Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/lYG2yQdx7SFIUzbWkgRzHbwAomU.roa
File: lYG2yQdx7SFIUzbWkgRzHbwAomU.roa (raw, json)
Hash identifier: +2BMgx+RHXsnK1nclAW9J+F6QbehJq5a4qe9y9Rnggo=
Subject key identifier: 95:81:B6:C9:07:71:ED:21:48:53:36:D6:92:04:73:1D:BC:00:A2:65
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DC238166F9835DBB5AE283DFA2AE4
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/lYG2yQdx7SFIUzbWkgRzHbwAomU.roa
Signing time: Sun 01 Jan 2023 23:14:47 +0000
ROA not before: Sun 01 Jan 2023 23:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43391
IP address blocks: 212.252.24.0/24 maxlen: 24
213.74.4.0/24 maxlen: 24
212.252.27.0/24 maxlen: 24
212.252.26.0/24 maxlen: 24
212.252.25.0/24 maxlen: 24
212.252.36.0/24 maxlen: 24
212.252.46.0/24 maxlen: 24
212.252.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c2:38:16:6f:98:35:db:b5:ae:28:3d:fa:2a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9581b6c90771ed21485336d69204731dbc00a265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:34:ae:b7:c3:91:5c:c2:75:ca:92:de:33:
e6:d9:cd:7e:32:c8:ca:aa:cd:36:71:cd:20:94:c8:
64:f2:70:8d:2e:81:1b:9e:0a:55:93:70:4d:29:20:
e4:61:ff:9d:c9:14:1f:be:10:15:ac:73:e5:df:f7:
52:8a:66:15:d9:c3:89:16:46:b5:78:12:e3:aa:41:
e9:0d:7c:4f:09:e7:79:93:fb:bb:b3:c5:ed:d4:75:
c6:6a:93:34:46:b5:76:29:1d:1d:84:56:29:35:fd:
31:bf:9b:e0:90:9b:00:9e:f8:c2:9b:36:3c:73:37:
38:eb:9b:11:8e:4c:56:11:ab:15:2d:7d:cb:6f:d7:
b0:ed:8d:8e:55:43:aa:44:5f:5a:eb:0e:7f:a0:45:
46:3e:28:db:c6:af:f8:b2:b5:e4:69:7b:3c:fc:e9:
01:1f:8f:16:9a:81:95:35:ae:b7:da:de:42:36:1f:
6f:a4:46:b1:32:1e:20:f5:a3:bb:d9:b4:31:f9:01:
d8:c9:e0:d4:9d:1a:a0:90:ed:2b:b4:3d:6e:4b:5c:
2e:5d:37:66:4e:7b:83:37:00:44:14:90:7c:ee:70:
45:de:a6:7d:81:3d:90:f7:d0:fc:48:9e:b6:87:b6:
87:43:a9:8f:c9:d8:f7:1b:dd:9e:96:40:8c:1c:02:
25:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:81:B6:C9:07:71:ED:21:48:53:36:D6:92:04:73:1D:BC:00:A2:65
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/lYG2yQdx7SFIUzbWkgRzHbwAomU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.24.0/22
212.252.36.0/24
212.252.45.0-212.252.46.255
213.74.4.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:79:6d:20:0f:35:92:a7:c2:69:00:73:21:9a:82:1b:6b:f6:
c6:12:c2:1f:5c:ab:45:90:e8:55:b4:a1:7f:f2:84:74:35:11:
7d:79:38:1a:dd:7e:fe:90:f2:26:47:ca:90:87:29:b2:fa:cb:
39:04:77:54:4c:27:2b:f4:a6:b1:35:a5:45:8a:6e:11:bf:4b:
7c:bd:38:d8:cd:10:ad:63:c2:7b:74:3a:f5:d4:21:18:bd:74:
65:df:f7:9a:95:b7:6a:e7:78:75:9c:7e:ba:5c:e1:ec:0a:d6:
ac:43:9e:87:17:56:95:12:cf:b1:cd:41:56:c2:e0:3a:2e:7d:
6e:ca:4e:aa:e7:f8:ea:60:d6:54:18:29:65:05:be:f4:1c:19:
03:54:7c:72:56:ea:fe:4d:c5:dd:4a:e1:b3:4c:28:65:ae:55:
5f:20:3e:13:00:11:03:97:70:25:f5:f6:84:c7:f8:6f:f6:8d:
9e:17:b5:aa:43:1f:c5:bb:85:52:10:7b:be:b4:6a:0f:d6:7f:
da:5e:72:97:3b:58:3c:84:30:da:69:0c:26:ec:4b:0f:85:ec:
54:09:0c:34:6e:75:ba:07:55:fa:67:6d:45:89:e9:9f:30:53:
bc:38:35:e5:dd:61:9e:1b:b1:0d:ee:77:37:5b:39:63:be:e7:
a0:6d:29:76
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvncI4Fm+YNdu1rig9+irkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgxYjZjOTA3NzFlZDIxNDg1MzM2ZDY5MjA0NzMxZGJjMDBhMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstc0rrfDkVzCdcqS3jPm2c1+MsjK
qs02cc0glMhk8nCNLoEbngpVk3BNKSDkYf+dyRQfvhAVrHPl3/dSimYV2cOJFka1
eBLjqkHpDXxPCed5k/u7s8Xt1HXGapM0RrV2KR0dhFYpNf0xv5vgkJsAnvjCmzY8
czc465sRjkxWEasVLX3Lb9ew7Y2OVUOqRF9a6w5/oEVGPijbxq/4srXkaXs8/OkB
H48WmoGVNa632t5CNh9vpEaxMh4g9aO72bQx+QHYyeDUnRqgkO0rtD1uS1wuXTdm
TnuDNwBEFJB87nBF3qZ9gT2Q99D8SJ62h7aHQ6mPydj3G92elkCMHAIlmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJWBtskHce0hSFM21pIEcx28AKJlMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvbFlHMnlRZHg3U0ZJVXpiV2tnUnpIYndBb21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQC1PwYAwQA
1PwkMAwDBADU/C0DBADU/C4DBADVSgQwDQYJKoZIhvcNAQELBQADggEBADp5bSAP
NZKnwmkAcyGaghtr9sYSwh9cq0WQ6FW0oX/yhHQ1EX15OBrdfv6Q8iZHypCHKbL6
yzkEd1RMJyv0prE1pUWKbhG/S3y9ONjNEK1jwnt0OvXUIRi9dGXf95qVt2rneHWc
frpc4ewK1qxDnocXVpUSz7HNQVbC4DoufW7KTqrn+Opg1lQYKWUFvvQcGQNUfHJW
6v5Nxd1K4bNMKGWuVV8gPhMAEQOXcCX19oTH+G/2jZ4XtapDH8W7hVIQe760ag/W
f9pecpc7WDyEMNppDCbsSw+F7FQJDDRudboHVfpnbUWJ6Z8wU7w4NeXdYZ4bsQ3u
dzdbOWO+56BtKXY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org