Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/aZ2Pb6nMjBi5CkqQ5lK_8n-yvTk.roa
File: aZ2Pb6nMjBi5CkqQ5lK_8n-yvTk.roa (raw, json)
Hash identifier: cpYZIz5BWJRXMhVcJa/XAYDmg9WQqQce4f9ZFBaxMEY=
Subject key identifier: 69:9D:8F:6F:A9:CC:8C:18:B9:0A:4A:90:E6:52:BF:F2:7F:B2:BD:39
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB84FB574F8795DB59BDD4711E01483
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/aZ2Pb6nMjBi5CkqQ5lK_8n-yvTk.roa
Signing time: Sun 01 Jan 2023 09:44:56 +0000
ROA not before: Sun 01 Jan 2023 09:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47127
IP address blocks: 212.234.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:4f:b5:74:f8:79:5d:b5:9b:dd:47:11:e0:14:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=699d8f6fa9cc8c18b90a4a90e652bff27fb2bd39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:2d:61:cd:11:67:24:f5:19:eb:9d:fd:3a:
ed:16:03:29:85:65:6c:3b:3e:ec:1a:18:94:38:88:
34:1e:6a:13:6a:00:f6:53:79:bd:22:0c:ea:52:8e:
e1:07:38:8c:60:8c:86:7e:70:f4:f7:e9:fe:3e:19:
ab:f3:72:a4:f9:d5:df:08:77:f5:33:45:d3:86:26:
89:07:c7:ee:7f:f7:88:1c:61:c1:b5:b4:2c:6b:f6:
c8:ae:4b:07:aa:88:2f:d3:59:96:9b:72:a5:33:bc:
d1:65:5d:1a:c0:32:f0:2f:b0:b9:7c:3c:86:f9:b6:
d1:9d:31:92:6c:76:a2:7f:a7:cc:f9:45:c5:1c:4b:
1d:59:b4:75:76:dc:b0:34:2c:41:f9:7a:06:fb:fe:
1d:6b:85:47:29:2c:60:ce:8d:68:88:72:84:dc:75:
e3:d6:b9:94:df:9b:59:db:a7:0c:ed:0f:f3:87:e8:
cf:b6:3b:ec:48:5b:ce:65:9b:a3:31:bc:cb:93:6a:
25:c6:25:3b:ef:1c:7d:77:eb:7d:28:e6:50:e8:a2:
72:99:26:34:86:91:c9:13:e0:c6:32:aa:a9:a3:c9:
68:46:bb:ec:0d:7a:53:c9:8b:d6:27:f9:62:82:12:
38:18:fc:57:6e:c5:fb:aa:92:58:53:e8:bb:6e:90:
71:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9D:8F:6F:A9:CC:8C:18:B9:0A:4A:90:E6:52:BF:F2:7F:B2:BD:39
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/aZ2Pb6nMjBi5CkqQ5lK_8n-yvTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.234.169.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:81:75:06:7e:dd:6a:fa:e0:02:71:7f:46:8e:28:1f:2d:b0:
4d:20:d4:e5:fb:c3:8c:2f:74:6d:0a:3f:2a:1c:c7:aa:d3:3e:
b2:8b:8f:ed:9b:16:eb:51:a2:54:55:e3:8b:db:ba:d1:bd:45:
f0:55:f9:8b:5b:29:79:d3:29:8b:31:66:63:49:dc:74:14:e4:
10:cf:1d:62:ff:a3:a6:28:7e:fd:44:b0:c9:e0:24:8c:eb:23:
b6:75:52:c8:d4:c5:1d:d7:64:23:c4:50:05:19:76:1a:e7:75:
1e:5d:5c:36:94:d5:46:0b:62:8f:36:cd:4d:22:7b:dd:c8:56:
c5:05:1a:d2:fc:85:85:5b:03:f5:d6:93:79:b3:bc:40:d5:67:
7c:6b:37:c4:48:1e:5d:63:1d:0d:83:03:c6:3a:d4:39:35:46:
44:7b:ee:3e:f3:21:4a:79:de:8e:85:c3:a7:76:3e:c8:45:c8:
ca:4a:1d:b5:53:d9:5b:01:2f:40:9c:82:4a:71:62:48:62:5d:
66:1c:f0:c8:5f:32:4a:2b:87:47:58:de:19:f0:33:c8:67:51:
95:21:7e:1d:e0:34:fe:dd:24:92:fa:49:71:f3:52:a5:28:ba:
de:da:e4:42:2d:61:da:76:cf:ab:38:bb:19:2d:3a:9b:2f:a7:
c6:20:b2:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuE+1dPh5XbWb3UcR4BSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTlkOGY2ZmE5Y2M4YzE4YjkwYTRhOTBlNjUyYmZmMjdmYjJiZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdstYc0RZyT1Geud/TrtFgMphWVs
Oz7sGhiUOIg0HmoTagD2U3m9IgzqUo7hBziMYIyGfnD09+n+Phmr83Kk+dXfCHf1
M0XThiaJB8fuf/eIHGHBtbQsa/bIrksHqogv01mWm3KlM7zRZV0awDLwL7C5fDyG
+bbRnTGSbHaif6fM+UXFHEsdWbR1dtywNCxB+XoG+/4da4VHKSxgzo1oiHKE3HXj
1rmU35tZ26cM7Q/zh+jPtjvsSFvOZZujMbzLk2olxiU77xx9d+t9KOZQ6KJymSY0
hpHJE+DGMqqpo8loRrvsDXpTyYvWJ/lighI4GPxXbsX7qpJYU+i7bpBxSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmdj2+pzIwYuQpKkOZSv/J/sr05MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvYVoyUGI2bk1qQmk1Q2txUTVsS184bi15dlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1OqpMA0G
CSqGSIb3DQEBCwUAA4IBAQCmgXUGft1q+uACcX9GjigfLbBNINTl+8OML3RtCj8q
HMeq0z6yi4/tmxbrUaJUVeOL27rRvUXwVfmLWyl50ymLMWZjSdx0FOQQzx1i/6Om
KH79RLDJ4CSM6yO2dVLI1MUd12QjxFAFGXYa53UeXVw2lNVGC2KPNs1NInvdyFbF
BRrS/IWFWwP11pN5s7xA1Wd8azfESB5dYx0NgwPGOtQ5NUZEe+4+8yFKed6OhcOn
dj7IRcjKSh21U9lbAS9AnIJKcWJIYl1mHPDIXzJKK4dHWN4Z8DPIZ1GVIX4d4DT+
3SSS+klx81KlKLre2uRCLWHads+rOLsZLTqbL6fGILIu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org