29:27:77:06:35:2e:2c:f2:
0b:13:d9:60:b2:62:12:36:fb:51:76:ca:43:cc:1a:
85:cf:fa:c3:61:64:d8:ca:0a:41:41:d7:c8:18:5f:
8a:9a:a2:0a:41:d9:35:74:e8:09:78:90:99:17:c9:
b8:4a:2a:54:47:65:5f:3c:38:91:0c:e5:f3:91:2b:
93:dd:4e:5e:e3:04:d6:b4:4a:a9:39:1f:8a:ef:fc:
39:36:88:e0:0f:a4:15:c4:3e:8b:0c:b9:b3:5c:93:
45:b4:83:88:64:b1:e5:b4:e6:79:6e:c5:ef:28:9b:
57:e2:65:99:c0:37:cd:98:8c:7f:d2:71:eb:6a:c0:
13:8e:05:00:3d:57:3f:84:46:ce:e6:cf:67:db:f8:
9a:49:85:e1:02:7c:91:2a:82:a1:03:5f:c3:5d:10:
4b:fc:76:b6:4c:5b:ab:f2:2b:ce:b5:ad:d1:40:d9:
39:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CF:0F:6E:5E:59:B7:63:F8:A6:2E:B5:CA:48:0D:CC:21:14:83:B6
X509v3 Authority Key Identifier:
keyid:66:49:18:83:CB:4C:50:12:2F:DB:27:54:B6:25:2F:DD:6F:C9:D5:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkkYg8tMUBIv2ydUtiUv3W_J1R8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8c5787-09fa-4988-81a1-75d6be4e5c37/1/2s8Pbl5Zt2P4pi61ykgNzCEUg7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8c5787-09fa-4988-81a1-75d6be4e5c37/1/ZkkYg8tMUBIv2ydUtiUv3W_J1R8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.224.0/19
Signature Algorithm: sha256WithRSAEncryption
83:db:f4:8e:50:5f:33:ac:fa:8c:78:e1:45:73:ff:02:a8:c0:
ff:0e:d2:bd:3a:b3:66:c4:6a:44:b0:a5:e3:85:9e:54:af:6b:
ad:0b:6c:b4:e6:cb:7a:49:7b:3b:50:17:04:2a:39:ae:da:67:
70:cb:d1:20:55:4c:82:85:22:65:05:7b:a2:f2:05:63:e3:4e:
33:9f:e0:dc:55:2f:df:86:f6:4c:ea:e7:ce:60:f8:5e:aa:72:
a3:72:41:c3:b9:2a:e0:dd:53:31:59:7a:c7:06:56:10:24:bf:
cf:15:ca:52:07:e1:83:67:02:f4:49:bf:5c:50:2d:08:e3:f8:
33:f4:eb:17:8b:7d:a4:dc:0d:ff:53:c3:8b:b3:05:b3:d0:ad:
e1:d5:55:dd:e2:e1:36:3a:9a:0a:90:28:da:3d:dd:2d:11:92:
ff:da:7d:4b:f2:87:0b:de:55:8f:14:b6:44:1f:4d:f0:7e:e9:
bb:8f:b9:c4:67:58:14:5d:52:76:51:90:16:17:09:d4:0d:58:
b9:d4:b9:f1:3f:8d:fa:3f:b5:ab:3d:52:bf:c4:0f:44:6c:ff:
49:2e:a5:64:1b:25:d6:62:10:3e:dc:a8:9a:fe:09:9a:7e:25:
03:81:32:95:5c:e0:9d:d3:ea:ed:e0:6a:89:a6:e1:9c:e2:f6:
1e:9f:e9:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Lj6V/fuvCvdBCCmOBYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDkxODgzY2I0YzUwMTIyZmRiMjc1NGI2MjUyZmRkNmZj
OWQ1MWYwHhcNMjQwMTAxMTYzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNmMGY2ZTVlNTliNzYzZjhhNjJlYjVjYTQ4MGRjYzIxMTQ4M2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4UItMTqpXsEYL8fmWM37tai1ugI
DWtLMdW9Blh5Fy1P+mI4Y1dPPCWyYOkfER9/fYE/g8AKoinH5Y6rgs2WsdR1o4/9
ALzepzFfknPQYgq7KSd3BjUuLPILE9lgsmISNvtRdspDzBqFz/rDYWTYygpBQdfI
GF+KmqIKQdk1dOgJeJCZF8m4SipUR2VfPDiRDOXzkSuT3U5e4wTWtEqpOR+K7/w5
NojgD6QVxD6LDLmzXJNFtIOIZLHltOZ5bsXvKJtX4mWZwDfNmIx/0nHrasATjgUA
PVc/hEbO5s9n2/iaSYXhAnyRKoKhA1/DXRBL/Ha2TFur8ivOta3RQNk5PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrPD25eWbdj+KYutcpIDcwhFIO2MB8GA1UdIwQY
MBaAFGZJGIPLTFASL9snVLYlL91vydUfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtrWWc4dE1VQkl2MnlkVXRpVXYzV19KMVI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84YzU3ODctMDlmYS00OTg4LTgxYTEt
NzVkNmJlNGU1YzM3LzEvMnM4UGJsNVp0MlA0cGk2MXlrZ056Q0VVZzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84YzU3ODctMDlmYS00OTg4LTgxYTEtNzVkNmJlNGU1YzM3
LzEvWmtrWWc4dE1VQkl2MnlkVXRpVXYzV19KMVI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H7gMA0G
CSqGSIb3DQEBCwUAA4IBAQCD2/SOUF8zrPqMeOFFc/8CqMD/DtK9OrNmxGpEsKXj
hZ5Ur2utC2y05st6SXs7UBcEKjmu2mdwy9EgVUyChSJlBXui8gVj404zn+DcVS/f
hvZM6ufOYPheqnKjckHDuSrg3VMxWXrHBlYQJL/PFcpSB+GDZwL0Sb9cUC0I4/gz
9OsXi32k3A3/U8OLswWz0K3h1VXd4uE2OpoKkCjaPd0tEZL/2n1L8ocL3lWPFLZE
H03wfum7j7nEZ1gUXVJ2UZAWFwnUDVi51LnxP436P7WrPVK/xA9EbP9JLqVkGyXW
YhA+3Kia/gmafiUDgTKVXOCd0+rt4GqJpuGc4vYen+kO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:54 2025 by rpki-client