Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/iKk4CFo42b1zuthQlmxWoB_5XiI.roa
File: iKk4CFo42b1zuthQlmxWoB_5XiI.roa (raw, json)
Hash identifier: 5S0uieMoVPu9lLnIEYtYLwEFol0mZntU8RbhpVDOHjs=
Subject key identifier: 88:A9:38:08:5A:38:D9:BD:73:BA:D8:50:96:6C:56:A0:1F:F9:5E:22
Certificate issuer: /CN=0a4a861d7c14b4ca5e6d1c7d60aaeeb32ea8ef61
Certificate serial: 01899CE5B421B011665ADEF8157DB4B63B3E
Authority key identifier: 0A:4A:86:1D:7C:14:B4:CA:5E:6D:1C:7D:60:AA:EE:B3:2E:A8:EF:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/iKk4CFo42b1zuthQlmxWoB_5XiI.roa
Signing time: Fri 28 Jul 2023 14:27:26 +0000
ROA not before: Fri 28 Jul 2023 14:27:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12540
IP address blocks: 212.64.160.0/19 maxlen: 19
2a0d:fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:e5:b4:21:b0:11:66:5a:de:f8:15:7d:b4:b6:3b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4a861d7c14b4ca5e6d1c7d60aaeeb32ea8ef61
Validity
Not Before: Jul 28 14:27:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a938085a38d9bd73bad850966c56a01ff95e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:92:1b:46:aa:0b:42:68:16:12:cf:0a:eb:
4a:d9:06:dd:0a:d2:01:36:b4:b9:d1:15:0c:ef:08:
fe:20:38:6d:da:a8:35:b1:47:a0:5e:d0:da:32:90:
ac:bc:cc:9a:86:2d:1c:0f:7f:46:9b:a9:d1:c8:e7:
0f:89:dc:1f:82:87:e8:d4:00:f1:2b:bc:44:d4:c6:
43:ae:7d:5a:c8:de:65:8c:43:07:57:f3:60:e4:02:
a3:86:3b:f5:cd:3f:42:6b:d0:71:66:56:5c:3b:11:
91:c8:a4:d2:a3:fa:84:b6:1b:49:0e:f5:8e:b2:2d:
e2:69:25:de:21:a8:44:83:a7:36:ee:13:90:54:07:
ec:39:b2:ca:8e:05:14:91:2f:c5:4f:c2:aa:2d:a7:
02:95:94:e8:99:98:19:46:10:83:50:59:ce:78:f1:
1d:9a:28:bf:3d:a6:59:f0:48:14:fb:2f:ea:87:74:
45:7a:b2:c5:9b:36:0a:ab:f4:e3:af:9e:74:f0:bb:
e5:81:cc:88:c0:ec:0e:92:cf:c8:0e:38:44:54:0b:
7c:4c:46:fe:b3:89:68:73:2d:0d:39:a8:ff:06:46:
af:7b:d3:d7:c5:9e:7f:cc:65:33:1d:5f:01:61:a3:
ce:c4:d3:4b:cb:c0:ea:52:01:4a:70:6a:d8:5f:ec:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A9:38:08:5A:38:D9:BD:73:BA:D8:50:96:6C:56:A0:1F:F9:5E:22
X509v3 Authority Key Identifier:
keyid:0A:4A:86:1D:7C:14:B4:CA:5E:6D:1C:7D:60:AA:EE:B3:2E:A8:EF:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/iKk4CFo42b1zuthQlmxWoB_5XiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.160.0/19
IPv6:
2a0d:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:76:ab:41:97:fe:f4:3d:4c:9c:38:6e:e0:66:7c:86:9d:b2:
39:d0:2b:f5:96:0e:fe:38:8c:f8:9f:4e:bb:05:81:1f:40:40:
ad:90:7e:c2:d3:3a:64:cb:82:02:e2:ff:53:20:c4:ed:af:2f:
92:ab:59:b0:4d:5f:7b:72:3b:57:38:85:b1:0a:05:de:1a:53:
41:ee:17:69:37:44:8b:74:b1:4b:7e:95:c4:b1:e5:b2:59:9a:
7d:d2:9b:d5:96:a3:af:b6:b2:49:f0:b1:3d:c0:80:04:0a:cb:
53:5b:54:b7:19:65:fe:20:bc:a7:55:fc:01:ad:b2:f3:ed:bb:
ba:41:64:90:8e:b1:19:73:d2:06:29:f9:1e:f9:22:6f:10:7f:
9f:d0:24:88:bc:d6:e6:60:a7:f4:8a:41:de:e8:41:c7:eb:10:
3b:c5:79:23:c5:d5:50:ea:44:75:c2:8e:a1:cd:de:02:0a:7b:
3a:5c:85:43:3d:18:14:d1:b8:5b:45:16:c3:02:7b:18:09:d8:
0b:73:95:f7:1c:b1:79:06:ec:34:1b:3d:de:14:19:ea:23:fb:
9f:76:c2:26:ec:8e:b3:97:15:2d:50:b2:d5:fc:8a:b6:c3:95:
df:91:83:82:51:0e:6e:35:8d:08:1f:c5:9d:aa:53:8c:c6:33:
6d:e1:12:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmc5bQhsBFmWt74FX20tjs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGE4NjFkN2MxNGI0Y2E1ZTZkMWM3ZDYwYWFlZWIzMmVh
OGVmNjEwHhcNMjMwNzI4MTQyNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE5MzgwODVhMzhkOWJkNzNiYWQ4NTA5NjZjNTZhMDFmZjk1ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9KSG0aqC0JoFhLPCutK2QbdCtIB
NrS50RUM7wj+IDht2qg1sUegXtDaMpCsvMyahi0cD39Gm6nRyOcPidwfgofo1ADx
K7xE1MZDrn1ayN5ljEMHV/Ng5AKjhjv1zT9Ca9BxZlZcOxGRyKTSo/qEthtJDvWO
si3iaSXeIahEg6c27hOQVAfsObLKjgUUkS/FT8KqLacClZTomZgZRhCDUFnOePEd
mii/PaZZ8EgU+y/qh3RFerLFmzYKq/Tjr5508LvlgcyIwOwOks/IDjhEVAt8TEb+
s4locy0NOaj/Bkave9PXxZ5/zGUzHV8BYaPOxNNLy8DqUgFKcGrYX+xW6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIipOAhaONm9c7rYUJZsVqAf+V4iMB8GA1UdIwQY
MBaAFApKhh18FLTKXm0cfWCq7rMuqO9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2txR0hYd1V0TXBlYlJ4OVlLcnVzeTZvNzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lNzkyYjAtMGY3OS00ZmEyLWE1Y2It
OTRkYmYzZmQwZTJkLzEvaUtrNENGbzQyYjF6dXRoUWxteFdvQl81WGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lNzkyYjAtMGY3OS00ZmEyLWE1Y2ItOTRkYmYzZmQwZTJk
LzEvQ2txR0hYd1V0TXBlYlJ4OVlLcnVzeTZvNzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ECgMA0E
AgACMAcDBQMqDQ/AMA0GCSqGSIb3DQEBCwUAA4IBAQA7dqtBl/70PUycOG7gZnyG
nbI50Cv1lg7+OIz4n067BYEfQECtkH7C0zpky4IC4v9TIMTtry+Sq1mwTV97cjtX
OIWxCgXeGlNB7hdpN0SLdLFLfpXEseWyWZp90pvVlqOvtrJJ8LE9wIAECstTW1S3
GWX+ILynVfwBrbLz7bu6QWSQjrEZc9IGKfke+SJvEH+f0CSIvNbmYKf0ikHe6EHH
6xA7xXkjxdVQ6kR1wo6hzd4CCns6XIVDPRgU0bhbRRbDAnsYCdgLc5X3HLF5Buw0
Gz3eFBnqI/ufdsIm7I6zlxUtULLV/Iq2w5XfkYOCUQ5uNY0IH8WdqlOMxjNt4RJT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:41 2024 by rpki-client on console-ams.rpki-client.org