Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/1IyKsiVH-eoHpOR-lF6Y3hMjjoM.roa
File: 1IyKsiVH-eoHpOR-lF6Y3hMjjoM.roa (raw, json)
Hash identifier: mxRNVKUJ15bP4QzZz3c4BeziZSEjjYfT9c8QBdnpbdw=
Subject key identifier: D4:8C:8A:B2:25:47:F9:EA:07:A4:E4:7E:94:5E:98:DE:13:23:8E:83
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 018572B43E021BC44C529BE6CD6314E2F305
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/1IyKsiVH-eoHpOR-lF6Y3hMjjoM.roa
Signing time: Mon 02 Jan 2023 13:38:13 +0000
ROA not before: Mon 02 Jan 2023 13:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208284
IP address blocks: 212.70.172.0/24 maxlen: 24
212.70.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3e:02:1b:c4:4c:52:9b:e6:cd:63:14:e2:f3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 2 13:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d48c8ab22547f9ea07a4e47e945e98de13238e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:bb:db:c3:c1:84:81:42:b8:e9:04:c2:8f:
09:90:17:fc:cf:84:df:36:dc:3d:80:42:56:d9:e1:
c9:36:69:46:99:23:b3:04:65:0b:39:f6:9a:c3:d7:
ba:f3:39:2c:36:5a:b4:84:2c:6a:24:f5:c6:dd:3c:
7c:bc:78:48:2b:0a:84:16:8c:26:db:97:cc:84:28:
69:8d:99:8a:89:ec:8b:4e:d7:29:df:0b:50:45:d8:
41:2f:e8:10:52:a3:73:33:6e:f5:b2:ed:d7:c8:a3:
15:f7:8d:f6:d0:2b:27:42:82:ab:a0:35:c3:5f:c8:
03:20:0d:2e:9a:03:4c:24:4d:a9:cf:70:b8:53:6b:
eb:25:33:c2:74:6c:75:9a:cf:06:b5:c3:6a:96:ef:
8f:2f:65:ed:af:fd:a8:50:c6:ca:91:53:c0:55:b3:
a7:fd:ec:c3:de:03:51:11:d7:d3:2a:ab:1e:92:90:
05:56:a7:59:95:ac:74:cd:61:6a:f6:d6:9c:68:b1:
31:97:a0:95:b0:aa:e6:40:c4:e9:8a:75:8c:cf:f9:
13:ef:9e:7c:4e:43:63:1b:49:c2:56:66:88:bc:86:
fb:82:4d:54:f8:3c:28:b0:b1:52:38:31:b2:53:41:
02:40:a0:af:c4:be:11:48:8e:cd:f4:25:9d:a5:02:
d4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8C:8A:B2:25:47:F9:EA:07:A4:E4:7E:94:5E:98:DE:13:23:8E:83
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/1IyKsiVH-eoHpOR-lF6Y3hMjjoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.172.0/24
212.70.174.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ef:a9:0c:0d:5e:91:69:8d:07:c3:41:e6:b9:1b:fc:3f:b4:
40:cd:82:a6:6a:a7:dd:7d:04:11:41:28:4d:77:7d:84:49:67:
39:ed:59:4d:82:94:a4:24:08:f5:16:9d:25:9e:d1:97:0f:3c:
13:a1:38:a4:ff:39:22:1b:e3:39:99:78:10:5e:3d:11:99:f2:
01:4f:59:b2:e6:32:14:06:96:9f:40:01:d6:e7:8d:57:60:6f:
cb:9a:e4:70:9f:f6:44:44:db:80:e2:4b:96:22:85:ac:6e:6e:
55:4e:2c:4f:22:f3:5d:d0:84:63:9a:61:c3:4c:ad:e7:5d:c4:
18:47:ea:4e:87:39:ef:8d:d6:28:81:cb:cb:b3:0b:d9:d5:75:
7a:23:a4:d4:04:82:8e:f8:e8:53:6e:dd:83:ef:f9:4e:2b:95:
cd:af:56:da:01:ee:7b:4d:ea:19:72:25:e0:ba:09:bb:f8:e1:
01:ee:9d:e2:19:97:34:28:d2:04:36:b9:0b:ca:f1:d7:73:b9:
78:f2:54:e2:4d:3e:17:a7:c9:01:1e:07:da:59:4f:6c:b5:49:
14:d5:9d:76:d7:71:8d:da:09:59:23:9c:68:19:f0:ad:53:17:
62:f9:54:ff:b9:74:6b:7c:8a:b1:27:12:49:2b:8b:b5:ba:ad:
4d:cd:fc:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVytD4CG8RMUpvmzWMU4vMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjMwMTAyMTMzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhjOGFiMjI1NDdmOWVhMDdhNGU0N2U5NDVlOThkZTEzMjM4ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr+728PBhIFCuOkEwo8JkBf8z4Tf
Ntw9gEJW2eHJNmlGmSOzBGULOfaaw9e68zksNlq0hCxqJPXG3Tx8vHhIKwqEFowm
25fMhChpjZmKieyLTtcp3wtQRdhBL+gQUqNzM271su3XyKMV94320CsnQoKroDXD
X8gDIA0umgNMJE2pz3C4U2vrJTPCdGx1ms8GtcNqlu+PL2Xtr/2oUMbKkVPAVbOn
/ezD3gNREdfTKqsekpAFVqdZlax0zWFq9tacaLExl6CVsKrmQMTpinWMz/kT7558
TkNjG0nCVmaIvIb7gk1U+DwosLFSODGyU0ECQKCvxL4RSI7N9CWdpQLU3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNSMirIlR/nqB6TkfpRemN4TI46DMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvMUl5S3NpVkgtZW9IcE9SLWxGNlkzaE1qam9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1EasAwQA
1EauMA0GCSqGSIb3DQEBCwUAA4IBAQA176kMDV6RaY0Hw0HmuRv8P7RAzYKmaqfd
fQQRQShNd32ESWc57VlNgpSkJAj1Fp0lntGXDzwToTik/zkiG+M5mXgQXj0RmfIB
T1my5jIUBpafQAHW541XYG/LmuRwn/ZERNuA4kuWIoWsbm5VTixPIvNd0IRjmmHD
TK3nXcQYR+pOhznvjdYogcvLswvZ1XV6I6TUBIKO+OhTbt2D7/lOK5XNr1baAe57
TeoZciXgugm7+OEB7p3iGZc0KNIENrkLyvHXc7l48lTiTT4Xp8kBHgfaWU9stUkU
1Z1213GN2glZI5xoGfCtUxdi+VT/uXRrfIqxJxJJK4u1uq1Nzfzc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org