Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/3okcH6dSItYnE9DclsLLJRCf2F0.roa
File: 3okcH6dSItYnE9DclsLLJRCf2F0.roa (raw, json)
Hash identifier: K9Uah8YXP3Sjk5e9RvVckCs7WCGDHQNzGLVgAgj07Oc=
Subject key identifier: DE:89:1C:1F:A7:52:22:D6:27:13:D0:DC:96:C2:CB:25:10:9F:D8:5D
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 018CC5DCC6E47F46DDE383B421E88BDE5C03
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/3okcH6dSItYnE9DclsLLJRCf2F0.roa
Signing time: Mon 01 Jan 2024 16:30:29 +0000
ROA not before: Mon 01 Jan 2024 16:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211712
IP address blocks: 212.22.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c6:e4:7f:46:dd:e3:83:b4:21:e8:8b:de:5c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 16:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de891c1fa75222d62713d0dc96c2cb25109fd85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:86:c6:a3:57:5f:76:2b:78:8c:77:8c:d9:da:
6b:cf:c9:6c:67:b1:a5:8f:01:c3:8b:09:92:ec:3d:
4a:2a:78:9a:30:e6:2e:2d:a7:5b:81:6b:00:a4:e0:
70:17:f4:fa:97:b4:12:7e:65:8b:75:7b:70:c8:da:
de:41:fb:54:3f:df:11:7d:e3:b2:e2:7d:85:28:07:
f2:97:94:f2:60:d3:0e:b4:48:52:8a:71:63:ad:48:
97:f9:88:24:c1:30:0b:27:e3:58:44:92:a3:73:13:
9f:47:bd:ff:f0:72:a5:2d:85:69:36:b3:e6:47:9e:
23:50:c9:ce:f5:b2:d5:fb:36:64:fc:9e:14:a9:86:
92:d1:7d:75:c0:20:40:58:4f:83:3c:e5:b4:03:ab:
1c:d7:80:01:b0:7b:ca:17:71:b7:4d:9a:05:19:a9:
ca:bb:be:4f:6d:78:bd:e2:d3:fa:3c:c8:c7:59:84:
4b:12:b0:a9:20:4b:e0:c3:a1:fc:ec:a3:11:b7:c4:
9c:49:8c:75:f1:55:71:03:46:82:76:1f:56:07:45:
47:b1:82:da:ba:a5:90:7f:04:7b:c5:06:69:e3:2e:
9a:d3:f4:a1:26:e4:20:85:0c:12:9d:4c:52:d0:d9:
28:50:b1:a3:34:61:86:1e:07:37:f6:0a:f2:7e:dd:
dd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:89:1C:1F:A7:52:22:D6:27:13:D0:DC:96:C2:CB:25:10:9F:D8:5D
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/3okcH6dSItYnE9DclsLLJRCf2F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.89.0/24
Signature Algorithm: sha256WithRSAEncryption
17:31:16:a1:e3:b5:f3:4b:f4:7a:ae:91:25:19:f5:58:86:9f:
64:cd:ed:ff:a0:5c:bf:0f:81:77:c0:a6:5f:1f:60:ca:4b:c6:
cb:df:9d:6e:dd:ce:20:3a:0e:da:92:3a:a2:8e:ab:85:9c:0f:
fe:9d:87:33:47:b7:68:d2:86:1c:04:09:a4:49:39:34:7e:45:
28:ee:01:c4:72:a0:42:5d:f2:9d:a7:12:18:32:7e:6d:2d:61:
72:19:26:ed:94:19:a6:29:98:9d:30:e8:be:9b:92:c6:a5:84:
09:6e:f2:c1:0c:c5:cf:67:a1:5d:45:21:cf:31:80:c0:54:f4:
c5:25:59:38:f0:3e:67:ea:de:ae:e2:91:12:45:0b:34:ab:66:
b1:dc:ba:60:64:61:62:b7:89:90:52:bc:d9:f1:e6:e1:4b:ca:
83:e8:24:08:d0:a3:93:6a:8d:1a:9e:4a:be:e8:95:cf:56:03:
38:8e:96:1b:10:5b:cf:ec:fa:b5:30:76:d8:73:bd:5b:3b:8a:
d0:f8:7c:f6:e7:9f:50:35:0d:fe:9c:d7:fb:86:65:09:29:37:
32:87:cb:30:18:d5:bd:ff:16:33:61:25:fa:85:2b:c6:f0:c5:
25:cd:8f:a7:51:11:67:07:e4:d3:5b:48:33:1e:33:e2:1b:24:
e8:75:21:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Mbkf0bd44O0IeiL3lwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwMTAxMTYzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg5MWMxZmE3NTIyMmQ2MjcxM2QwZGM5NmMyY2IyNTEwOWZkODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IbGo1dfdit4jHeM2dprz8lsZ7Gl
jwHDiwmS7D1KKniaMOYuLadbgWsApOBwF/T6l7QSfmWLdXtwyNreQftUP98RfeOy
4n2FKAfyl5TyYNMOtEhSinFjrUiX+YgkwTALJ+NYRJKjcxOfR73/8HKlLYVpNrPm
R54jUMnO9bLV+zZk/J4UqYaS0X11wCBAWE+DPOW0A6sc14ABsHvKF3G3TZoFGanK
u75PbXi94tP6PMjHWYRLErCpIEvgw6H87KMRt8ScSYx18VVxA0aCdh9WB0VHsYLa
uqWQfwR7xQZp4y6a0/ShJuQghQwSnUxS0NkoULGjNGGGHgc39gryft3dwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6JHB+nUiLWJxPQ3JbCyyUQn9hdMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvM29rY0g2ZFNJdFluRTlEY2xzTExKUkNmMkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BZZMA0G
CSqGSIb3DQEBCwUAA4IBAQAXMRah47XzS/R6rpElGfVYhp9kze3/oFy/D4F3wKZf
H2DKS8bL351u3c4gOg7akjqijquFnA/+nYczR7do0oYcBAmkSTk0fkUo7gHEcqBC
XfKdpxIYMn5tLWFyGSbtlBmmKZidMOi+m5LGpYQJbvLBDMXPZ6FdRSHPMYDAVPTF
JVk48D5n6t6u4pESRQs0q2ax3LpgZGFit4mQUrzZ8ebhS8qD6CQI0KOTao0ankq+
6JXPVgM4jpYbEFvP7Pq1MHbYc71bO4rQ+Hz2559QNQ3+nNf7hmUJKTcyh8swGNW9
/xYzYSX6hSvG8MUlzY+nURFnB+TTW0gzHjPiGyTodSEV
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:34:04 2025 by rpki-client