Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/AjwQPedu9u0IVkkldeb2dTw1q8U.roa
File: AjwQPedu9u0IVkkldeb2dTw1q8U.roa (raw, json)
Hash identifier: gVhKLBgLbRO4bDRqyQpUetl7KeV+jMJT8ErouWm+iSQ=
Subject key identifier: 02:3C:10:3D:E7:6E:F6:ED:08:56:49:25:75:E6:F6:75:3C:35:AB:C5
Certificate issuer: /CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Certificate serial: 018CC94D8A0D603D67458619EE11C1A9DB29
Authority key identifier: 2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/AjwQPedu9u0IVkkldeb2dTw1q8U.roa
Signing time: Tue 02 Jan 2024 08:32:31 +0000
ROA not before: Tue 02 Jan 2024 08:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206049
IP address blocks: 212.11.67.0/24 maxlen: 24
212.11.76.0/24 maxlen: 24
2a0a:7640::/29 maxlen: 30
Validation: Failed, certificate revoked on Thu 21 Nov 2024 10:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:8a:0d:60:3d:67:45:86:19:ee:11:c1:a9:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Validity
Not Before: Jan 2 08:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=023c103de76ef6ed0856492575e6f6753c35abc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ba:2a:82:cf:b9:54:be:07:36:28:0c:08:c2:
c4:09:59:55:e5:8c:5a:e5:74:ba:25:79:5e:e5:27:
d8:26:d5:de:0e:d4:cb:35:4e:34:b0:d1:c2:a5:19:
1d:61:42:f8:12:a6:bb:2c:4d:5f:7e:4c:01:58:8a:
ac:c6:a1:65:80:e5:d8:91:9d:15:24:9d:2c:91:9b:
7f:11:bb:da:20:9c:6e:2f:0a:80:67:57:ab:19:10:
97:d2:a8:96:04:70:a4:bf:af:30:50:fe:ee:7e:57:
18:2f:d4:4d:f8:19:8d:dc:58:19:1d:9c:1c:2a:06:
c5:97:89:7e:53:72:fe:00:d5:dc:d5:0b:3b:1a:b9:
bd:65:a1:8f:1e:52:10:92:6e:ed:d3:f1:ae:bc:d6:
38:43:12:e6:7b:9b:d7:be:fc:17:4f:4c:06:1c:f8:
ad:11:74:3d:d2:ba:31:cb:87:0d:a2:9d:46:36:df:
4c:87:ec:49:5e:04:d9:40:06:00:18:1f:5a:40:04:
b3:b8:d6:37:a8:7c:33:72:d1:b9:6d:a4:76:98:14:
ed:83:4d:1e:2f:c7:e6:93:98:34:51:2e:1c:65:07:
8a:e2:b7:11:7e:a4:9e:2a:aa:72:ad:b8:3b:63:92:
bd:65:8d:40:18:8b:43:78:7b:77:34:57:b1:59:28:
7b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3C:10:3D:E7:6E:F6:ED:08:56:49:25:75:E6:F6:75:3C:35:AB:C5
X509v3 Authority Key Identifier:
keyid:2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/AjwQPedu9u0IVkkldeb2dTw1q8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.67.0/24
212.11.76.0/24
IPv6:
2a0a:7640::/29
Signature Algorithm: sha256WithRSAEncryption
b3:25:30:64:7a:49:ec:5d:5f:76:d1:42:83:0f:90:d3:b7:42:
7c:ba:e5:4c:27:4f:55:b4:e2:80:31:13:ff:07:46:80:64:01:
d0:03:da:8f:06:d7:29:38:50:d8:22:f6:d1:54:4e:6b:89:69:
fc:ef:55:33:39:da:93:d3:e5:03:0d:1f:8f:7c:47:d6:10:07:
97:d7:9f:9e:47:f6:5c:36:44:c9:74:68:98:ec:0d:10:19:db:
bb:f0:bb:8f:b5:e1:7e:3a:c1:b5:88:b4:39:7c:ee:9e:76:20:
4f:95:4d:ab:88:1c:b4:ad:08:e0:56:37:45:5e:53:00:1c:a7:
29:b0:bd:0e:ed:b4:b5:17:43:3f:0d:14:a2:8d:35:5f:ef:37:
72:22:2d:1b:00:e5:cd:ef:d7:29:d9:be:b0:84:9a:3a:67:b0:
27:52:d4:03:83:f2:3b:fd:91:54:d2:f6:5c:20:3a:5a:9a:0e:
25:12:8d:0f:2e:e1:c1:e5:78:e7:10:0b:06:c2:f2:09:ae:3e:
76:90:35:05:b9:d9:e6:ad:1d:1d:b7:f5:9e:bf:e6:99:74:55:
df:c2:95:41:f2:b8:55:92:95:96:51:29:17:b4:15:8e:d9:8a:
68:47:c8:42:c6:e1:48:59:36:24:e1:e7:86:38:c3:39:a6:f9:
9b:0b:bc:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTYoNYD1nRYYZ7hHBqdspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTRkNzBjZmI3ZTY5MDE5YTJlMDFjODdkMGE1ZDU0NWE1
OTliNTIwHhcNMjQwMTAyMDgzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNjMTAzZGU3NmVmNmVkMDg1NjQ5MjU3NWU2ZjY3NTNjMzVhYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgboqgs+5VL4HNigMCMLECVlV5Yxa
5XS6JXle5SfYJtXeDtTLNU40sNHCpRkdYUL4Eqa7LE1ffkwBWIqsxqFlgOXYkZ0V
JJ0skZt/EbvaIJxuLwqAZ1erGRCX0qiWBHCkv68wUP7uflcYL9RN+BmN3FgZHZwc
KgbFl4l+U3L+ANXc1Qs7Grm9ZaGPHlIQkm7t0/GuvNY4QxLme5vXvvwXT0wGHPit
EXQ90roxy4cNop1GNt9Mh+xJXgTZQAYAGB9aQASzuNY3qHwzctG5baR2mBTtg00e
L8fmk5g0US4cZQeK4rcRfqSeKqpyrbg7Y5K9ZY1AGItDeHt3NFexWSh70wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAI8ED3nbvbtCFZJJXXm9nU8NavFMB8GA1UdIwQY
MBaAFCyU1wz7fmkBmi4ByH0KXVRaWZtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTkt
NjlmYzA1NmIyNjI1LzEvQWp3UVBlZHU5dTBJVmtrbGRlYjJkVHcxcThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTktNjlmYzA1NmIyNjI1
LzEvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQA1AtDAwQA
1AtMMA0EAgACMAcDBQMqCnZAMA0GCSqGSIb3DQEBCwUAA4IBAQCzJTBkeknsXV92
0UKDD5DTt0J8uuVMJ09VtOKAMRP/B0aAZAHQA9qPBtcpOFDYIvbRVE5riWn871Uz
OdqT0+UDDR+PfEfWEAeX15+eR/ZcNkTJdGiY7A0QGdu78LuPteF+OsG1iLQ5fO6e
diBPlU2riBy0rQjgVjdFXlMAHKcpsL0O7bS1F0M/DRSijTVf7zdyIi0bAOXN79cp
2b6whJo6Z7AnUtQDg/I7/ZFU0vZcIDpamg4lEo0PLuHB5XjnEAsGwvIJrj52kDUF
udnmrR0dt/Wev+aZdFXfwpVB8rhVkpWWUSkXtBWO2YpoR8hCxuFIWTYk4eeGOMM5
pvmbC7xM
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:10:00 2024 by rpki-client on console-fra.rpki-client.org