Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/D498bYB6H6eoAfy2LLF8HfRhU6E.roa
File: D498bYB6H6eoAfy2LLF8HfRhU6E.roa (raw, json)
Hash identifier: WBNsEDv+4xN7xhTt1sVf0DeKd+pmTMfuhYVy+H7+hwA=
Subject key identifier: 0F:8F:7C:6D:80:7A:1F:A7:A8:01:FC:B6:2C:B1:7C:1D:F4:61:53:A1
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DB8255482949B2EB0B9A0CF7056D7
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/D498bYB6H6eoAfy2LLF8HfRhU6E.roa
Signing time: Sun 01 Jan 2023 23:14:45 +0000
ROA not before: Sun 01 Jan 2023 23:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9215
IP address blocks: 212.252.64.0/24 maxlen: 24
212.252.67.0/24 maxlen: 24
212.252.65.0/24 maxlen: 24
212.252.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Jun 2023 14:27:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b8:25:54:82:94:9b:2e:b0:b9:a0:cf:70:56:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f8f7c6d807a1fa7a801fcb62cb17c1df46153a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:75:68:ac:a9:ef:11:2d:89:05:59:8b:67:e3:
e7:d8:44:e8:2c:17:45:ef:fa:1b:36:dd:59:e6:58:
61:bd:c2:4a:8a:a3:24:0e:f5:d4:63:0d:ff:9b:9e:
7b:d6:41:cc:37:02:02:34:35:fc:5a:2c:12:88:f3:
d6:34:06:d6:4d:6a:0e:8c:76:b4:1f:b8:44:f2:ba:
96:83:78:17:c7:aa:6d:18:8e:78:b6:e3:3a:27:5b:
1a:72:dd:41:b8:8d:e0:a8:7a:88:6f:3a:92:ab:eb:
f4:77:07:36:d9:d7:83:1a:73:4d:35:e0:d3:65:15:
b6:07:fa:b8:51:92:b1:0d:1b:92:d2:fd:fd:f9:ba:
bf:33:f5:91:ee:dd:9b:fa:7f:5a:f8:f8:57:2d:d1:
d8:8b:e7:c4:07:33:39:c2:49:29:74:d0:3f:e4:29:
30:e4:fd:00:11:56:72:af:e0:4f:b3:c6:14:36:aa:
3e:4a:1d:8c:e0:8f:01:11:93:5d:28:d0:ff:ea:ca:
15:d5:07:34:c1:6b:f9:52:a9:30:6f:cb:81:31:c2:
35:ec:ad:5a:16:e9:88:03:02:c6:9e:83:f9:07:90:
49:89:c0:93:5a:40:e3:c3:18:b1:50:8e:2f:5a:7b:
f9:4e:48:6c:7a:15:dc:75:aa:0a:91:82:9a:80:c1:
e8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8F:7C:6D:80:7A:1F:A7:A8:01:FC:B6:2C:B1:7C:1D:F4:61:53:A1
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/D498bYB6H6eoAfy2LLF8HfRhU6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.64.0/23
212.252.67.0/24
212.252.75.0/24
Signature Algorithm: sha256WithRSAEncryption
06:08:e7:79:ff:87:86:52:3f:db:f6:a9:75:16:37:e0:88:aa:
f7:25:8b:d5:1a:9c:b5:36:27:7f:89:b8:f3:35:f8:82:91:6e:
8b:2b:15:a8:a4:f6:2e:19:67:79:dc:6b:df:54:5d:18:61:fc:
2d:bc:69:04:e6:f9:3c:29:e4:ed:55:d1:e1:4c:cc:35:54:8e:
2e:74:7c:d6:29:ae:df:8b:ea:1c:d7:1f:2c:e1:67:22:a0:e8:
4a:bb:a1:52:b4:bc:52:de:67:f4:d1:5d:80:0d:98:be:bc:9d:
cc:f0:f5:8b:dc:30:8a:a1:77:87:b1:1a:fa:de:2b:46:c7:4d:
55:f3:05:a5:54:9f:05:45:79:d1:5f:06:33:d4:4c:c2:01:e1:
a3:29:3c:94:3c:6f:f3:1c:5d:71:2f:5a:04:5a:5c:12:f2:fb:
1d:f7:45:74:ab:08:40:18:3e:0d:1c:91:c0:d6:20:e6:3a:c1:
08:19:1d:0d:a8:2c:1c:c3:5c:e1:8a:95:98:16:c3:4f:44:74:
e3:51:98:78:91:59:a5:39:b8:26:75:95:0f:41:8b:02:f5:13:
bd:6b:01:93:a9:d8:a0:43:ce:be:17:ad:9b:16:84:69:20:6e:
32:06:df:f9:84:c2:5b:18:e1:43:95:b8:b8:38:3e:6e:c0:c2:
1a:7e:81:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvnbglVIKUmy6wuaDPcFbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhmN2M2ZDgwN2ExZmE3YTgwMWZjYjYyY2IxN2MxZGY0NjE1M2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHVorKnvES2JBVmLZ+Pn2EToLBdF
7/obNt1Z5lhhvcJKiqMkDvXUYw3/m5571kHMNwICNDX8WiwSiPPWNAbWTWoOjHa0
H7hE8rqWg3gXx6ptGI54tuM6J1sact1BuI3gqHqIbzqSq+v0dwc22deDGnNNNeDT
ZRW2B/q4UZKxDRuS0v39+bq/M/WR7t2b+n9a+PhXLdHYi+fEBzM5wkkpdNA/5Ckw
5P0AEVZyr+BPs8YUNqo+Sh2M4I8BEZNdKND/6soV1Qc0wWv5Uqkwb8uBMcI17K1a
FumIAwLGnoP5B5BJicCTWkDjwxixUI4vWnv5TkhsehXcdaoKkYKagMHo0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+PfG2Aeh+nqAH8tiyxfB30YVOhMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvRDQ5OGJZQjZINmVvQWZ5MkxMRjhIZlJoVTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQB1PxAAwQA
1PxDAwQA1PxLMA0GCSqGSIb3DQEBCwUAA4IBAQAGCOd5/4eGUj/b9ql1FjfgiKr3
JYvVGpy1Nid/ibjzNfiCkW6LKxWopPYuGWd53GvfVF0YYfwtvGkE5vk8KeTtVdHh
TMw1VI4udHzWKa7fi+oc1x8s4WcioOhKu6FStLxS3mf00V2ADZi+vJ3M8PWL3DCK
oXeHsRr63itGx01V8wWlVJ8FRXnRXwYz1EzCAeGjKTyUPG/zHF1xL1oEWlwS8vsd
90V0qwhAGD4NHJHA1iDmOsEIGR0NqCwcw1zhipWYFsNPRHTjUZh4kVmlObgmdZUP
QYsC9RO9awGTqdigQ86+F62bFoRpIG4yBt/5hMJbGOFDlbi4OD5uwMIafoFr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org