Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/iWzlm2OvUwv3mEdZpx3qKEFFmWg.roa
File: iWzlm2OvUwv3mEdZpx3qKEFFmWg.roa (raw, json)
Hash identifier: 2G0kVzrHC8TCRNT1vRTmP0uJ7HtfbXzCWr2nGq4cWoo=
Subject key identifier: 89:6C:E5:9B:63:AF:53:0B:F7:98:47:59:A7:1D:EA:28:41:45:99:68
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 01857142D7C042CE003B367CED9C324C9B71
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/iWzlm2OvUwv3mEdZpx3qKEFFmWg.roa
Signing time: Mon 02 Jan 2023 06:54:44 +0000
ROA not before: Mon 02 Jan 2023 06:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9137
IP address blocks: 213.204.0.0/19 maxlen: 19
2a02:5640::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Mar 2023 06:51:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d7:c0:42:ce:00:3b:36:7c:ed:9c:32:4c:9b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Jan 2 06:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=896ce59b63af530bf7984759a71dea2841459968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2e:54:cd:a7:76:85:d0:eb:ff:ec:0e:99:fc:
76:f6:3a:a4:7b:c6:fb:a1:08:7c:14:b9:8e:a2:90:
ab:2c:17:e5:b7:b5:a6:76:7c:6b:fa:ab:e6:13:7c:
bc:c2:68:03:85:4b:10:94:50:64:41:d3:fc:51:3f:
01:8b:30:85:e9:9f:cb:44:8e:e8:fe:db:0d:7b:25:
61:bb:4b:00:4b:f6:33:24:ea:65:58:66:c9:ea:2c:
02:49:88:b0:1d:58:d2:4b:01:63:e7:2d:20:ea:3a:
47:9f:c7:6f:03:91:77:40:77:3e:c2:1f:7a:df:9d:
cb:23:1c:34:60:08:b6:94:90:73:7e:81:7d:03:50:
40:b9:03:ca:22:48:7e:44:8d:74:c6:8b:89:10:27:
83:d5:c4:22:98:bb:0a:56:68:56:a6:19:9c:a0:0b:
d3:82:a5:e6:2c:60:91:a2:f4:bb:07:9f:e8:f7:96:
29:be:1e:a3:7c:ae:43:f2:25:7f:80:d5:a2:b2:f2:
c7:cd:f0:8e:36:e7:ed:73:5e:ca:83:7b:41:29:ba:
15:dc:f6:68:ed:a8:c5:98:97:12:da:d4:a7:19:fa:
9c:87:c0:04:d6:36:92:03:71:5a:9a:44:7b:51:f2:
34:9b:e0:ee:1d:52:56:57:d0:f1:83:6f:0c:c4:c6:
1a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6C:E5:9B:63:AF:53:0B:F7:98:47:59:A7:1D:EA:28:41:45:99:68
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/iWzlm2OvUwv3mEdZpx3qKEFFmWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.204.0.0/19
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
29:3f:cc:6d:6b:2d:b0:cb:38:44:15:b6:53:72:48:b0:af:c1:
23:6e:9f:3c:cb:d7:20:da:82:b9:c9:63:8e:bf:d4:da:6a:38:
59:f0:64:8f:74:92:85:1a:61:0b:bf:0f:02:e9:e0:d2:e4:1e:
06:7f:c7:6e:f9:95:1f:af:4a:e2:b6:48:a5:4a:74:d3:be:c2:
3c:94:76:06:3d:0c:d0:d6:85:db:15:18:b7:d4:95:dc:85:56:
3f:42:c4:8c:75:54:53:2b:c7:73:6e:c4:28:e1:5c:cb:34:e9:
65:35:a5:95:49:04:be:a9:96:53:59:0e:1f:46:4f:88:0d:7e:
22:79:60:87:44:f6:60:09:a1:17:c1:4f:89:77:34:f3:48:9e:
a6:41:69:81:60:98:69:39:e1:8a:d1:d5:40:f3:9f:e1:2f:65:
0a:e1:c3:30:76:1b:8a:00:af:f7:1a:20:d4:b5:8d:48:56:53:
19:67:95:b1:c6:a9:9f:17:31:a8:1c:94:aa:9a:4a:8a:11:17:
cf:c4:1a:38:2f:f4:9e:31:e0:03:57:e2:56:a7:c0:4e:bb:fe:
24:ed:a8:eb:7d:e5:f8:75:74:df:37:f9:8e:d2:2e:a6:07:ce:
aa:e7:7b:76:18:af:d3:be:60:f2:92:44:39:05:84:5d:85:a6:
f8:7f:a1:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxQtfAQs4AOzZ87ZwyTJtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZjZTU5YjYzYWY1MzBiZjc5ODQ3NTlhNzFkZWEyODQxNDU5OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy5Uzad2hdDr/+wOmfx29jqke8b7
oQh8FLmOopCrLBflt7Wmdnxr+qvmE3y8wmgDhUsQlFBkQdP8UT8BizCF6Z/LRI7o
/tsNeyVhu0sAS/YzJOplWGbJ6iwCSYiwHVjSSwFj5y0g6jpHn8dvA5F3QHc+wh96
353LIxw0YAi2lJBzfoF9A1BAuQPKIkh+RI10xouJECeD1cQimLsKVmhWphmcoAvT
gqXmLGCRovS7B5/o95Ypvh6jfK5D8iV/gNWisvLHzfCONuftc17Kg3tBKboV3PZo
7ajFmJcS2tSnGfqch8AE1jaSA3FamkR7UfI0m+DuHVJWV9Dxg28MxMYaTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIls5Ztjr1ML95hHWacd6ihBRZloMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvaVd6bG0yT3ZVd3YzbUVkWnB4M3FLRUZGbVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1cwAMA0E
AgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IBAQApP8xtay2wyzhEFbZTckiw
r8Ejbp88y9cg2oK5yWOOv9TaajhZ8GSPdJKFGmELvw8C6eDS5B4Gf8du+ZUfr0ri
tkilSnTTvsI8lHYGPQzQ1oXbFRi31JXchVY/QsSMdVRTK8dzbsQo4VzLNOllNaWV
SQS+qZZTWQ4fRk+IDX4ieWCHRPZgCaEXwU+JdzTzSJ6mQWmBYJhpOeGK0dVA85/h
L2UK4cMwdhuKAK/3GiDUtY1IVlMZZ5WxxqmfFzGoHJSqmkqKERfPxBo4L/SeMeAD
V+JWp8BOu/4k7ajrfeX4dXTfN/mO0i6mB86q53t2GK/TvmDykkQ5BYRdhab4f6Hg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:41 2024 by rpki-client on console-fra.rpki-client.org