Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/9jRmOzdPi-2Y3VL33ABHGx3Ge8k.roa
File: 9jRmOzdPi-2Y3VL33ABHGx3Ge8k.roa (raw, json)
Hash identifier: EswsZTPmQtMFix4bVoyy0ajwDanDimr0vLf/Qf1J8z0=
Subject key identifier: F6:34:66:3B:37:4F:8B:ED:98:DD:52:F7:DC:00:47:1B:1D:C6:7B:C9
Certificate issuer: /CN=969d46361b6af720fb9836acec965b0f52f4b09c
Certificate serial: 018BF561129BA5597C4EA5E0951C20049337
Authority key identifier: 96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/9jRmOzdPi-2Y3VL33ABHGx3Ge8k.roa
Signing time: Wed 22 Nov 2023 04:54:21 +0000
ROA not before: Wed 22 Nov 2023 04:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29690
IP address blocks: 212.70.36.0/24 maxlen: 24
212.70.32.0/24 maxlen: 24
212.70.32.0/19 maxlen: 19
212.70.34.0/24 maxlen: 24
212.70.40.0/24 maxlen: 24
212.70.50.0/24 maxlen: 24
212.70.51.0/24 maxlen: 24
212.70.45.0/24 maxlen: 24
212.70.49.0/24 maxlen: 24
212.70.47.0/24 maxlen: 24
212.70.48.0/24 maxlen: 24
212.70.53.0/24 maxlen: 24
212.70.54.0/24 maxlen: 24
83.101.128.0/24 maxlen: 24
83.101.128.0/19 maxlen: 19
83.101.129.0/24 maxlen: 24
83.101.139.0/24 maxlen: 24
83.101.138.0/24 maxlen: 24
83.101.137.0/24 maxlen: 24
83.101.141.0/24 maxlen: 24
83.101.140.0/24 maxlen: 24
83.101.143.0/24 maxlen: 24
83.101.149.0/24 maxlen: 24
83.101.150.0/24 maxlen: 24
83.101.151.0/24 maxlen: 24
83.101.155.0/24 maxlen: 24
83.101.156.0/24 maxlen: 24
83.101.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:61:12:9b:a5:59:7c:4e:a5:e0:95:1c:20:04:93:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969d46361b6af720fb9836acec965b0f52f4b09c
Validity
Not Before: Nov 22 04:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f634663b374f8bed98dd52f7dc00471b1dc67bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b2:b0:da:29:5d:80:62:9b:21:46:f1:ba:5f:
03:38:8a:8d:8b:93:82:52:e1:00:63:6d:a3:4f:8b:
ec:e3:d6:cd:71:0d:01:14:5a:49:ff:a6:42:ce:ec:
2b:af:77:0c:78:38:29:1e:22:4c:50:e1:bc:5d:3d:
3a:bb:a4:a5:6a:d8:26:ed:db:4a:62:51:30:b5:5b:
5b:f5:cf:60:11:9b:63:35:02:5b:5b:51:d6:2f:15:
d9:08:e7:ab:7f:15:7b:8d:98:58:ce:f3:d8:0d:bb:
e9:9d:0f:a8:e6:c8:14:72:45:1b:e1:e5:83:26:db:
62:55:73:ce:e2:90:bc:76:98:0e:0d:91:a0:ca:4a:
79:73:1a:c3:ad:84:91:4b:99:7e:90:f1:52:d7:68:
8d:87:a8:8b:1c:34:30:58:ce:c9:80:83:57:5f:16:
fa:eb:b6:8b:42:76:63:86:5f:71:b2:b2:d6:c1:2a:
f3:5c:5d:ed:ea:c2:7f:01:7f:17:dc:c5:7a:c4:5e:
de:57:9e:6a:e4:02:ca:ba:5b:87:17:38:ef:be:c6:
d0:06:7b:99:39:73:23:45:f3:53:e6:49:01:28:07:
0b:0a:2f:d1:97:3d:16:68:c1:92:90:d5:e3:a8:d9:
5e:0e:9b:45:06:4c:e5:8f:d7:6b:10:12:0e:bb:90:
c1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:34:66:3B:37:4F:8B:ED:98:DD:52:F7:DC:00:47:1B:1D:C6:7B:C9
X509v3 Authority Key Identifier:
keyid:96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/9jRmOzdPi-2Y3VL33ABHGx3Ge8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.101.128.0/19
212.70.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:a6:a0:9e:95:33:40:5e:51:2a:f8:85:1a:55:5d:0b:51:e4:
03:ec:1f:b5:2c:89:74:a8:5c:59:cf:22:a4:14:c3:fe:14:25:
80:1d:07:39:4c:4f:75:1c:4f:ed:42:6a:f9:65:29:34:fd:8a:
54:a7:0b:c1:5c:c0:01:9d:7f:87:24:11:95:a8:31:60:2f:34:
9f:87:55:a0:84:11:c2:0d:ee:1e:58:4c:8e:5f:da:31:8d:31:
9e:28:3e:48:12:af:b2:61:e2:b5:cb:ca:65:12:b1:36:12:39:
bd:c4:6e:2e:5c:59:7a:ad:ce:ca:d4:76:12:a2:cb:ed:22:56:
2f:b7:63:e8:c9:8e:9c:25:38:96:50:f6:0f:c2:5a:99:22:df:
dd:8c:f1:3a:f0:ad:6a:dd:1b:34:b5:ad:bb:d4:e2:65:a0:58:
b1:1c:bc:12:74:43:fd:30:e5:b5:5c:8c:fd:2a:a3:81:c0:ab:
f0:87:9a:e4:f3:e4:02:1a:13:35:e7:ec:5f:a8:d8:8c:d1:db:
88:2e:da:be:7f:53:08:41:a4:60:4c:4b:32:7e:53:81:43:06:
99:04:d7:cd:78:2c:bc:43:fe:cb:d5:5f:1f:e7:f8:17:ab:27:
3f:1c:8f:2f:98:e1:14:9e:b9:04:89:ae:a3:50:1b:d9:50:38:
29:ab:3a:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv1YRKbpVl8TqXglRwgBJM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWQ0NjM2MWI2YWY3MjBmYjk4MzZhY2VjOTY1YjBmNTJm
NGIwOWMwHhcNMjMxMTIyMDQ1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM0NjYzYjM3NGY4YmVkOThkZDUyZjdkYzAwNDcxYjFkYzY3YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrKw2ildgGKbIUbxul8DOIqNi5OC
UuEAY22jT4vs49bNcQ0BFFpJ/6ZCzuwrr3cMeDgpHiJMUOG8XT06u6Slatgm7dtK
YlEwtVtb9c9gEZtjNQJbW1HWLxXZCOerfxV7jZhYzvPYDbvpnQ+o5sgUckUb4eWD
JttiVXPO4pC8dpgODZGgykp5cxrDrYSRS5l+kPFS12iNh6iLHDQwWM7JgINXXxb6
67aLQnZjhl9xsrLWwSrzXF3t6sJ/AX8X3MV6xF7eV55q5ALKuluHFzjvvsbQBnuZ
OXMjRfNT5kkBKAcLCi/Rlz0WaMGSkNXjqNleDptFBkzlj9drEBIOu5DB1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPY0Zjs3T4vtmN1S99wARxsdxnvJMB8GA1UdIwQY
MBaAFJadRjYbavcg+5g2rOyWWw9S9LCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEt
NDM2MDAxNzFiOGJkLzEvOWpSbU96ZFBpLTJZM1ZMMzNBQkhHeDNHZThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEtNDM2MDAxNzFiOGJk
LzEvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFU2WAAwQF
1EYgMA0GCSqGSIb3DQEBCwUAA4IBAQBKpqCelTNAXlEq+IUaVV0LUeQD7B+1LIl0
qFxZzyKkFMP+FCWAHQc5TE91HE/tQmr5ZSk0/YpUpwvBXMABnX+HJBGVqDFgLzSf
h1WghBHCDe4eWEyOX9oxjTGeKD5IEq+yYeK1y8plErE2Ejm9xG4uXFl6rc7K1HYS
osvtIlYvt2PoyY6cJTiWUPYPwlqZIt/djPE68K1q3Rs0ta271OJloFixHLwSdEP9
MOW1XIz9KqOBwKvwh5rk8+QCGhM15+xfqNiM0duILtq+f1MIQaRgTEsyflOBQwaZ
BNfNeCy8Q/7L1V8f5/gXqyc/HI8vmOEUnrkEia6jUBvZUDgpqzpk
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:45 2024 by rpki-client on console-ams.rpki-client.org