Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/b2vNJtlX8jW2ceszaDjURa1mXtE.roa
File: b2vNJtlX8jW2ceszaDjURa1mXtE.roa (raw, json)
Hash identifier: yYSibRWg4iBZAmrf9mPGjTcLGx+lCpqjw1gQCwJpr/g=
Subject key identifier: 6F:6B:CD:26:D9:57:F2:35:B6:71:EB:33:68:38:D4:45:AD:66:5E:D1
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 01856DC1D7B88155866EB596052EDE96A6EE
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/b2vNJtlX8jW2ceszaDjURa1mXtE.roa
Signing time: Sun 01 Jan 2023 14:34:58 +0000
ROA not before: Sun 01 Jan 2023 14:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208102
IP address blocks: 212.22.66.0/24 maxlen: 24
212.22.85.0/24 maxlen: 24
212.22.93.0/24 maxlen: 24
212.22.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:d7:b8:81:55:86:6e:b5:96:05:2e:de:96:a6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 14:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f6bcd26d957f235b671eb336838d445ad665ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:59:17:f2:76:9f:a1:6a:f5:36:1f:fd:cd:cf:
cd:28:05:b2:f1:82:ab:6e:c7:08:80:85:e3:3c:23:
c1:e6:d4:c4:5a:1d:63:61:14:29:01:f3:ee:59:75:
f8:c0:51:aa:4e:bc:8f:07:a4:38:a6:8b:df:12:d6:
1f:4c:32:15:a0:3f:11:40:7c:5b:88:ed:02:f8:4c:
fc:f4:2d:62:af:49:b1:90:a2:23:99:4c:f2:e4:b7:
18:1d:a3:d7:41:12:45:03:26:e0:e1:bf:96:d6:b6:
9e:30:a8:e9:ab:55:e3:d1:c4:fc:af:62:51:72:ac:
ab:f0:fb:fb:7d:3b:e5:37:61:b2:64:1c:7e:bf:6b:
3a:07:a7:51:7b:76:8c:11:11:5e:b1:d9:63:9d:a0:
57:d8:45:f5:e6:39:4a:63:37:16:d8:29:e4:da:85:
5d:f4:4e:a7:05:44:40:11:f4:f8:ac:c8:f4:5e:16:
72:d6:78:be:e9:6d:da:66:33:96:07:a9:e6:5e:ad:
09:45:12:09:dd:0a:01:83:1d:c1:39:01:21:de:7a:
d4:24:ec:f7:4b:7b:22:9d:72:a9:fd:16:91:52:4e:
61:06:23:ed:7d:9c:5f:99:f9:5e:d4:a6:a5:01:16:
0c:4b:a8:60:db:55:3d:80:7e:dd:f8:11:d1:b9:56:
a3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:CD:26:D9:57:F2:35:B6:71:EB:33:68:38:D4:45:AD:66:5E:D1
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/b2vNJtlX8jW2ceszaDjURa1mXtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.66.0/24
212.22.85.0/24
212.22.92.0/23
Signature Algorithm: sha256WithRSAEncryption
77:a3:5f:3c:3d:bc:d6:15:fa:19:06:5d:22:c1:be:da:e4:24:
f4:99:ff:b3:b9:5c:19:24:71:f3:74:de:9f:81:b2:c1:ce:93:
6c:a3:4e:b5:3c:5d:13:3d:27:09:95:28:d2:30:b3:9b:25:af:
43:08:1b:77:af:6f:d3:24:d1:b3:da:64:23:2d:27:81:23:81:
ce:3f:e8:f8:52:20:f1:28:70:bd:b6:8d:74:dc:4b:4d:15:55:
bb:a2:20:66:a9:dd:22:48:d1:2b:23:29:47:93:e4:a2:90:60:
a7:16:fc:ae:2b:9c:76:eb:a9:25:97:ec:96:ed:88:56:e7:2a:
23:f4:de:b0:79:a6:f8:21:2e:bb:f0:06:d8:1d:ee:4d:e2:f1:
17:cd:8b:35:88:1e:a1:2c:18:5c:e5:aa:ce:a1:f6:e0:1f:3c:
2e:31:a8:03:a3:c9:67:89:56:ed:10:26:da:bd:3f:7b:d2:be:
a4:5e:14:e9:0c:ac:1c:e9:e4:ad:e1:95:46:9a:5b:c6:90:a4:
a2:c1:1c:be:db:e2:f2:38:7f:4c:96:e7:35:27:61:99:90:63:
48:59:1d:4b:ac:85:3d:dd:b6:21:51:4e:89:eb:08:f5:df:8a:
5c:6d:e3:21:88:61:7a:17:aa:37:60:e5:5e:a6:ff:fe:34:60:
55:f4:63:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtwde4gVWGbrWWBS7elqbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMTAxMTQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjZiY2QyNmQ5NTdmMjM1YjY3MWViMzM2ODM4ZDQ0NWFkNjY1ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FkX8nafoWr1Nh/9zc/NKAWy8YKr
bscIgIXjPCPB5tTEWh1jYRQpAfPuWXX4wFGqTryPB6Q4povfEtYfTDIVoD8RQHxb
iO0C+Ez89C1ir0mxkKIjmUzy5LcYHaPXQRJFAybg4b+W1raeMKjpq1Xj0cT8r2JR
cqyr8Pv7fTvlN2GyZBx+v2s6B6dRe3aMERFesdljnaBX2EX15jlKYzcW2Cnk2oVd
9E6nBURAEfT4rMj0XhZy1ni+6W3aZjOWB6nmXq0JRRIJ3QoBgx3BOQEh3nrUJOz3
S3sinXKp/RaRUk5hBiPtfZxfmfle1KalARYMS6hg21U9gH7d+BHRuVajkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG9rzSbZV/I1tnHrM2g41EWtZl7RMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvYjJ2Tkp0bFg4alcyY2VzemFEalVSYTFtWHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1BZCAwQA
1BZVAwQB1BZcMA0GCSqGSIb3DQEBCwUAA4IBAQB3o188PbzWFfoZBl0iwb7a5CT0
mf+zuVwZJHHzdN6fgbLBzpNso061PF0TPScJlSjSMLObJa9DCBt3r2/TJNGz2mQj
LSeBI4HOP+j4UiDxKHC9to103EtNFVW7oiBmqd0iSNErIylHk+SikGCnFvyuK5x2
66kll+yW7YhW5yoj9N6weab4IS678AbYHe5N4vEXzYs1iB6hLBhc5arOofbgHzwu
MagDo8lniVbtECbavT970r6kXhTpDKwc6eSt4ZVGmlvGkKSiwRy+2+LyOH9Mluc1
J2GZkGNIWR1LrIU93bYhUU6J6wj134pcbeMhiGF6F6o3YOVepv/+NGBV9GMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:30 2024 by rpki-client on console-ams.rpki-client.org