Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/bzVCQkv5jQFss7xbcR_D3DiiNIk.roa
File: bzVCQkv5jQFss7xbcR_D3DiiNIk.roa (raw, json)
Hash identifier: 6ZmGjNWFLIKaae2NKjS2+sXCH89vdLlYGRbPwgnC8YQ=
Subject key identifier: 6F:35:42:42:4B:F9:8D:01:6C:B3:BC:5B:71:1F:C3:DC:38:A2:34:89
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 018ED1F4382BBC8FBDB63DE4A836B483630D
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/bzVCQkv5jQFss7xbcR_D3DiiNIk.roa
Signing time: Fri 12 Apr 2024 10:57:07 +0000
ROA not before: Fri 12 Apr 2024 10:57:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34882
IP address blocks: 212.22.68.0/24 maxlen: 24
212.22.76.0/24 maxlen: 24
212.22.80.0/24 maxlen: 24
212.22.82.0/24 maxlen: 24
212.22.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 10:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:f4:38:2b:bc:8f:bd:b6:3d:e4:a8:36:b4:83:63:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Apr 12 10:57:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f3542424bf98d016cb3bc5b711fc3dc38a23489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7c:11:3a:29:d0:4a:52:cf:b5:8c:9e:08:54:
57:77:f2:30:88:cb:cd:da:55:94:75:fd:9c:da:d7:
28:89:2f:a4:e3:06:7d:bc:f5:41:77:c1:d8:dd:5c:
3b:cf:7c:7b:d1:a1:8c:9b:7d:ff:ae:e5:78:00:22:
a6:cf:18:5c:69:b3:a2:bb:a7:7b:60:69:f3:0c:6d:
52:7a:6a:3d:72:ed:2d:80:35:23:f6:50:26:03:85:
17:ed:66:e2:1a:0d:92:d3:36:c0:45:7e:f7:9e:9c:
ab:67:b1:72:7c:4f:4a:a2:38:cb:25:43:77:f0:2d:
e8:b6:d8:0a:1d:58:19:79:6d:9d:67:6b:b0:a8:3a:
6c:0d:d0:e3:42:9c:74:bc:97:d4:86:a3:a6:ff:fe:
58:27:95:d8:f0:6c:fe:b7:4e:6b:7d:89:98:ea:c8:
0a:12:ed:a9:b5:3c:e7:21:65:c4:59:3d:b2:4b:56:
3a:32:23:d9:f4:ec:fe:0b:f9:b3:8f:fe:c3:9b:b5:
c3:59:b0:90:34:01:d7:3a:07:81:0c:bc:54:86:cb:
39:82:e8:ba:50:73:40:7f:6c:e8:a6:d3:14:c9:46:
1f:d5:aa:31:31:53:a6:04:56:2e:b2:43:a7:12:1b:
88:7e:e9:6a:f4:b3:6e:4a:64:30:10:9f:52:c3:ad:
85:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:35:42:42:4B:F9:8D:01:6C:B3:BC:5B:71:1F:C3:DC:38:A2:34:89
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/bzVCQkv5jQFss7xbcR_D3DiiNIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.68.0/24
212.22.76.0/24
212.22.80.0/24
212.22.82.0/24
212.22.86.0/24
Signature Algorithm: sha256WithRSAEncryption
02:93:ce:54:a0:ab:25:6a:31:60:5d:52:00:8f:f3:9b:b6:97:
9d:5c:c4:c5:e8:f8:8d:9f:33:aa:02:58:27:e3:28:06:22:2b:
6e:16:a2:69:13:ca:4d:86:dc:6f:c1:eb:f5:80:c8:0f:1e:dd:
74:ea:22:4f:e2:51:c0:15:24:36:d4:ad:57:d6:69:01:84:e2:
7b:0d:df:15:a9:52:8f:a9:47:2e:89:50:94:ec:2f:41:60:95:
e0:b2:1d:b8:ee:5d:2e:5d:bf:db:d7:20:ee:0e:16:6f:7e:ab:
01:87:ab:66:38:52:5e:2a:66:3d:b8:62:c1:af:5b:58:2b:ed:
b8:16:b5:4d:d9:be:f5:6f:cd:6b:8b:06:eb:1c:5c:da:b2:f4:
24:23:07:c5:4d:57:ed:42:52:d9:ed:bd:a1:15:47:d1:6a:7c:
2c:24:a7:6d:b6:45:67:bf:54:a5:53:db:ee:d3:e6:ec:ba:a9:
42:f0:75:96:56:99:82:21:7b:15:b4:3d:18:2c:4c:7c:7b:3e:
41:ac:0f:14:71:38:7a:45:b4:ea:10:35:86:ef:3c:54:4c:04:
0f:28:5f:4a:57:9d:af:c4:f9:ef:f2:ae:b9:0b:55:10:30:18:
0b:e4:6a:97:fe:b5:54:de:45:49:0e:f2:cf:60:4c:a4:e5:c3:
df:a6:e9:86
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7R9DgrvI+9tj3kqDa0g2MNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwNDEyMTA1NzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM1NDI0MjRiZjk4ZDAxNmNiM2JjNWI3MTFmYzNkYzM4YTIzNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHwROinQSlLPtYyeCFRXd/IwiMvN
2lWUdf2c2tcoiS+k4wZ9vPVBd8HY3Vw7z3x70aGMm33/ruV4ACKmzxhcabOiu6d7
YGnzDG1Semo9cu0tgDUj9lAmA4UX7WbiGg2S0zbARX73npyrZ7FyfE9KojjLJUN3
8C3ottgKHVgZeW2dZ2uwqDpsDdDjQpx0vJfUhqOm//5YJ5XY8Gz+t05rfYmY6sgK
Eu2ptTznIWXEWT2yS1Y6MiPZ9Oz+C/mzj/7Dm7XDWbCQNAHXOgeBDLxUhss5gui6
UHNAf2zoptMUyUYf1aoxMVOmBFYuskOnEhuIfulq9LNuSmQwEJ9Sw62FywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG81QkJL+Y0BbLO8W3Efw9w4ojSJMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvYnpWQ1FrdjVqUUZzczd4YmNSX0QzRGlpTklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA1BZEAwQA
1BZMAwQA1BZQAwQA1BZSAwQA1BZWMA0GCSqGSIb3DQEBCwUAA4IBAQACk85UoKsl
ajFgXVIAj/ObtpedXMTF6PiNnzOqAlgn4ygGIituFqJpE8pNhtxvwev1gMgPHt10
6iJP4lHAFSQ21K1X1mkBhOJ7Dd8VqVKPqUcuiVCU7C9BYJXgsh247l0uXb/b1yDu
DhZvfqsBh6tmOFJeKmY9uGLBr1tYK+24FrVN2b71b81riwbrHFzasvQkIwfFTVft
QlLZ7b2hFUfRanwsJKdttkVnv1SlU9vu0+bsuqlC8HWWVpmCIXsVtD0YLEx8ez5B
rA8UcTh6RbTqEDWG7zxUTAQPKF9KV52vxPnv8q65C1UQMBgL5GqX/rVU3kVJDvLP
YEyk5cPfpumG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:35 2024 by rpki-client on console-fra.rpki-client.org