Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/nToe5c0j4lq2ZDWsPFjfnx68SAg.roa
File: nToe5c0j4lq2ZDWsPFjfnx68SAg.roa (raw, json)
Hash identifier: gfbHleUVNO65/tCfFPsjW5rTYxSvG6X8RRLHuRGW4KM=
Subject key identifier: 9D:3A:1E:E5:CD:23:E2:5A:B6:64:35:AC:3C:58:DF:9F:1E:BC:48:08
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 018572835C5AE772B57E5690F313CB1B2F99
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/nToe5c0j4lq2ZDWsPFjfnx68SAg.roa
Signing time: Mon 02 Jan 2023 12:44:49 +0000
ROA not before: Mon 02 Jan 2023 12:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12638
IP address blocks: 212.23.96.0/19 maxlen: 19
176.0.0.0/13 maxlen: 13
5.1.128.0/17 maxlen: 17
193.7.128.0/19 maxlen: 19
176.1.0.0/16 maxlen: 16
2001:1a28::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:5c:5a:e7:72:b5:7e:56:90:f3:13:cb:1b:2f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Jan 2 12:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d3a1ee5cd23e25ab66435ac3c58df9f1ebc4808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:14:03:dc:69:7b:88:cf:ae:3d:1f:72:bb:3a:
b0:0c:e2:ec:c7:bb:fd:d3:79:e2:44:5f:65:38:10:
da:88:f5:7a:13:d7:7a:ab:3d:87:03:38:80:db:23:
5d:11:f4:1c:3f:b1:f4:6d:11:85:a0:b2:62:53:94:
9f:2b:54:49:d2:d6:21:91:6a:29:07:9b:32:38:6d:
8a:2b:d3:94:44:8c:32:ad:f7:d1:06:84:eb:f3:49:
9f:05:e7:20:cf:53:f4:f3:6e:06:ba:84:39:6e:18:
74:db:df:6a:47:cd:4c:ff:c5:d4:ac:b7:ab:b7:ed:
05:a4:de:4e:6d:94:c7:38:68:38:f9:4b:b3:87:7a:
b2:3d:ce:34:17:63:4e:48:95:ae:f3:6a:aa:43:0d:
85:d6:14:b5:0d:14:f8:e7:78:1f:3f:aa:6e:4c:af:
12:4e:15:d8:52:25:4a:e3:c3:51:b4:d0:75:63:b8:
11:43:3f:d1:ed:c7:f4:3a:99:77:2b:85:20:cc:c6:
a0:b1:54:b0:37:50:84:c1:f3:f1:57:e1:39:b5:64:
a9:21:63:25:68:fc:44:d3:63:eb:62:43:f6:1d:e7:
ef:c2:0a:b3:89:5d:04:cd:a2:05:e9:3d:7b:57:ff:
80:04:27:56:63:e5:59:30:04:db:59:80:b8:1c:5c:
b1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3A:1E:E5:CD:23:E2:5A:B6:64:35:AC:3C:58:DF:9F:1E:BC:48:08
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/nToe5c0j4lq2ZDWsPFjfnx68SAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.128.0/17
176.0.0.0/13
193.7.128.0/19
212.23.96.0/19
IPv6:
2001:1a28::/32
Signature Algorithm: sha256WithRSAEncryption
86:ba:d8:29:89:9b:30:ed:89:88:6e:bb:79:f9:77:37:d1:fb:
1c:a5:d6:23:cf:fa:87:b1:e9:b4:a1:d1:8b:ca:63:b7:10:fc:
45:3b:8c:e1:fb:44:37:dc:b3:cb:06:49:8e:36:18:63:71:62:
3e:e9:31:11:45:9f:e8:d1:60:3a:0e:2c:22:99:59:01:38:02:
56:bf:fa:c7:0f:75:bc:f8:98:13:e7:4d:b0:b0:fc:6d:a3:45:
4e:00:ea:5b:bd:64:89:23:f9:b0:16:f5:f0:6e:cf:72:1c:87:
2f:ae:cd:9e:d0:55:ec:2f:b2:34:77:9d:d6:73:bb:02:39:42:
38:9d:ff:49:26:aa:08:94:e1:8e:cd:4a:ee:ba:f1:be:95:a1:
fa:45:40:6d:84:87:61:fa:c4:9e:f2:f0:0d:5c:dc:b9:dc:ad:
bb:db:65:31:f1:00:cc:04:4b:12:85:34:f2:4a:d5:e1:b4:88:
be:9d:9b:f6:af:bb:f2:51:1b:96:05:c1:af:dc:1e:e7:b2:56:
2b:27:e3:fe:58:e5:cd:ea:93:8f:f2:c9:e4:90:94:4f:65:f6:
88:a7:14:80:44:18:0d:8a:65:f5:1f:02:39:64:47:89:f4:84:
ae:19:96:10:fb:dd:92:32:11:b5:e9:7b:2e:95:5a:8a:8d:00:
14:07:42:83
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVyg1xa53K1flaQ8xPLGy+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjMwMTAyMTI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNhMWVlNWNkMjNlMjVhYjY2NDM1YWMzYzU4ZGY5ZjFlYmM0ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxQD3Gl7iM+uPR9yuzqwDOLsx7v9
03niRF9lOBDaiPV6E9d6qz2HAziA2yNdEfQcP7H0bRGFoLJiU5SfK1RJ0tYhkWop
B5syOG2KK9OURIwyrffRBoTr80mfBecgz1P0824GuoQ5bhh0299qR81M/8XUrLer
t+0FpN5ObZTHOGg4+Uuzh3qyPc40F2NOSJWu82qqQw2F1hS1DRT453gfP6puTK8S
ThXYUiVK48NRtNB1Y7gRQz/R7cf0Opl3K4UgzMagsVSwN1CEwfPxV+E5tWSpIWMl
aPxE02PrYkP2HefvwgqziV0EzaIF6T17V/+ABCdWY+VZMATbWYC4HFyxpwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ06HuXNI+JatmQ1rDxY358evEgIMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvblRvZTVjMGo0bHEyWkRXc1BGamZueDY4U0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQHBQGAAwMD
sAADBAXBB4ADBAXUF2AwDQQCAAIwBwMFACABGigwDQYJKoZIhvcNAQELBQADggEB
AIa62CmJmzDtiYhuu3n5dzfR+xyl1iPP+oex6bSh0YvKY7cQ/EU7jOH7RDfcs8sG
SY42GGNxYj7pMRFFn+jRYDoOLCKZWQE4Ala/+scPdbz4mBPnTbCw/G2jRU4A6lu9
ZIkj+bAW9fBuz3Ichy+uzZ7QVewvsjR3ndZzuwI5Qjid/0kmqgiU4Y7NSu668b6V
ofpFQG2Eh2H6xJ7y8A1c3LncrbvbZTHxAMwESxKFNPJK1eG0iL6dm/avu/JRG5YF
wa/cHueyVisn4/5Y5c3qk4/yyeSQlE9l9oinFIBEGA2KZfUfAjlkR4n0hK4ZlhD7
3ZIyEbXpey6VWoqNABQHQoM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:26 2024 by rpki-client on console-ams.rpki-client.org