Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/ITn60ihePRATB3hixD0ap9NKzoE.roa
File: ITn60ihePRATB3hixD0ap9NKzoE.roa (raw, json)
Hash identifier: MFD3fD3uaJ8wsdkPVpq71wHRmXCtGFkOHRg63fKF9xY=
Subject key identifier: 21:39:FA:D2:28:5E:3D:10:13:07:78:62:C4:3D:1A:A7:D3:4A:CE:81
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01856F9DB2354D5B613576C6472C20AA89A7
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/ITn60ihePRATB3hixD0ap9NKzoE.roa
Signing time: Sun 01 Jan 2023 23:14:43 +0000
ROA not before: Sun 01 Jan 2023 23:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212693
IP address blocks: 213.185.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b2:35:4d:5b:61:35:76:c6:47:2c:20:aa:89:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 1 23:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2139fad2285e3d1013077862c43d1aa7d34ace81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:69:b6:a9:1d:a7:c8:05:de:b5:32:ae:91:93:
c3:4e:81:eb:70:9c:90:e6:7f:a1:cb:20:1b:80:55:
a9:65:27:f7:ce:92:0a:90:55:3f:e0:3b:e8:6a:36:
aa:a0:7d:2b:9a:3b:fa:10:6c:88:b0:e5:f8:72:5e:
5b:e7:3f:a6:b6:f6:78:b9:35:57:a8:42:36:28:7e:
e1:5b:10:65:52:52:42:9e:6c:bc:7b:17:cd:e6:7e:
c8:78:54:c3:f8:de:cd:bb:ec:52:cd:54:ca:75:3e:
98:40:83:6e:01:38:8f:db:55:34:86:04:c2:4c:36:
73:0f:70:1d:ba:4f:9b:3e:38:c5:f5:65:1e:22:31:
b2:09:e4:5c:2d:82:01:dc:03:fe:18:5b:a6:7a:ff:
9d:f3:44:cf:69:be:29:9c:50:63:a0:e4:ed:e4:7b:
48:54:17:54:4c:6d:4d:bd:e2:03:03:37:cc:e5:a0:
3f:a0:22:30:f6:de:aa:87:49:60:4a:37:ee:9b:c3:
da:ef:80:39:fc:d6:19:a2:32:f4:3e:91:5c:0d:b6:
57:bb:00:29:39:a8:f0:37:a0:f6:4d:60:44:b3:50:
eb:39:6f:32:5d:9c:9d:04:82:27:44:23:c2:e3:cb:
2c:dd:f4:f7:13:2f:e0:d8:e3:b7:a8:e6:39:67:f3:
9f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:39:FA:D2:28:5E:3D:10:13:07:78:62:C4:3D:1A:A7:D3:4A:CE:81
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/ITn60ihePRATB3hixD0ap9NKzoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.185.64.0/24
Signature Algorithm: sha256WithRSAEncryption
00:39:e7:4d:b0:dc:a5:4a:b7:c8:80:65:b7:c8:c8:15:60:ca:
ca:11:1f:c5:31:25:86:0e:b5:4c:93:97:c3:af:80:ec:cb:d0:
ae:ab:1f:3f:37:3d:ca:e1:05:02:43:4e:ea:9b:55:63:f1:18:
13:bf:ec:2e:7f:71:50:f3:85:2f:69:f6:74:7b:1f:d9:37:66:
71:75:d7:4e:4e:61:91:17:e7:b6:64:0a:4f:2f:d5:6e:8b:3a:
31:e7:37:87:61:9d:aa:c9:5a:b2:39:f8:d3:1c:e9:26:42:f6:
87:f9:fc:05:28:b5:8e:d9:8c:33:94:3b:44:64:14:cb:e5:ed:
13:64:c1:a4:15:e7:90:58:4f:b5:17:dc:5a:a8:92:82:6d:c9:
eb:b5:a7:a5:7b:9f:da:03:5e:de:3b:af:fb:74:3c:21:5e:e4:
4e:4e:34:64:b8:d7:af:8e:94:b9:44:4c:22:7b:55:ea:7a:a1:
85:ff:69:e8:ea:6c:8e:42:fa:f7:a1:62:06:7c:f5:bf:b6:cf:
30:1a:31:96:95:ce:50:ed:a4:68:87:2b:f3:62:a0:42:73:44:
a2:ef:b6:ac:2c:ba:06:67:cf:bb:bf:19:42:c4:7d:5d:05:dc:
9f:34:55:cd:d1:a1:9f:2a:3f:aa:28:40:26:d2:08:d3:71:79:
c2:25:79:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbI1TVthNXbGRywgqomnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjMwMTAxMjMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM5ZmFkMjI4NWUzZDEwMTMwNzc4NjJjNDNkMWFhN2QzNGFjZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmm2qR2nyAXetTKukZPDToHrcJyQ
5n+hyyAbgFWpZSf3zpIKkFU/4DvoajaqoH0rmjv6EGyIsOX4cl5b5z+mtvZ4uTVX
qEI2KH7hWxBlUlJCnmy8exfN5n7IeFTD+N7Nu+xSzVTKdT6YQINuATiP21U0hgTC
TDZzD3Aduk+bPjjF9WUeIjGyCeRcLYIB3AP+GFumev+d80TPab4pnFBjoOTt5HtI
VBdUTG1NveIDAzfM5aA/oCIw9t6qh0lgSjfum8Pa74A5/NYZojL0PpFcDbZXuwAp
OajwN6D2TWBEs1DrOW8yXZydBIInRCPC48ss3fT3Ey/g2OO3qOY5Z/Of9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCE5+tIoXj0QEwd4YsQ9GqfTSs6BMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvSVRuNjBpaGVQUkFUQjNoaXhEMGFwOU5Lem9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1blAMA0G
CSqGSIb3DQEBCwUAA4IBAQAAOedNsNylSrfIgGW3yMgVYMrKER/FMSWGDrVMk5fD
r4Dsy9Cuqx8/Nz3K4QUCQ07qm1Vj8RgTv+wuf3FQ84UvafZ0ex/ZN2ZxdddOTmGR
F+e2ZApPL9Vuizox5zeHYZ2qyVqyOfjTHOkmQvaH+fwFKLWO2YwzlDtEZBTL5e0T
ZMGkFeeQWE+1F9xaqJKCbcnrtaele5/aA17eO6/7dDwhXuROTjRkuNevjpS5REwi
e1XqeqGF/2no6myOQvr3oWIGfPW/ts8wGjGWlc5Q7aRohyvzYqBCc0Si77asLLoG
Z8+7vxlCxH1dBdyfNFXN0aGfKj+qKEAm0gjTcXnCJXlz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:49 2024 by rpki-client on console-ams.rpki-client.org