Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ZFah3gHdloZfcslHOaPEr5uPoso.roa
File: ZFah3gHdloZfcslHOaPEr5uPoso.roa (raw, json)
Hash identifier: kKBka8rBJy0Za6LiVh0S5IaAkTjV8ICgEK2+4PigkCQ=
Subject key identifier: 64:56:A1:DE:01:DD:96:86:5F:72:C9:47:39:A3:C4:AF:9B:8F:A2:CA
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018572035533617712289291987B0CE164A5
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ZFah3gHdloZfcslHOaPEr5uPoso.roa
Signing time: Mon 02 Jan 2023 10:24:59 +0000
ROA not before: Mon 02 Jan 2023 10:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51424
IP address blocks: 212.4.132.0/24 maxlen: 24
212.96.184.0/24 maxlen: 24
213.211.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:55:33:61:77:12:28:92:91:98:7b:0c:e1:64:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 2 10:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6456a1de01dd96865f72c94739a3c4af9b8fa2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:02:95:6a:9e:1e:6a:29:25:e2:df:6e:96:b9:
3f:8d:c3:09:32:54:3c:da:43:bd:0e:25:c8:cc:19:
6e:b2:63:28:68:dc:4b:d5:35:6b:91:f8:1d:8c:f5:
4d:0d:0c:bf:d9:39:70:af:80:9d:51:86:f8:67:17:
ba:5c:b4:24:35:d1:0a:f4:56:96:f1:7e:57:3d:e9:
27:2d:26:4c:fc:a5:f7:34:87:a9:a4:c4:eb:47:8c:
2c:36:78:b3:c1:9d:e2:91:da:2b:2c:03:cb:d4:6c:
e7:87:c8:e7:80:43:2d:7f:c3:27:f3:2f:cf:63:ea:
51:ec:25:8f:ca:0a:f3:12:d3:fe:27:d7:e4:e8:6a:
ac:5f:8d:1b:61:21:da:ec:7f:55:38:12:c7:03:ef:
f8:33:5f:20:e2:d8:e8:c9:7c:c4:3d:62:2d:1e:d3:
79:f7:38:f2:10:bd:24:27:f7:c4:54:2c:fe:ec:47:
a5:2b:63:f3:8a:2a:92:24:96:62:7d:1e:90:a6:c1:
a4:a3:a0:c7:31:63:31:61:3b:b6:41:52:e5:05:a4:
dd:c6:63:94:6c:df:e6:3e:df:39:e8:1b:05:ae:b3:
24:3b:cb:80:cc:77:39:e1:8c:61:ed:eb:54:6a:99:
44:40:94:73:df:c7:61:d8:1f:50:02:38:ef:6c:28:
53:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:56:A1:DE:01:DD:96:86:5F:72:C9:47:39:A3:C4:AF:9B:8F:A2:CA
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ZFah3gHdloZfcslHOaPEr5uPoso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.4.132.0/24
212.96.184.0/24
213.211.36.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:99:75:db:52:31:f9:86:4f:b5:54:69:a4:89:45:02:a8:73:
0d:93:c8:12:1d:e7:86:d0:95:2c:15:5d:a6:22:09:60:e3:cb:
6f:93:ca:d4:04:98:1e:e9:b7:04:17:f8:db:e4:2d:8f:bd:cc:
0a:11:b7:0e:66:76:42:54:18:64:ca:8f:d0:0b:51:20:50:b3:
ee:7f:60:3d:d7:dd:39:94:3b:22:2b:cc:ff:29:68:ab:8f:7d:
00:6c:30:90:8c:17:49:f4:81:fe:63:a3:b4:34:c6:b0:7e:d8:
2b:79:60:70:bc:fa:13:c9:6c:a3:63:6c:80:65:bc:94:70:aa:
80:91:e7:85:a6:96:91:49:a2:3a:86:e0:c7:29:e4:f5:e2:fc:
e3:f0:ff:cb:9f:0f:7f:e6:8a:ad:ba:76:3d:9d:c5:fa:da:49:
f2:e7:76:2a:41:a7:10:53:8e:00:7e:1f:2f:1e:79:47:7e:43:
37:e3:fd:20:7b:90:a0:50:ca:82:be:7f:af:3f:16:b6:e0:f3:
2f:4d:5b:fe:cc:5a:ad:0a:ea:9e:01:15:33:fa:63:83:ab:83:
a9:cf:b5:fc:55:f0:8e:d2:bb:39:8f:d6:ed:88:d7:4c:83:1b:
7b:9b:df:12:89:c6:ab:67:0c:5e:80:46:56:5c:01:d9:cd:ab:
21:45:6b:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyA1UzYXcSKJKRmHsM4WSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU2YTFkZTAxZGQ5Njg2NWY3MmM5NDczOWEzYzRhZjliOGZhMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQKVap4eaikl4t9ulrk/jcMJMlQ8
2kO9DiXIzBlusmMoaNxL1TVrkfgdjPVNDQy/2Tlwr4CdUYb4Zxe6XLQkNdEK9FaW
8X5XPeknLSZM/KX3NIeppMTrR4wsNnizwZ3ikdorLAPL1Gznh8jngEMtf8Mn8y/P
Y+pR7CWPygrzEtP+J9fk6GqsX40bYSHa7H9VOBLHA+/4M18g4tjoyXzEPWItHtN5
9zjyEL0kJ/fEVCz+7EelK2PziiqSJJZifR6QpsGko6DHMWMxYTu2QVLlBaTdxmOU
bN/mPt856BsFrrMkO8uAzHc54Yxh7etUaplEQJRz38dh2B9QAjjvbChT6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGRWod4B3ZaGX3LJRzmjxK+bj6LKMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvWkZhaDNnSGRsb1pmY3NsSE9hUEVyNXVQb3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1ASEAwQA
1GC4AwQA1dMkMA0GCSqGSIb3DQEBCwUAA4IBAQCcmXXbUjH5hk+1VGmkiUUCqHMN
k8gSHeeG0JUsFV2mIglg48tvk8rUBJge6bcEF/jb5C2PvcwKEbcOZnZCVBhkyo/Q
C1EgULPuf2A91905lDsiK8z/KWirj30AbDCQjBdJ9IH+Y6O0NMawftgreWBwvPoT
yWyjY2yAZbyUcKqAkeeFppaRSaI6huDHKeT14vzj8P/Lnw9/5oqtunY9ncX62kny
53YqQacQU44Afh8vHnlHfkM34/0ge5CgUMqCvn+vPxa24PMvTVv+zFqtCuqeARUz
+mODq4Opz7X8VfCO0rs5j9btiNdMgxt7m98SicarZwxegEZWXAHZzashRWs6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org