Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/l3bZGHRUSn3t4QEwp3FL4Gk94as.roa
File: l3bZGHRUSn3t4QEwp3FL4Gk94as.roa (raw, json)
Hash identifier: bvnZDe7ScndD8EjDBRxhqi8CRu4ubbYehhXxmF58iWM=
Subject key identifier: 97:76:D9:18:74:54:4A:7D:ED:E1:01:30:A7:71:4B:E0:69:3D:E1:AB
Certificate issuer: /CN=ef3ee31d2f0ef103296ddec3c66b07a3f442ac98
Certificate serial: 018CC2DB4A2FF45687A163158C42CE81151F
Authority key identifier: EF:3E:E3:1D:2F:0E:F1:03:29:6D:DE:C3:C6:6B:07:A3:F4:42:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z7jHS8O8QMpbd7DxmsHo_RCrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/l3bZGHRUSn3t4QEwp3FL4Gk94as.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212286
IP address blocks: 212.102.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 00:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4a:2f:f4:56:87:a1:63:15:8c:42:ce:81:15:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3ee31d2f0ef103296ddec3c66b07a3f442ac98
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9776d91874544a7dede10130a7714be0693de1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1d:f1:8d:d9:77:be:dd:3d:db:51:42:17:67:
a1:2e:e9:61:2a:69:4a:dd:f0:a9:21:07:be:46:c8:
d5:69:4c:f5:3d:71:6e:c9:54:ee:c2:68:b3:66:f5:
2e:f1:6e:82:bc:7b:39:cb:3a:cb:76:c8:8c:66:ba:
7a:70:fb:07:cb:f0:8d:9a:b9:2c:d6:40:1b:54:2c:
20:6e:2e:0f:62:20:2a:3f:0b:27:11:f8:02:62:7f:
dd:58:b6:f4:73:a0:82:ea:3b:2a:0e:51:66:ae:ff:
70:57:80:3f:0e:b3:93:a7:0c:51:b1:8e:6c:82:99:
f1:9e:68:e9:75:d1:46:3c:68:ac:2b:49:b7:f1:f6:
9a:1c:8f:8d:b9:6d:c0:a9:fa:70:5f:b3:70:a8:00:
b6:ea:9e:0d:7f:52:eb:11:c7:6d:dd:f7:a0:d4:5c:
e8:4b:61:1d:07:e8:31:7e:b9:9c:56:74:a4:c2:ab:
ff:f6:da:3e:51:43:a2:74:27:e5:2b:53:17:aa:78:
2d:f5:7c:88:b1:a3:7d:f1:ea:89:d1:7f:86:9d:aa:
42:ba:cd:78:32:86:2b:0e:e1:bf:2c:78:61:52:39:
ab:16:bb:91:c5:bf:40:d1:95:db:f2:e5:48:6d:5a:
e6:19:dc:1c:b1:d9:9e:23:f6:5d:45:f7:32:9c:6a:
80:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:76:D9:18:74:54:4A:7D:ED:E1:01:30:A7:71:4B:E0:69:3D:E1:AB
X509v3 Authority Key Identifier:
keyid:EF:3E:E3:1D:2F:0E:F1:03:29:6D:DE:C3:C6:6B:07:A3:F4:42:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z7jHS8O8QMpbd7DxmsHo_RCrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/l3bZGHRUSn3t4QEwp3FL4Gk94as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/990ca9-6d4c-4946-b7f3-748d6173b6a1/1/7z7jHS8O8QMpbd7DxmsHo_RCrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.124.0/24
Signature Algorithm: sha256WithRSAEncryption
77:84:d0:0d:97:6b:3b:56:98:93:69:f0:53:d5:20:ca:6b:f9:
9c:0b:e5:1b:a9:70:7a:02:98:af:7b:09:a8:6d:90:27:03:7b:
c1:04:8b:77:39:74:b4:bc:c8:c4:ed:ff:d9:dd:79:60:2a:d7:
1b:52:42:bb:d9:7f:b2:bb:bf:4f:73:13:d8:70:00:26:0f:19:
5d:07:59:af:9e:12:c0:ab:2c:26:d1:d7:6b:70:63:f5:c3:48:
71:51:42:3e:b6:e0:34:60:6b:20:30:5d:9b:5d:63:52:54:28:
ef:db:51:93:3c:3b:5f:ac:27:d6:4a:d7:4a:98:30:03:2c:2f:
e8:b7:1f:42:84:8f:8b:c3:90:c5:4e:92:50:f2:a1:ec:26:5b:
ab:1c:21:88:d7:9e:c2:38:bf:ad:d3:34:63:b5:cc:43:bb:78:
bc:1f:9f:87:aa:ca:d4:06:36:e7:64:2a:9e:8f:99:90:74:81:
2a:7b:d1:55:ec:dd:69:44:ca:31:03:dd:0b:63:6e:db:cc:aa:
3d:65:65:43:d9:0a:21:ab:ad:26:70:4d:89:07:a8:87:fc:8b:
7e:52:41:65:46:91:df:0f:a0:ca:97:40:1c:d7:68:0b:bf:98:
80:89:1e:0d:18:25:10:87:e6:b4:b5:93:b2:f7:d9:16:ba:93:
51:a8:b0:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20ov9FaHoWMVjELOgRUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2VlMzFkMmYwZWYxMDMyOTZkZGVjM2M2NmIwN2EzZjQ0
MmFjOTgwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzc2ZDkxODc0NTQ0YTdkZWRlMTAxMzBhNzcxNGJlMDY5M2RlMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh3xjdl3vt0921FCF2ehLulhKmlK
3fCpIQe+RsjVaUz1PXFuyVTuwmizZvUu8W6CvHs5yzrLdsiMZrp6cPsHy/CNmrks
1kAbVCwgbi4PYiAqPwsnEfgCYn/dWLb0c6CC6jsqDlFmrv9wV4A/DrOTpwxRsY5s
gpnxnmjpddFGPGisK0m38faaHI+NuW3AqfpwX7NwqAC26p4Nf1LrEcdt3feg1Fzo
S2EdB+gxfrmcVnSkwqv/9to+UUOidCflK1MXqngt9XyIsaN98eqJ0X+GnapCus14
MoYrDuG/LHhhUjmrFruRxb9A0ZXb8uVIbVrmGdwcsdmeI/ZdRfcynGqAvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJd22Rh0VEp97eEBMKdxS+BpPeGrMB8GA1UdIwQY
MBaAFO8+4x0vDvEDKW3ew8ZrB6P0QqyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o3akhTOE84UU1wYmQ3RHhtc0hvX1JDckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85OTBjYTktNmQ0Yy00OTQ2LWI3ZjMt
NzQ4ZDYxNzNiNmExLzEvbDNiWkdIUlVTbjN0NFFFd3AzRkw0R2s5NGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85OTBjYTktNmQ0Yy00OTQ2LWI3ZjMtNzQ4ZDYxNzNiNmEx
LzEvN3o3akhTOE84UU1wYmQ3RHhtc0hvX1JDckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQB3hNANl2s7VpiTafBT1SDKa/mcC+UbqXB6Apivewmo
bZAnA3vBBIt3OXS0vMjE7f/Z3XlgKtcbUkK72X+yu79PcxPYcAAmDxldB1mvnhLA
qywm0ddrcGP1w0hxUUI+tuA0YGsgMF2bXWNSVCjv21GTPDtfrCfWStdKmDADLC/o
tx9ChI+Lw5DFTpJQ8qHsJlurHCGI157COL+t0zRjtcxDu3i8H5+HqsrUBjbnZCqe
j5mQdIEqe9FV7N1pRMoxA90LY27bzKo9ZWVD2Qohq60mcE2JB6iH/It+UkFlRpHf
D6DKl0Ac12gLv5iAiR4NGCUQh+a0tZOy99kWupNRqLBp
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:21 2024 by rpki-client on console-ams.rpki-client.org