Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2c6b14-7e87-49c7-a3b3-a0a60bb9cd9b/1/1zJsYotyt9DS9v496UvS3iJ0gWo.roa
File: 1zJsYotyt9DS9v496UvS3iJ0gWo.roa (raw, json)
Hash identifier: jx22HKNWZog64QRTNLyPX9dRmrWdltxakE2tEzXIYQU=
Subject key identifier: D7:32:6C:62:8B:72:B7:D0:D2:F6:FE:3D:E9:4B:D2:DE:22:74:81:6A
Certificate issuer: /CN=ff1c218811d9294ad631253a445ed1d395a9639f
Certificate serial: 018C10485595408BCA2B7C8A7D3C3671A48C
Authority key identifier: FF:1C:21:88:11:D9:29:4A:D6:31:25:3A:44:5E:D1:D3:95:A9:63:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_xwhiBHZKUrWMSU6RF7R05WpY58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2c6b14-7e87-49c7-a3b3-a0a60bb9cd9b/1/1zJsYotyt9DS9v496UvS3iJ0gWo.roa
Signing time: Mon 27 Nov 2023 10:17:05 +0000
ROA not before: Mon 27 Nov 2023 10:17:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207435
IP address blocks: 82.115.212.0/24 maxlen: 24
2a10:3a00::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:48:55:95:40:8b:ca:2b:7c:8a:7d:3c:36:71:a4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff1c218811d9294ad631253a445ed1d395a9639f
Validity
Not Before: Nov 27 10:17:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7326c628b72b7d0d2f6fe3de94bd2de2274816a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a5:96:cd:3e:65:6d:62:74:b5:d1:02:f3:37:
40:4d:96:e3:36:c8:87:f9:f8:30:db:d4:29:f7:c3:
21:6b:4b:23:d0:8f:13:e2:4d:e3:30:44:cc:eb:87:
e7:8c:0e:56:41:f5:ff:a4:ec:96:2c:aa:f2:9e:5d:
31:45:fc:da:82:0b:39:de:9e:ca:eb:2a:1f:fd:16:
f6:32:68:80:43:72:c2:6c:58:2f:fc:b7:89:c9:e0:
ff:39:65:ae:a9:b3:18:57:1c:4b:3c:b0:66:87:bd:
bd:9a:de:cf:1e:89:40:89:47:c4:43:9f:0e:0f:26:
0b:02:00:0e:91:d6:ba:ea:8e:38:e2:8a:77:e8:40:
ef:09:1b:ea:59:4a:7f:46:1e:44:e5:e5:38:95:86:
44:b3:85:10:fa:00:f1:80:6b:7d:8b:a4:a2:3e:d6:
59:98:7a:3a:c2:7e:e9:6d:2e:7d:76:2f:1d:40:a7:
ac:4e:d8:04:26:f7:27:8e:fa:b7:c2:45:65:88:e1:
8e:70:b6:60:51:91:c0:ab:88:b6:a4:71:b7:e7:91:
34:ac:ec:42:f7:6c:a9:05:dc:9a:a7:00:43:7d:df:
1d:cc:7b:a9:d9:8a:a0:27:c7:87:93:65:8d:38:d1:
64:48:79:5f:42:27:13:2b:48:e7:e3:83:87:f8:55:
99:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:32:6C:62:8B:72:B7:D0:D2:F6:FE:3D:E9:4B:D2:DE:22:74:81:6A
X509v3 Authority Key Identifier:
keyid:FF:1C:21:88:11:D9:29:4A:D6:31:25:3A:44:5E:D1:D3:95:A9:63:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_xwhiBHZKUrWMSU6RF7R05WpY58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2c6b14-7e87-49c7-a3b3-a0a60bb9cd9b/1/1zJsYotyt9DS9v496UvS3iJ0gWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2c6b14-7e87-49c7-a3b3-a0a60bb9cd9b/1/_xwhiBHZKUrWMSU6RF7R05WpY58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.212.0/24
IPv6:
2a10:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
99:d4:b7:f2:1b:d8:01:0b:56:7b:11:05:dd:7a:60:d6:4f:c1:
e0:d6:24:aa:35:7a:dc:cb:bd:f1:cb:9f:7e:02:6c:98:30:ef:
c8:5c:af:ae:ba:23:a6:91:f4:e3:3f:5e:dc:74:e2:81:51:b8:
82:00:0b:67:71:b3:fc:2d:4f:d4:73:cf:53:2a:6b:df:22:f3:
29:33:cb:14:b2:ea:dc:a3:c3:83:f1:e0:d5:12:df:d6:7c:ef:
1c:2f:bf:5b:19:7c:46:38:16:c5:a9:b9:c2:48:46:4a:ab:6d:
de:74:44:03:77:f1:90:65:33:3c:5d:11:be:01:c4:ab:74:71:
96:37:70:7d:78:21:b6:23:69:54:8b:d4:b3:38:81:24:e1:34:
89:03:05:65:22:c3:63:99:8d:a6:1c:2f:41:38:bb:4d:ba:8e:
d3:7f:22:be:e8:6d:8c:77:19:8c:c6:92:2f:7c:fe:eb:3e:3e:
62:1d:4b:78:db:60:d6:26:4a:5b:52:a0:05:ad:6f:65:40:8c:
5c:c2:92:b8:ca:f2:1a:ee:a3:20:7e:fd:4a:ce:46:6f:4e:ff:
06:1d:03:a3:b6:f9:43:d0:c4:eb:31:5b:4f:f3:15:fc:ee:3b:
fc:f9:70:26:d6:5c:1c:1c:19:fd:24:aa:ca:0c:ee:49:b0:e7:
eb:93:d0:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwQSFWVQIvKK3yKfTw2caSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWMyMTg4MTFkOTI5NGFkNjMxMjUzYTQ0NWVkMWQzOTVh
OTYzOWYwHhcNMjMxMTI3MTAxNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzMyNmM2MjhiNzJiN2QwZDJmNmZlM2RlOTRiZDJkZTIyNzQ4MTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6WWzT5lbWJ0tdEC8zdATZbjNsiH
+fgw29Qp98Mha0sj0I8T4k3jMETM64fnjA5WQfX/pOyWLKrynl0xRfzaggs53p7K
6yof/Rb2MmiAQ3LCbFgv/LeJyeD/OWWuqbMYVxxLPLBmh729mt7PHolAiUfEQ58O
DyYLAgAOkda66o444op36EDvCRvqWUp/Rh5E5eU4lYZEs4UQ+gDxgGt9i6SiPtZZ
mHo6wn7pbS59di8dQKesTtgEJvcnjvq3wkVliOGOcLZgUZHAq4i2pHG355E0rOxC
92ypBdyapwBDfd8dzHup2YqgJ8eHk2WNONFkSHlfQicTK0jn44OH+FWZZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNcybGKLcrfQ0vb+PelL0t4idIFqMB8GA1UdIwQY
MBaAFP8cIYgR2SlK1jElOkRe0dOVqWOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3h3aGlCSFpLVXJXTVNVNlJGN1IwNVdwWTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yYzZiMTQtN2U4Ny00OWM3LWEzYjMt
YTBhNjBiYjljZDliLzEvMXpKc1lvdHl0OURTOXY0OTZVdlMzaUowZ1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yYzZiMTQtN2U4Ny00OWM3LWEzYjMtYTBhNjBiYjljZDli
LzEvX3h3aGlCSFpLVXJXTVNVNlJGN1IwNVdwWTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUnPUMA0E
AgACMAcDBQMqEDoAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ1LfyG9gBC1Z7EQXdemDW
T8Hg1iSqNXrcy73xy59+AmyYMO/IXK+uuiOmkfTjP17cdOKBUbiCAAtncbP8LU/U
c89TKmvfIvMpM8sUsurco8OD8eDVEt/WfO8cL79bGXxGOBbFqbnCSEZKq23edEQD
d/GQZTM8XRG+AcSrdHGWN3B9eCG2I2lUi9SzOIEk4TSJAwVlIsNjmY2mHC9BOLtN
uo7TfyK+6G2MdxmMxpIvfP7rPj5iHUt422DWJkpbUqAFrW9lQIxcwpK4yvIa7qMg
fv1KzkZvTv8GHQOjtvlD0MTrMVtP8xX87jv8+XAm1lwcHBn9JKrKDO5JsOfrk9AX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:35 2024 by rpki-client on console-fra.rpki-client.org