Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/5f3m-0G28PWyNlCQANrNmcVg9w0.roa
File: 5f3m-0G28PWyNlCQANrNmcVg9w0.roa (raw, json)
Hash identifier: ekn3hFvj/P+7ytWAlq/gKC4Gr3sBv1bCPwRf/y+AcAc=
Subject key identifier: E5:FD:E6:FB:41:B6:F0:F5:B2:36:50:90:00:DA:CD:99:C5:60:F7:0D
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DBBB1EF65D0DB761ED5BEB29E5FFB
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/5f3m-0G28PWyNlCQANrNmcVg9w0.roa
Signing time: Sun 01 Jan 2023 23:14:46 +0000
ROA not before: Sun 01 Jan 2023 23:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31541
IP address blocks: 212.252.204.0/24 maxlen: 24
212.252.205.0/24 maxlen: 24
212.252.206.0/24 maxlen: 24
212.252.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:bb:b1:ef:65:d0:db:76:1e:d5:be:b2:9e:5f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5fde6fb41b6f0f5b236509000dacd99c560f70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:77:5e:3b:8b:b0:c3:41:8c:c0:24:b7:52:40:
24:07:01:c7:a4:c1:c1:0f:ae:04:ad:53:5b:e1:19:
fc:55:b1:08:da:0e:a4:d5:c3:8b:3a:cc:eb:c9:ef:
db:5a:e9:95:79:cf:4c:d9:14:58:2e:19:b7:cc:4f:
21:e9:68:ab:17:93:4b:7c:a6:95:c1:f2:27:4e:53:
5f:f6:ae:3b:d5:9e:a1:de:e2:47:1d:74:01:58:d5:
72:30:93:c5:36:f0:eb:4e:86:22:8b:5a:b7:99:1b:
e9:2f:e6:90:19:7d:25:18:4c:21:88:f1:9c:d3:21:
8d:66:2b:30:ab:7b:c5:72:1d:75:87:05:30:aa:fb:
fd:36:c5:40:7c:86:a3:08:e5:64:1e:93:5b:42:ba:
27:70:87:ff:91:08:1a:5b:c2:d0:df:e1:32:90:86:
c8:b5:18:d2:94:0a:18:0e:9a:7c:27:d9:72:a4:77:
ba:27:8b:4c:65:39:a3:59:8d:b2:b2:4c:7f:33:81:
99:4b:4e:e4:7e:60:d8:16:be:24:e5:b8:81:fd:11:
12:8d:7b:b9:e1:3d:e0:c6:8a:a3:35:e9:ec:f0:3e:
ce:db:11:9a:32:e3:30:f2:f0:77:ee:cc:b8:32:74:
de:da:06:03:86:5b:6d:6b:28:83:e0:87:57:d5:e7:
c9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FD:E6:FB:41:B6:F0:F5:B2:36:50:90:00:DA:CD:99:C5:60:F7:0D
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/5f3m-0G28PWyNlCQANrNmcVg9w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.204.0/22
Signature Algorithm: sha256WithRSAEncryption
08:86:5c:0d:ad:f9:0b:10:c3:8e:15:42:a7:10:85:be:75:02:
0f:64:2d:61:e2:20:34:bf:c0:67:ad:10:0a:f8:43:18:73:bb:
20:35:a0:19:72:42:04:3c:52:69:2c:7c:51:9f:5f:13:4b:23:
62:a3:ef:35:8b:36:78:6a:f5:19:22:56:be:94:46:e3:d0:f9:
a7:0d:5f:00:cb:e5:f9:ce:26:90:ab:b9:5d:49:b8:82:02:e4:
2a:1a:17:98:cb:b0:26:4f:5b:81:8c:f2:21:35:7c:23:cd:fe:
42:39:9d:43:c0:33:c9:65:d5:61:0d:24:9c:35:3c:47:0b:3a:
07:a5:46:f7:c9:dc:c5:6f:24:08:cc:4d:9c:4f:32:f2:71:46:
66:da:48:ff:f3:8f:61:00:f1:6c:dd:80:c1:25:59:42:50:4e:
13:e0:7f:33:b5:45:c7:a4:a3:2f:d1:33:67:ad:dd:c3:82:40:
e3:38:1e:03:d0:fa:0f:d6:05:3e:bb:fb:c3:53:d6:e2:19:36:
6a:a8:ee:01:23:84:83:7c:7f:a4:6a:ef:38:0e:0b:3f:21:2b:
9f:a7:9b:8a:39:dc:73:6c:78:c3:66:f1:e9:4c:40:5c:2d:50:
38:17:71:46:f4:ba:11:f4:be:6c:49:17:e8:71:b3:cf:f4:80:
f1:48:70:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbux72XQ23Ye1b6ynl/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZkZTZmYjQxYjZmMGY1YjIzNjUwOTAwMGRhY2Q5OWM1NjBmNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3deO4uww0GMwCS3UkAkBwHHpMHB
D64ErVNb4Rn8VbEI2g6k1cOLOszrye/bWumVec9M2RRYLhm3zE8h6WirF5NLfKaV
wfInTlNf9q471Z6h3uJHHXQBWNVyMJPFNvDrToYii1q3mRvpL+aQGX0lGEwhiPGc
0yGNZiswq3vFch11hwUwqvv9NsVAfIajCOVkHpNbQroncIf/kQgaW8LQ3+EykIbI
tRjSlAoYDpp8J9lypHe6J4tMZTmjWY2yskx/M4GZS07kfmDYFr4k5biB/RESjXu5
4T3gxoqjNens8D7O2xGaMuMw8vB37sy4MnTe2gYDhlttayiD4IdX1efJZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOX95vtBtvD1sjZQkADazZnFYPcNMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvNWYzbS0wRzI4UFd5TmxDUUFOck5tY1ZnOXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1PzMMA0G
CSqGSIb3DQEBCwUAA4IBAQAIhlwNrfkLEMOOFUKnEIW+dQIPZC1h4iA0v8BnrRAK
+EMYc7sgNaAZckIEPFJpLHxRn18TSyNio+81izZ4avUZIla+lEbj0PmnDV8Ay+X5
ziaQq7ldSbiCAuQqGheYy7AmT1uBjPIhNXwjzf5COZ1DwDPJZdVhDSScNTxHCzoH
pUb3ydzFbyQIzE2cTzLycUZm2kj/849hAPFs3YDBJVlCUE4T4H8ztUXHpKMv0TNn
rd3DgkDjOB4D0PoP1gU+u/vDU9biGTZqqO4BI4SDfH+kau84Dgs/ISufp5uKOdxz
bHjDZvHpTEBcLVA4F3FG9LoR9L5sSRfocbPP9IDxSHC9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org