Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/yOCWqQ5f-AnmkACRscnEJKcsaco.roa
File: yOCWqQ5f-AnmkACRscnEJKcsaco.roa (raw, json)
Hash identifier: HFi7qp1fR+8wog4dn7zgePjs6ArAvyh20zZXaR3upnY=
Subject key identifier: C8:E0:96:A9:0E:5F:F8:09:E6:90:00:91:B1:C9:C4:24:A7:2C:69:CA
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0190E42B59BC8C3DEC60F8B24189903AAE9F
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/yOCWqQ5f-AnmkACRscnEJKcsaco.roa
Signing time: Wed 24 Jul 2024 09:56:04 +0000
ROA not before: Wed 24 Jul 2024 09:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51660
IP address blocks: 212.70.144.0/24 maxlen: 24
212.70.145.0/24 maxlen: 24
212.70.146.0/24 maxlen: 24
212.70.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 07:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:2b:59:bc:8c:3d:ec:60:f8:b2:41:89:90:3a:ae:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jul 24 09:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e096a90e5ff809e6900091b1c9c424a72c69ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c1:2d:70:78:6c:1c:bb:3f:a7:7d:47:73:3b:
74:3b:69:a5:38:27:57:96:f4:62:e5:ba:88:91:8b:
83:89:b6:22:f8:d3:67:06:e4:0f:63:95:1b:2c:0c:
0e:51:96:b1:4e:af:29:54:57:e2:34:b9:b6:3c:39:
6a:f0:06:21:80:31:f8:cb:23:6d:aa:79:c3:dc:e8:
be:b0:d3:60:af:8d:69:d3:fe:6e:30:be:7d:77:d1:
cc:7e:a7:0a:ad:0e:3a:d2:0b:3c:ff:ef:a0:26:84:
70:27:2e:b2:f1:d5:06:40:ad:eb:f3:3a:9b:f3:41:
cb:59:89:19:f3:04:9f:f9:0f:b8:e8:79:22:d4:48:
16:5e:1f:d3:b3:d3:06:b9:8a:83:aa:c0:37:14:02:
3c:e9:ff:e6:eb:3b:74:59:a7:9a:a3:68:36:df:79:
38:22:75:65:48:8c:9f:0a:0c:55:ac:71:f8:dc:a0:
3b:2d:0b:9b:1d:98:bc:a9:3a:ae:02:af:9d:fc:52:
28:16:e1:d2:76:7a:71:0a:31:25:86:36:00:ef:1b:
da:3b:91:fc:5b:5f:5a:dd:6e:b2:03:10:37:99:4d:
76:a9:b0:41:85:07:df:c3:47:22:27:8b:9b:3d:0c:
a6:67:aa:c8:bc:a9:7a:5d:fe:15:a6:13:2a:83:1e:
40:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E0:96:A9:0E:5F:F8:09:E6:90:00:91:B1:C9:C4:24:A7:2C:69:CA
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/yOCWqQ5f-AnmkACRscnEJKcsaco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:83:99:b0:0f:b0:f6:96:5c:84:a8:ba:be:8b:a1:12:5c:66:
08:6c:83:8a:a0:bf:0a:20:db:3f:aa:4a:84:d3:4e:e1:49:97:
a2:d4:95:06:d2:71:2a:60:34:02:2f:15:63:7d:80:ea:27:75:
ed:fe:5e:4b:95:fe:ae:27:63:71:2d:8d:21:1b:bb:9f:84:e8:
fb:06:85:a5:e9:1f:98:67:e0:79:dc:46:a2:9f:9a:34:bb:9b:
56:46:2f:b8:a3:5b:b7:dc:f9:87:37:32:c0:b2:23:aa:71:e3:
1b:9a:5b:39:2c:98:3c:e3:11:fe:51:05:58:af:ac:86:bd:93:
11:a0:a3:df:4a:7a:ad:6c:7a:3b:63:41:2e:3f:57:30:42:a9:
1d:7e:61:81:e1:33:8f:d4:7c:e3:5f:66:e2:70:c8:8c:2d:28:
10:84:43:a0:79:f6:11:3e:e7:4b:7a:ad:1c:95:b1:63:98:e4:
5c:a2:da:2d:15:fa:fa:65:7f:7f:e9:9f:a5:bf:bf:ad:94:e7:
c6:60:99:b4:3c:f9:5f:ac:cc:0d:9e:4c:ac:f5:dc:2f:64:f7:
74:43:f5:71:e8:ae:f1:53:3d:e6:88:58:61:76:14:f7:b9:92:
4a:72:62:08:a6:e8:26:55:7a:e1:44:33:aa:ed:8c:c1:d1:d9:
57:77:70:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDkK1m8jD3sYPiyQYmQOq6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjQwNzI0MDk1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUwOTZhOTBlNWZmODA5ZTY5MDAwOTFiMWM5YzQyNGE3MmM2OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcEtcHhsHLs/p31Hczt0O2mlOCdX
lvRi5bqIkYuDibYi+NNnBuQPY5UbLAwOUZaxTq8pVFfiNLm2PDlq8AYhgDH4yyNt
qnnD3Oi+sNNgr41p0/5uML59d9HMfqcKrQ460gs8/++gJoRwJy6y8dUGQK3r8zqb
80HLWYkZ8wSf+Q+46Hki1EgWXh/Ts9MGuYqDqsA3FAI86f/m6zt0Waeao2g233k4
InVlSIyfCgxVrHH43KA7LQubHZi8qTquAq+d/FIoFuHSdnpxCjElhjYA7xvaO5H8
W19a3W6yAxA3mU12qbBBhQffw0ciJ4ubPQymZ6rIvKl6Xf4VphMqgx5A1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjglqkOX/gJ5pAAkbHJxCSnLGnKMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEveU9DV3FRNWYtQW5ta0FDUnNjbkVKS2NzYWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1EaQMA0G
CSqGSIb3DQEBCwUAA4IBAQCMg5mwD7D2llyEqLq+i6ESXGYIbIOKoL8KINs/qkqE
007hSZei1JUG0nEqYDQCLxVjfYDqJ3Xt/l5Llf6uJ2NxLY0hG7ufhOj7BoWl6R+Y
Z+B53Eain5o0u5tWRi+4o1u33PmHNzLAsiOqceMbmls5LJg84xH+UQVYr6yGvZMR
oKPfSnqtbHo7Y0EuP1cwQqkdfmGB4TOP1HzjX2bicMiMLSgQhEOgefYRPudLeq0c
lbFjmORcototFfr6ZX9/6Z+lv7+tlOfGYJm0PPlfrMwNnkys9dwvZPd0Q/Vx6K7x
Uz3miFhhdhT3uZJKcmIIpugmVXrhRDOq7YzB0dlXd3D8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:34 2025 by rpki-client