Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/1xRgYnHTkPzvA9L5UIq2gufP-ug.roa
File: 1xRgYnHTkPzvA9L5UIq2gufP-ug.roa (raw, json)
Hash identifier: rwxwyBZ9Xj3JRBefd5fpLvh4m/x7sxuP+T3GH3vVuls=
Subject key identifier: D7:14:60:62:71:D3:90:FC:EF:03:D2:F9:50:8A:B6:82:E7:CF:FA:E8
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 01857142D92C7C3CCECDC821210C80966661
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/1xRgYnHTkPzvA9L5UIq2gufP-ug.roa
Signing time: Mon 02 Jan 2023 06:54:44 +0000
ROA not before: Mon 02 Jan 2023 06:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 213.204.16.0/24 maxlen: 24
213.204.20.0/24 maxlen: 24
213.204.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Mar 2023 17:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d9:2c:7c:3c:ce:cd:c8:21:21:0c:80:96:66:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Jan 2 06:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d714606271d390fcef03d2f9508ab682e7cffae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cc:3d:02:82:50:af:0e:0b:60:6c:10:d1:93:
5d:08:5e:28:05:d0:a7:95:07:9c:93:ce:a4:45:05:
d6:68:85:8b:66:65:b6:d9:8e:06:67:48:e8:8e:d6:
b9:56:5a:e5:92:5a:84:49:7a:ed:ce:b5:09:06:f1:
a9:0d:b4:e2:49:e2:5f:c0:0a:b8:c7:1d:a8:87:ac:
a2:be:66:52:bb:65:be:22:23:22:55:82:a3:f5:1e:
17:4b:64:db:8e:65:38:84:d8:ca:26:00:3a:a4:9b:
5f:7a:b1:36:7c:ef:bb:c6:58:78:d8:18:b7:51:ea:
f0:82:60:53:be:59:6d:1e:2a:eb:9d:88:4d:9e:e2:
f0:2f:31:95:07:f8:06:9e:6c:dc:ba:8b:63:e4:b0:
17:c2:0d:66:7d:66:ba:44:27:36:08:ea:e1:58:8f:
cf:38:4a:be:d6:3e:9c:ab:fe:85:ae:79:d5:df:7c:
0e:06:88:9f:96:ce:ff:8c:2e:32:ea:49:19:7f:34:
d1:56:8e:46:fa:34:94:34:c6:bb:ef:ea:8a:64:d9:
a0:f4:0b:df:a8:a1:9c:38:24:14:b0:b3:2b:0e:18:
34:2e:73:c5:7b:0b:53:fe:cf:bf:8f:7d:a2:98:6e:
40:f5:a0:85:7b:1d:72:9f:7a:8f:12:3e:cc:f7:2f:
fb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:14:60:62:71:D3:90:FC:EF:03:D2:F9:50:8A:B6:82:E7:CF:FA:E8
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/1xRgYnHTkPzvA9L5UIq2gufP-ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.204.16.0/24
213.204.20.0/24
213.204.25.0/24
Signature Algorithm: sha256WithRSAEncryption
58:6c:b8:02:14:f9:db:1e:8e:a4:66:20:fb:b4:b1:b6:55:d3:
5c:a2:16:45:32:d1:33:da:18:7d:ec:1d:ea:e7:6f:58:3c:ea:
53:ea:2d:bd:26:9f:7b:83:17:b2:30:06:9b:18:e4:a9:0b:70:
dd:2a:3b:81:45:86:42:43:ce:c8:c6:5b:d6:c4:58:d9:2b:82:
3b:76:46:a8:22:9d:41:40:02:d8:44:05:cc:6b:2c:08:10:c6:
ee:5d:49:97:06:67:67:0f:a9:09:bd:26:63:b2:90:d9:f0:13:
ec:7d:55:53:6a:c9:5f:8a:c8:aa:c0:8c:f3:60:d4:ce:ca:11:
93:bd:9f:f3:96:e9:1c:1f:4f:c0:03:6f:45:e8:ab:bc:a4:a1:
f7:9d:2e:ff:60:4a:06:2c:62:85:f3:de:75:f7:d1:21:a9:da:
98:68:ca:14:43:73:e4:b2:02:15:d7:4c:b0:2f:09:68:64:5b:
18:c0:d9:2a:7f:b1:96:fa:49:76:8c:c5:bf:fd:4a:73:4a:bb:
7f:aa:fb:02:15:2e:4b:26:69:79:ee:2a:40:25:3d:28:3f:90:
f6:0b:af:6b:4a:84:71:b8:60:98:6d:1a:32:d3:4b:85:41:e8:
39:73:cf:00:b4:8b:b8:f8:84:9b:f3:4c:08:95:a4:06:e1:d8:
8c:ba:50:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxQtksfDzOzcghIQyAlmZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE0NjA2MjcxZDM5MGZjZWYwM2QyZjk1MDhhYjY4MmU3Y2ZmYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMw9AoJQrw4LYGwQ0ZNdCF4oBdCn
lQeck86kRQXWaIWLZmW22Y4GZ0jojta5VlrlklqESXrtzrUJBvGpDbTiSeJfwAq4
xx2oh6yivmZSu2W+IiMiVYKj9R4XS2TbjmU4hNjKJgA6pJtferE2fO+7xlh42Bi3
UerwgmBTvlltHirrnYhNnuLwLzGVB/gGnmzcuotj5LAXwg1mfWa6RCc2COrhWI/P
OEq+1j6cq/6FrnnV33wOBoifls7/jC4y6kkZfzTRVo5G+jSUNMa77+qKZNmg9Avf
qKGcOCQUsLMrDhg0LnPFewtT/s+/j32imG5A9aCFex1yn3qPEj7M9y/7bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNcUYGJx05D87wPS+VCKtoLnz/roMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvMXhSZ1luSFRrUHp2QTlMNVVJcTJndWZQLXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cwQAwQA
1cwUAwQA1cwZMA0GCSqGSIb3DQEBCwUAA4IBAQBYbLgCFPnbHo6kZiD7tLG2VdNc
ohZFMtEz2hh97B3q529YPOpT6i29Jp97gxeyMAabGOSpC3DdKjuBRYZCQ87IxlvW
xFjZK4I7dkaoIp1BQALYRAXMaywIEMbuXUmXBmdnD6kJvSZjspDZ8BPsfVVTaslf
isiqwIzzYNTOyhGTvZ/zlukcH0/AA29F6Ku8pKH3nS7/YEoGLGKF895199EhqdqY
aMoUQ3PksgIV10ywLwloZFsYwNkqf7GW+kl2jMW//UpzSrt/qvsCFS5LJml57ipA
JT0oP5D2C69rSoRxuGCYbRoy00uFQeg5c88AtIu4+ISb80wIlaQG4diMulAS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org