Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3FY03hRJ3n4qQmQOC8n-0H_vBfg.roa
File: 3FY03hRJ3n4qQmQOC8n-0H_vBfg.roa (raw, json)
Hash identifier: 0fZ2ohSDIilGvfF3hyEp9wsxTzX5QKfhTNs5M7QhB7A=
Subject key identifier: DC:56:34:DE:14:49:DE:7E:2A:42:64:0E:0B:C9:FE:D0:7F:EF:05:F8
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193F29E0F69981E8935BB55217842FC3E7D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3FY03hRJ3n4qQmQOC8n-0H_vBfg.roa
Signing time: Mon 23 Dec 2024 08:24:25 +0000
ROA not before: Mon 23 Dec 2024 08:24:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397032
IP address blocks: 212.192.28.0/24 maxlen: 24
212.192.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:9e:0f:69:98:1e:89:35:bb:55:21:78:42:fc:3e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 23 08:24:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc5634de1449de7e2a42640e0bc9fed07fef05f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9c:46:45:4a:46:07:82:d9:4b:8f:4f:92:c7:
b4:af:fd:69:2f:6c:97:fc:19:d3:0c:93:e3:b8:f4:
51:db:a7:51:83:08:92:78:50:ab:e8:80:39:72:aa:
12:c8:04:37:58:a5:cb:7c:70:5b:3f:b0:56:2d:ec:
af:9d:61:b4:dd:20:fc:bd:26:94:5f:72:78:83:cc:
a2:83:72:1a:eb:63:9b:b1:36:96:04:db:6d:5c:d4:
73:89:c5:d8:a0:73:0e:54:1f:01:9b:ae:65:06:e5:
61:4a:9f:ba:ea:ac:ce:a8:76:78:5f:77:6e:2a:88:
17:37:5a:3c:f0:47:3c:f5:e0:6a:37:74:d6:fc:53:
eb:35:e4:18:1b:12:ad:95:9f:8a:0e:60:5b:a6:ac:
dc:4e:1e:9d:57:b9:7a:aa:e6:16:be:c8:7f:17:05:
51:a4:85:cf:71:81:eb:bf:3a:47:a6:9a:3c:cc:24:
ea:e4:b9:7f:7d:43:55:60:ad:64:de:a8:d0:f0:c5:
48:a9:99:b2:ac:93:f8:87:31:c9:1f:8a:81:c9:89:
c6:ae:61:f9:01:8a:0f:ac:b1:11:08:af:d9:55:f8:
84:9e:2b:98:25:cb:f3:73:92:0f:23:d3:10:38:40:
a7:ed:96:32:c1:a9:7f:30:b0:c0:e2:4a:72:6e:05:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:56:34:DE:14:49:DE:7E:2A:42:64:0E:0B:C9:FE:D0:7F:EF:05:F8
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3FY03hRJ3n4qQmQOC8n-0H_vBfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.28.0/23
Signature Algorithm: sha256WithRSAEncryption
86:5e:20:f9:ab:1c:e6:85:b8:66:88:0e:a1:d1:42:bb:e5:21:
06:5c:25:f2:a7:f2:84:05:74:3d:ed:8b:86:02:81:c3:f9:12:
66:3c:cb:6c:cf:97:54:b7:fd:c3:54:cb:1f:be:02:40:03:22:
74:6b:6e:fd:c2:e5:9c:df:27:8a:c5:24:9c:d3:01:e4:f6:c1:
2c:f5:27:a9:eb:6b:21:a4:70:89:27:db:ed:da:8b:b1:26:f5:
6d:dd:f5:f1:33:b3:16:7a:0b:42:dd:27:72:84:44:8a:60:29:
37:83:da:cd:d8:5e:d7:90:2d:22:c1:e0:ee:fe:f9:1d:d7:07:
3c:44:e7:44:6e:d2:d9:fc:75:1f:9d:ea:1a:f0:57:54:77:12:
82:49:1f:fa:db:40:2c:f1:cb:10:7c:8c:22:4d:ea:6c:23:92:
bc:98:4a:53:03:36:80:17:4b:ee:ea:aa:1a:30:a7:11:1e:6e:
d5:8d:ee:72:fb:52:74:2b:56:f2:5b:f0:0a:7b:27:ab:17:64:
b6:30:ea:e8:9e:71:61:1e:d5:3b:a8:d0:1a:ef:6b:77:50:76:
aa:e7:5e:74:e7:2a:2c:db:24:18:15:7a:1a:63:40:4f:fa:07:
98:9a:22:6b:80:a8:21:5b:bc:b1:41:3b:f2:8e:8a:57:60:70:
a8:66:8e:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPyng9pmB6JNbtVIXhC/D59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjIzMDgyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU2MzRkZTE0NDlkZTdlMmE0MjY0MGUwYmM5ZmVkMDdmZWYwNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpxGRUpGB4LZS49Pkse0r/1pL2yX
/BnTDJPjuPRR26dRgwiSeFCr6IA5cqoSyAQ3WKXLfHBbP7BWLeyvnWG03SD8vSaU
X3J4g8yig3Ia62ObsTaWBNttXNRzicXYoHMOVB8Bm65lBuVhSp+66qzOqHZ4X3du
KogXN1o88Ec89eBqN3TW/FPrNeQYGxKtlZ+KDmBbpqzcTh6dV7l6quYWvsh/FwVR
pIXPcYHrvzpHppo8zCTq5Ll/fUNVYK1k3qjQ8MVIqZmyrJP4hzHJH4qByYnGrmH5
AYoPrLERCK/ZVfiEniuYJcvzc5IPI9MQOECn7ZYywal/MLDA4kpybgUnGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxWNN4USd5+KkJkDgvJ/tB/7wX4MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM0ZZMDNoUkozbjRxUW1RT0M4bi0wSF92QmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1MAcMA0G
CSqGSIb3DQEBCwUAA4IBAQCGXiD5qxzmhbhmiA6h0UK75SEGXCXyp/KEBXQ97YuG
AoHD+RJmPMtsz5dUt/3DVMsfvgJAAyJ0a279wuWc3yeKxSSc0wHk9sEs9Sep62sh
pHCJJ9vt2ouxJvVt3fXxM7MWegtC3SdyhESKYCk3g9rN2F7XkC0iweDu/vkd1wc8
ROdEbtLZ/HUfneoa8FdUdxKCSR/620As8csQfIwiTepsI5K8mEpTAzaAF0vu6qoa
MKcRHm7Vje5y+1J0K1byW/AKeyerF2S2MOronnFhHtU7qNAa72t3UHaq51505yos
2yQYFXoaY0BP+geYmiJrgKghW7yxQTvyjopXYHCoZo49
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:22 2025 by rpki-client