Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/O9azztLD0PJrN_iyyLFYRq1zx1E.roa
File: O9azztLD0PJrN_iyyLFYRq1zx1E.roa (raw, json)
Hash identifier: O+JcSv8TrIJZDvkGzGMIZmzGjDJHpbveT0l5v6+cPNk=
Subject key identifier: 3B:D6:B3:CE:D2:C3:D0:F2:6B:37:F8:B2:C8:B1:58:46:AD:73:C7:51
Certificate issuer: /CN=ef3ee31d2f0ef103296ddec3c66b07a3f442ac98
Certificate serial: 018B3A7F0BB9F3FD90B587E650E28D46C7B6
Authority key identifier: EF:3E:E3:1D:2F:0E:F1:03:29:6D:DE:C3:C6:6B:07:A3:F4:42:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z7jHS8O8QMpbd7DxmsHo_RCrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/O9azztLD0PJrN_iyyLFYRq1zx1E.roa
Signing time: Mon 16 Oct 2023 21:58:06 +0000
ROA not before: Mon 16 Oct 2023 21:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212286
IP address blocks: 212.102.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3a:7f:0b:b9:f3:fd:90:b5:87:e6:50:e2:8d:46:c7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3ee31d2f0ef103296ddec3c66b07a3f442ac98
Validity
Not Before: Oct 16 21:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bd6b3ced2c3d0f26b37f8b2c8b15846ad73c751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:26:2c:ad:7f:f3:a0:20:2e:44:02:0a:f6:bc:
1b:83:4d:84:a0:2a:29:de:70:0e:5e:d0:57:a2:ab:
3c:8b:0d:cc:5e:69:78:dd:64:ff:2f:f5:6b:e2:1e:
63:c1:10:46:42:3c:a6:9b:82:b4:1e:27:03:e4:0a:
ce:aa:4b:c9:ce:4a:77:9f:56:4c:1f:85:f4:51:e9:
51:99:ad:cc:8a:0f:c6:a9:f4:b6:71:24:89:62:f7:
8b:3e:88:bb:8f:8a:43:4e:b7:57:4a:6a:24:a3:de:
af:18:ee:1c:09:11:cb:48:c8:e7:e8:ce:a5:14:43:
75:a4:95:8d:3a:58:c0:02:69:be:cf:16:8e:10:33:
fb:28:8d:4f:b1:c5:21:ea:09:24:fc:c6:6f:26:6e:
09:13:af:5b:44:57:73:e3:f8:e9:8e:26:1a:3d:cd:
1e:9e:c9:fb:86:7c:52:82:b3:0e:f6:2f:4e:14:8c:
78:c2:36:5d:1e:83:4c:2f:f0:14:89:f6:da:c5:3b:
a1:98:f1:13:a4:f3:7d:75:de:c1:39:8b:57:7c:6b:
f8:f1:6c:94:6e:bc:22:2c:c4:6e:de:4f:74:86:b3:
12:bd:fa:b0:5f:99:91:68:e7:f4:33:80:84:41:f5:
ec:5d:3e:3f:b5:91:76:a6:23:e9:3d:53:61:60:85:
34:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D6:B3:CE:D2:C3:D0:F2:6B:37:F8:B2:C8:B1:58:46:AD:73:C7:51
X509v3 Authority Key Identifier:
keyid:EF:3E:E3:1D:2F:0E:F1:03:29:6D:DE:C3:C6:6B:07:A3:F4:42:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z7jHS8O8QMpbd7DxmsHo_RCrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/O9azztLD0PJrN_iyyLFYRq1zx1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/7z7jHS8O8QMpbd7DxmsHo_RCrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.124.0/24
Signature Algorithm: sha256WithRSAEncryption
11:77:37:b4:5f:d4:ad:bc:89:82:b3:84:e7:a8:e8:aa:55:24:
ba:4d:9f:26:f4:32:00:d0:c5:97:60:74:f9:e7:41:3c:dc:60:
01:d3:19:22:82:7c:b1:24:13:1b:a4:10:e9:eb:8e:d5:fb:c9:
ca:ed:6a:15:00:18:82:9e:bf:71:ca:6a:9c:bd:17:2b:6e:81:
3e:80:ac:28:b0:ec:00:d1:22:20:44:d8:f9:4f:18:67:00:91:
5b:2c:ba:34:d7:30:3b:dc:0d:0d:97:0c:d0:eb:af:46:25:ff:
f9:74:42:6e:44:58:44:30:c2:71:14:9e:f3:ed:64:62:56:5f:
2e:2a:2d:05:b1:68:0a:ec:bd:23:79:3a:a8:9c:d5:03:64:14:
a0:2e:da:59:59:36:92:8f:db:ed:73:89:32:72:e7:28:75:b6:
4c:17:23:c2:e2:5a:b1:c7:dc:ef:fc:05:0e:10:87:ca:99:10:
1e:5f:43:90:bb:57:8b:10:4c:b2:f2:ba:57:f7:d6:80:30:b2:
72:77:02:24:fb:84:b6:1f:48:f7:6e:2f:a1:c2:9a:2e:42:6d:
3f:52:78:9d:cb:21:97:86:9a:b4:e7:c2:37:de:b6:89:47:cc:
69:11:35:4e:d8:83:3f:d8:b5:ae:f6:1b:74:fa:19:6f:2c:20:
89:c9:2d:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs6fwu58/2QtYfmUOKNRse2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2VlMzFkMmYwZWYxMDMyOTZkZGVjM2M2NmIwN2EzZjQ0
MmFjOTgwHhcNMjMxMDE2MjE1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ2YjNjZWQyYzNkMGYyNmIzN2Y4YjJjOGIxNTg0NmFkNzNjNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCYsrX/zoCAuRAIK9rwbg02EoCop
3nAOXtBXoqs8iw3MXml43WT/L/Vr4h5jwRBGQjymm4K0HicD5ArOqkvJzkp3n1ZM
H4X0UelRma3Mig/GqfS2cSSJYveLPoi7j4pDTrdXSmoko96vGO4cCRHLSMjn6M6l
FEN1pJWNOljAAmm+zxaOEDP7KI1PscUh6gkk/MZvJm4JE69bRFdz4/jpjiYaPc0e
nsn7hnxSgrMO9i9OFIx4wjZdHoNML/AUifbaxTuhmPETpPN9dd7BOYtXfGv48WyU
brwiLMRu3k90hrMSvfqwX5mRaOf0M4CEQfXsXT4/tZF2piPpPVNhYIU0+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvWs87Sw9Dyazf4ssixWEatc8dRMB8GA1UdIwQY
MBaAFO8+4x0vDvEDKW3ew8ZrB6P0QqyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o3akhTOE84UU1wYmQ3RHhtc0hvX1JDckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85OTBjYTktNmQ0Yy00OTQ2LWI3ZjMt
NzQ4ZDYxNzNiNmExLzEvTzlhenp0TEQwUEpyTl9peXlMRllScTF6eDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85OTBjYTktNmQ0Yy00OTQ2LWI3ZjMtNzQ4ZDYxNzNiNmEx
LzEvN3o3akhTOE84UU1wYmQ3RHhtc0hvX1JDckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQARdze0X9StvImCs4TnqOiqVSS6TZ8m9DIA0MWXYHT5
50E83GAB0xkignyxJBMbpBDp647V+8nK7WoVABiCnr9xymqcvRcrboE+gKwosOwA
0SIgRNj5TxhnAJFbLLo01zA73A0NlwzQ669GJf/5dEJuRFhEMMJxFJ7z7WRiVl8u
Ki0FsWgK7L0jeTqonNUDZBSgLtpZWTaSj9vtc4kycucodbZMFyPC4lqxx9zv/AUO
EIfKmRAeX0OQu1eLEEyy8rpX99aAMLJydwIk+4S2H0j3bi+hwpouQm0/UnidyyGX
hpq058I33raJR8xpETVO2IM/2LWu9ht0+hlvLCCJyS3F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:31 2024 by rpki-client on console-fra.rpki-client.org