Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9HO2aG0kOiruUkJgRGmnFkrvYDs.roa
File: 9HO2aG0kOiruUkJgRGmnFkrvYDs.roa (raw, json)
Hash identifier: TOG8fsGCjSD/soBawTgHEYaRmeV1/AflRQedWmb7w08=
Subject key identifier: F4:73:B6:68:6D:24:3A:2A:EE:52:42:60:44:69:A7:16:4A:EF:60:3B
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DCA8384942F72BDDD90ACCB998B2D
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9HO2aG0kOiruUkJgRGmnFkrvYDs.roa
Signing time: Sun 01 Jan 2023 23:14:50 +0000
ROA not before: Sun 01 Jan 2023 23:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199333
IP address blocks: 212.252.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ca:83:84:94:2f:72:bd:dd:90:ac:cb:99:8b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f473b6686d243a2aee5242604469a7164aef603b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:1a:a8:ca:69:d2:95:95:cd:f4:71:16:2e:
bd:2a:5f:22:65:8d:48:96:0d:0a:d3:f6:fb:f8:c2:
b1:40:c1:2e:fe:ce:ed:29:ea:3f:47:e1:56:8f:21:
17:86:0a:e6:6f:68:58:85:36:26:a1:aa:3e:54:6f:
4e:18:4c:bc:ef:91:13:f7:00:a4:81:d0:72:55:9e:
7c:23:29:c3:71:40:34:b7:3b:d3:56:4b:7b:41:3d:
d8:8a:c9:15:7c:4f:40:3c:25:9a:e6:2a:11:19:af:
23:97:4d:2e:57:79:b7:e7:87:0c:7e:f8:69:10:35:
66:52:a5:8f:31:2a:6a:5f:dc:a2:49:1b:7b:5b:20:
d4:29:5c:5f:90:b3:19:0c:93:d4:e4:e6:35:a8:be:
05:ff:25:4b:9f:7f:f9:a6:6c:78:5d:8b:fc:e3:4f:
3d:a0:30:37:e2:2c:49:a4:c5:3c:28:d3:0a:11:66:
14:ae:9c:f0:5c:0f:e6:31:56:56:df:7d:c4:8a:8a:
49:4b:4f:67:35:27:93:49:cb:d2:2c:fa:f4:e8:fe:
79:8c:5e:78:87:f1:4f:f7:54:69:9a:97:49:8a:30:
3e:ea:d0:cd:3c:ce:cb:53:e0:6a:c6:a8:84:98:c9:
a4:a3:f7:60:27:4f:fa:a7:6f:e4:d0:09:75:c6:50:
c6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:73:B6:68:6D:24:3A:2A:EE:52:42:60:44:69:A7:16:4A:EF:60:3B
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9HO2aG0kOiruUkJgRGmnFkrvYDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.124.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c4:00:e4:14:67:9d:63:58:95:e9:7d:49:65:b9:76:21:94:
fe:e7:49:ec:e1:e4:7b:1a:69:31:7f:d7:65:5c:0c:e2:55:cb:
13:4b:cd:f6:03:3d:45:15:0f:27:29:fa:01:7e:59:41:fb:eb:
29:77:49:d4:1b:d4:16:1a:03:9e:0d:8f:c9:0e:b0:9d:77:62:
1b:da:68:5a:5f:62:f7:71:61:75:ff:3e:2c:4e:72:21:0a:77:
10:26:da:2f:92:8a:83:76:5b:ba:ec:2c:b1:53:f7:95:b9:4a:
cc:22:82:f8:de:ae:82:25:22:de:25:2f:f8:57:38:e3:24:5d:
79:0b:c7:f7:2b:58:1b:ab:c9:63:37:2f:88:f7:c7:b0:cb:34:
2d:37:dc:00:eb:e4:07:a4:49:fc:e7:48:79:6d:21:f0:b8:21:
e7:9d:5d:82:df:57:d9:d5:ce:43:51:bb:ab:e3:38:f4:ca:24:
ba:f8:c4:0d:8b:cc:1b:45:d8:06:ca:8b:56:ba:4e:35:e9:e0:
7c:7f:63:cc:30:bb:03:b4:49:d3:91:0d:f8:82:d6:76:c1:dc:
55:2e:d8:3a:04:d6:8f:ed:71:d8:b4:15:87:5c:40:47:93:d3:
5a:a0:03:84:95:00:c7:02:22:01:3b:8c:1d:cd:45:73:cd:90:
4d:6b:38:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvncqDhJQvcr3dkKzLmYstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDczYjY2ODZkMjQzYTJhZWU1MjQyNjA0NDY5YTcxNjRhZWY2MDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJEaqMpp0pWVzfRxFi69Kl8iZY1I
lg0K0/b7+MKxQMEu/s7tKeo/R+FWjyEXhgrmb2hYhTYmoao+VG9OGEy875ET9wCk
gdByVZ58IynDcUA0tzvTVkt7QT3YiskVfE9APCWa5ioRGa8jl00uV3m354cMfvhp
EDVmUqWPMSpqX9yiSRt7WyDUKVxfkLMZDJPU5OY1qL4F/yVLn3/5pmx4XYv84089
oDA34ixJpMU8KNMKEWYUrpzwXA/mMVZW333EiopJS09nNSeTScvSLPr06P55jF54
h/FP91RpmpdJijA+6tDNPM7LU+BqxqiEmMmko/dgJ0/6p2/k0Al1xlDGMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRztmhtJDoq7lJCYERppxZK72A7MB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvOUhPMmFHMGtPaXJ1VWtKZ1JHbW5Ga3J2WURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Px8MA0G
CSqGSIb3DQEBCwUAA4IBAQBjxADkFGedY1iV6X1JZbl2IZT+50ns4eR7Gmkxf9dl
XAziVcsTS832Az1FFQ8nKfoBfllB++spd0nUG9QWGgOeDY/JDrCdd2Ib2mhaX2L3
cWF1/z4sTnIhCncQJtovkoqDdlu67CyxU/eVuUrMIoL43q6CJSLeJS/4VzjjJF15
C8f3K1gbq8ljNy+I98ewyzQtN9wA6+QHpEn850h5bSHwuCHnnV2C31fZ1c5DUbur
4zj0yiS6+MQNi8wbRdgGyotWuk416eB8f2PMMLsDtEnTkQ34gtZ2wdxVLtg6BNaP
7XHYtBWHXEBHk9NaoAOElQDHAiIBO4wdzUVzzZBNazhZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org