Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/VQIy_yxHj9_syA8sjkwEik0U79M.roa
File: VQIy_yxHj9_syA8sjkwEik0U79M.roa (raw, json)
Hash identifier: ilhAZcR28/YMxv5xusfTsojIrkGoDR19279+8JfS3E4=
Subject key identifier: 55:02:32:FF:2C:47:8F:DF:EC:C8:0F:2C:8E:4C:04:8A:4D:14:EF:D3
Certificate issuer: /CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Certificate serial: 01856D387621EF2FB774E7762A22BEADE9EB
Authority key identifier: A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/VQIy_yxHj9_syA8sjkwEik0U79M.roa
Signing time: Sun 01 Jan 2023 12:04:54 +0000
ROA not before: Sun 01 Jan 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212632
IP address blocks: 212.39.32.0/24 maxlen: 24
212.39.32.0/22 maxlen: 22
212.39.32.0/21 maxlen: 21
212.39.34.0/24 maxlen: 24
212.39.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:76:21:ef:2f:b7:74:e7:76:2a:22:be:ad:e9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Validity
Not Before: Jan 1 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=550232ff2c478fdfecc80f2c8e4c048a4d14efd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:59:02:59:a2:ee:ea:aa:1a:92:7d:0f:d7:47:
c0:ce:ef:a1:85:8c:a9:d0:22:7e:34:ad:9f:17:46:
39:9f:27:ca:97:bc:8f:41:fd:24:ab:86:75:a1:c0:
10:2d:20:b0:71:4d:bb:a7:f9:15:04:26:20:44:6d:
37:e3:0b:b6:b2:cb:27:2c:6e:c4:2a:de:19:1a:39:
56:27:54:bd:23:c1:d0:02:36:3d:a6:1f:d8:9d:20:
a8:9d:ca:a8:98:1f:58:e5:6a:d5:0f:2c:56:e7:09:
72:1b:9a:7e:f7:e7:c7:17:15:1e:17:8b:ac:cb:80:
10:06:74:17:c5:ef:b4:ee:a3:c1:87:38:b5:36:06:
08:5e:17:f2:d0:14:09:2b:bd:b0:5a:26:60:df:2b:
14:40:1a:d4:74:88:63:63:59:0c:07:88:0d:a6:53:
6f:db:8f:10:d3:68:84:e9:75:c6:51:e7:6e:a6:ce:
4f:02:5b:f8:c0:43:bc:b7:2c:0a:61:c2:fb:fd:90:
09:0f:c1:a8:81:64:ad:d0:9c:f9:69:c5:02:8c:73:
ab:e4:06:ae:27:e7:aa:f6:6b:c0:2b:31:6c:ad:ee:
85:43:60:82:58:37:a0:e7:42:e5:6f:8a:0d:65:76:
19:d8:3d:f0:97:23:43:35:69:b9:ba:ae:47:4c:76:
c2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:02:32:FF:2C:47:8F:DF:EC:C8:0F:2C:8E:4C:04:8A:4D:14:EF:D3
X509v3 Authority Key Identifier:
keyid:A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/VQIy_yxHj9_syA8sjkwEik0U79M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.32.0/21
212.39.63.0/24
Signature Algorithm: sha256WithRSAEncryption
71:f3:eb:a3:91:72:aa:37:09:f6:4f:9a:f4:69:b3:e2:ac:2c:
7d:ca:93:48:95:78:c6:4b:34:83:96:e4:c5:18:38:15:f4:87:
f7:d3:75:f2:44:e1:3f:f4:d0:fd:de:80:9d:5e:b8:f7:d2:57:
58:74:02:f9:21:aa:0d:25:95:8a:63:95:ed:14:60:4b:c4:c5:
32:ad:59:26:67:06:c6:28:53:eb:89:6c:f2:cc:db:24:64:a9:
8b:25:6e:17:39:61:9f:54:21:72:91:9f:4d:dc:4e:42:f8:18:
31:83:bc:0e:a4:fd:7a:1f:78:fa:20:fe:c7:84:9f:bd:f9:d0:
8d:7c:11:dc:b3:06:56:21:b3:77:e5:83:4b:cc:a5:42:39:24:
7c:9e:4d:80:86:f9:bb:ea:43:2b:3c:bf:c6:0b:d2:be:21:86:
8d:6e:7c:25:bf:46:1f:13:06:be:b6:56:bc:ad:f2:58:3b:60:
54:67:d2:f1:ab:a5:8c:9d:0d:f2:52:cf:89:ec:0a:c2:5c:bc:
3a:d6:2b:52:6b:7f:0d:12:37:fe:e7:ba:7e:29:64:51:89:86:
48:b9:1f:47:bd:f9:52:ea:4d:f1:b4:c0:98:b3:f4:81:de:75:
8d:fb:1c:0b:9c:1c:de:5e:4e:18:a3:b0:0f:1d:51:7e:9e:68:
29:0a:9b:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtOHYh7y+3dOd2KiK+renrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRjN2JkYmM5ZDA5NzMzNmRlNjI0M2I1NTBhYjE3MzM3
NWVhMzkwHhcNMjMwMTAxMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTAyMzJmZjJjNDc4ZmRmZWNjODBmMmM4ZTRjMDQ4YTRkMTRlZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFkCWaLu6qoakn0P10fAzu+hhYyp
0CJ+NK2fF0Y5nyfKl7yPQf0kq4Z1ocAQLSCwcU27p/kVBCYgRG034wu2sssnLG7E
Kt4ZGjlWJ1S9I8HQAjY9ph/YnSConcqomB9Y5WrVDyxW5wlyG5p+9+fHFxUeF4us
y4AQBnQXxe+07qPBhzi1NgYIXhfy0BQJK72wWiZg3ysUQBrUdIhjY1kMB4gNplNv
248Q02iE6XXGUedups5PAlv4wEO8tywKYcL7/ZAJD8GogWSt0Jz5acUCjHOr5Aau
J+eq9mvAKzFsre6FQ2CCWDeg50Llb4oNZXYZ2D3wlyNDNWm5uq5HTHbC4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFUCMv8sR4/f7MgPLI5MBIpNFO/TMB8GA1UdIwQY
MBaAFKktx728nQlzNt5iQ7VQqxczdeo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMt
OTkxYjdhZWU3NDZjLzEvVlFJeV95eEhqOV9zeUE4c2prd0VpazBVNzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMtOTkxYjdhZWU3NDZj
LzEvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1CcgAwQA
1Cc/MA0GCSqGSIb3DQEBCwUAA4IBAQBx8+ujkXKqNwn2T5r0abPirCx9ypNIlXjG
SzSDluTFGDgV9If303XyROE/9ND93oCdXrj30ldYdAL5IaoNJZWKY5XtFGBLxMUy
rVkmZwbGKFPriWzyzNskZKmLJW4XOWGfVCFykZ9N3E5C+Bgxg7wOpP16H3j6IP7H
hJ+9+dCNfBHcswZWIbN35YNLzKVCOSR8nk2Ahvm76kMrPL/GC9K+IYaNbnwlv0Yf
Ewa+tla8rfJYO2BUZ9Lxq6WMnQ3yUs+J7ArCXLw61itSa38NEjf+57p+KWRRiYZI
uR9HvflS6k3xtMCYs/SB3nWN+xwLnBzeXk4Yo7APHVF+nmgpCptk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org