Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/ysslHvTM-pw__5P11IgIvydBqdM.roa
File: ysslHvTM-pw__5P11IgIvydBqdM.roa (raw, json)
Hash identifier: bzbZ5uCn9rVWrmFysPrxhf+2kHrF0gq+20kxsY3nDIk=
Subject key identifier: CA:CB:25:1E:F4:CC:FA:9C:3F:FF:93:F5:D4:88:08:BF:27:41:A9:D3
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 018CC86F7C027449AC023BBEEB20A3319BFF
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/ysslHvTM-pw__5P11IgIvydBqdM.roa
Signing time: Tue 02 Jan 2024 04:29:58 +0000
ROA not before: Tue 02 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12840
IP address blocks: 212.109.96.0/20 maxlen: 20
212.109.112.0/22 maxlen: 22
212.109.112.0/24 maxlen: 24
212.109.114.0/24 maxlen: 24
212.109.113.0/24 maxlen: 24
212.109.115.0/24 maxlen: 24
212.109.120.0/23 maxlen: 23
212.109.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 22:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:7c:02:74:49:ac:02:3b:be:eb:20:a3:31:9b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Jan 2 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cacb251ef4ccfa9c3fff93f5d48808bf2741a9d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cb:3d:a8:c2:bc:65:74:4d:f0:27:be:dc:b0:
74:5c:4f:94:99:58:5a:a6:fc:67:8b:2b:ff:10:19:
28:f1:00:2f:76:8c:de:ca:de:50:91:0f:1f:2f:d6:
1a:a2:79:99:3d:c5:fe:9c:73:3d:b1:8b:9b:72:c4:
4f:6f:8a:3a:f6:e5:a3:41:c2:7f:70:c8:63:7f:7a:
0c:2f:43:d2:bc:e4:c1:d3:07:a8:1a:cf:e5:41:62:
39:e0:ec:7f:e4:5d:12:fd:7b:0a:02:8c:4a:5a:da:
2d:ba:de:de:7a:ed:a9:07:03:b1:6f:2e:d6:e9:f7:
5f:89:e7:bd:8f:24:10:77:e2:c5:22:d1:8c:46:63:
28:bd:66:31:1d:e7:e4:09:5f:b6:f9:77:9c:00:22:
09:bd:1a:b1:e6:d3:5a:11:de:69:6b:45:6d:cf:f4:
24:8f:27:a6:56:db:2c:95:b9:91:6e:07:a2:48:91:
a5:8e:95:e6:05:56:2a:63:f7:14:a8:13:7f:c7:ff:
ef:36:ae:87:ce:44:45:94:f2:7d:e9:0f:66:79:46:
08:f9:22:18:fb:68:5c:34:a1:05:0e:63:8d:20:77:
0b:d7:da:d4:71:17:fb:39:32:c6:81:e9:cb:11:f9:
c1:dc:e5:99:4b:27:19:50:66:ae:76:75:b8:c3:2f:
a7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CB:25:1E:F4:CC:FA:9C:3F:FF:93:F5:D4:88:08:BF:27:41:A9:D3
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/ysslHvTM-pw__5P11IgIvydBqdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.96.0-212.109.115.255
212.109.120.0/23
212.109.123.0/24
Signature Algorithm: sha256WithRSAEncryption
12:8a:51:d4:2f:d2:4f:b6:79:85:3f:12:f5:7a:55:f0:48:bd:
da:73:9a:2c:d4:ec:6c:06:b8:ba:00:ba:b3:6d:fd:06:3d:cb:
68:a5:39:83:43:0c:11:f8:c7:d2:6d:a6:ed:74:c6:df:f5:a4:
0f:c8:7f:0f:66:9e:e7:2c:c0:3f:ef:ac:77:f3:d3:ab:f5:50:
f1:39:4f:da:e7:83:c9:4e:c8:91:fb:27:9e:42:e7:f6:00:b9:
10:6d:75:25:95:f6:5a:3d:2f:aa:ed:ef:1b:b8:d9:4f:f5:4b:
8a:2d:7c:2b:59:d2:1d:e7:71:d7:a9:96:ae:5f:a9:77:3a:8c:
5d:e0:b2:84:21:ec:1d:21:3b:8a:90:67:11:95:27:da:30:06:
d9:57:16:fa:3a:80:46:cd:99:73:ac:ad:4a:42:53:a2:23:d9:
ca:f8:17:4a:16:dd:3c:38:03:a5:ca:f5:ea:82:3a:a3:4b:49:
12:67:96:2e:9c:70:d3:05:93:b6:4a:f5:e4:3f:06:42:39:70:
47:09:41:41:8e:cd:7c:9d:7e:0a:f0:1a:2f:75:5c:e3:f0:a6:
c6:6a:e7:e2:d5:76:74:0b:3c:fd:b6:a5:ae:e7:dc:5b:48:b5:
f1:05:64:1a:88:fb:a8:1d:dc:0f:b8:5f:4b:ba:66:b7:ca:97:
0a:89:cf:9c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIb3wCdEmsAju+6yCjMZv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjQwMTAyMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNiMjUxZWY0Y2NmYTljM2ZmZjkzZjVkNDg4MDhiZjI3NDFhOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMs9qMK8ZXRN8Ce+3LB0XE+UmVha
pvxniyv/EBko8QAvdozeyt5QkQ8fL9YaonmZPcX+nHM9sYubcsRPb4o69uWjQcJ/
cMhjf3oML0PSvOTB0weoGs/lQWI54Ox/5F0S/XsKAoxKWtotut7eeu2pBwOxby7W
6fdfiee9jyQQd+LFItGMRmMovWYxHefkCV+2+XecACIJvRqx5tNaEd5pa0Vtz/Qk
jyemVtsslbmRbgeiSJGljpXmBVYqY/cUqBN/x//vNq6HzkRFlPJ96Q9meUYI+SIY
+2hcNKEFDmONIHcL19rUcRf7OTLGgenLEfnB3OWZSycZUGaudnW4wy+nPQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMrLJR70zPqcP/+T9dSICL8nQanTMB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEveXNzbEh2VE0tcHdfXzVQMTFJZ0l2eWRCcWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAXUbWAD
BALUbXADBAHUbXgDBADUbXswDQYJKoZIhvcNAQELBQADggEBABKKUdQv0k+2eYU/
EvV6VfBIvdpzmizU7GwGuLoAurNt/QY9y2ilOYNDDBH4x9Jtpu10xt/1pA/Ifw9m
nucswD/vrHfz06v1UPE5T9rng8lOyJH7J55C5/YAuRBtdSWV9lo9L6rt7xu42U/1
S4otfCtZ0h3ncdeplq5fqXc6jF3gsoQh7B0hO4qQZxGVJ9owBtlXFvo6gEbNmXOs
rUpCU6Ij2cr4F0oW3Tw4A6XK9eqCOqNLSRJnli6ccNMFk7ZK9eQ/BkI5cEcJQUGO
zXydfgrwGi91XOPwpsZq5+LVdnQLPP22pa7n3FtItfEFZBqI+6gd3A+4X0u6ZrfK
lwqJz5w=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:35:13 2025 by rpki-client