Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/_p6RIbeKGT8JxwZYyUKIMqXT2h4.roa
File: _p6RIbeKGT8JxwZYyUKIMqXT2h4.roa (raw, json)
Hash identifier: Xt8Y4rWk0TCo343RDVHR/lDmO38RZvFE11vM4cnEfCI=
Subject key identifier: FE:9E:91:21:B7:8A:19:3F:09:C7:06:58:C9:42:88:32:A5:D3:DA:1E
Certificate issuer: /CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Certificate serial: 019299F4E70F56094169810E73F189FFD1CA
Authority key identifier: AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/_p6RIbeKGT8JxwZYyUKIMqXT2h4.roa
Signing time: Thu 17 Oct 2024 10:10:16 +0000
ROA not before: Thu 17 Oct 2024 10:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 213.158.84.0/22 maxlen: 24
213.158.88.0/23 maxlen: 24
213.158.90.0/23 maxlen: 24
213.158.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 15:19:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:f4:e7:0f:56:09:41:69:81:0e:73:f1:89:ff:d1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Validity
Not Before: Oct 17 10:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe9e9121b78a193f09c70658c9428832a5d3da1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:cb:a5:d0:48:62:cc:b0:60:40:43:84:fd:
d1:9b:c1:69:37:c1:17:41:f3:9d:17:83:88:7c:f4:
1a:1d:96:d7:5e:30:0b:7f:ea:e0:d6:09:cf:f7:1d:
a5:15:9e:b5:e9:ea:77:97:98:6a:8a:a3:2a:5b:47:
86:c9:5e:5a:de:a9:31:fd:82:7e:65:e8:35:cb:66:
4f:12:0b:dc:07:57:eb:0e:c1:15:be:c8:e9:c5:bd:
43:31:08:fc:07:37:4f:f9:4c:46:6c:9f:3e:21:75:
fe:e0:c5:d1:96:9b:c0:d5:dc:d5:b2:60:39:2f:5b:
c8:9f:87:dc:be:60:b2:d8:d6:1b:d7:f6:79:56:2a:
0e:04:ba:bb:c3:14:45:bd:b8:b6:07:5f:0c:3d:72:
85:00:d9:70:67:e6:90:bb:d4:ce:0f:8a:34:72:6a:
2c:08:06:6f:9d:c4:c0:c9:83:64:8e:7c:3f:de:65:
18:9f:0f:f7:e6:08:e4:91:e0:d3:b9:5a:2e:07:67:
83:74:1e:d2:c8:7f:b0:0f:78:a9:19:d7:7c:92:98:
de:15:d4:8a:c1:39:c6:aa:5d:b8:dd:ed:95:05:69:
e8:7b:ed:a9:99:a4:7d:c3:06:8a:d2:77:0a:32:0e:
91:93:60:a8:6c:5f:4d:a6:5e:db:3c:66:dc:bd:86:
e9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9E:91:21:B7:8A:19:3F:09:C7:06:58:C9:42:88:32:A5:D3:DA:1E
X509v3 Authority Key Identifier:
keyid:AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/_p6RIbeKGT8JxwZYyUKIMqXT2h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.84.0-213.158.95.255
Signature Algorithm: sha256WithRSAEncryption
90:0e:33:bf:33:42:a3:99:e3:8c:10:07:ee:8e:13:ab:fb:39:
29:2e:9c:84:47:5f:84:b0:d7:4d:fb:66:44:4b:cc:41:7d:58:
de:1d:eb:53:49:53:31:cf:6e:53:79:c5:93:bf:ef:b3:84:65:
6d:f3:b9:c6:08:b8:56:bd:5e:b4:51:67:e1:eb:40:43:7c:c9:
f8:ad:38:98:5a:94:3d:0a:48:f4:15:f8:54:66:06:6a:ad:99:
18:0a:62:0f:77:fd:2a:cd:c9:b3:49:2d:fe:71:22:3a:a7:c3:
9e:33:93:2c:41:af:ea:a2:bc:38:8c:77:99:21:b2:e8:46:58:
e0:11:e5:6e:fc:e3:06:bc:a5:87:01:1f:6b:53:9f:44:79:39:
e2:f7:ec:39:e5:19:57:55:1e:de:3b:7f:c9:f4:aa:41:ad:20:
bc:ad:c9:d4:b1:5b:f9:f9:7c:61:e1:be:2c:54:f0:77:14:cf:
8e:5f:2a:ec:4d:cf:ad:78:39:dd:d5:b8:08:04:50:b2:02:81:
34:8c:f2:64:12:f4:f4:81:d1:3b:a9:15:c7:02:ab:9e:6a:7a:
72:c1:da:c1:be:bf:9f:34:65:23:25:e3:8f:68:94:24:20:c1:
6b:28:5f:28:6f:dd:c8:e0:42:23:7b:f7:e5:23:08:ad:4b:69:
fd:b0:35:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZKZ9OcPVglBaYEOc/GJ/9HKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGRjMTJiMGYxYjUzM2Q4ZDA0ZWM2MTE3ZDZiOWU1MTJm
Y2FhOWYwHhcNMjQxMDE3MTAxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTllOTEyMWI3OGExOTNmMDljNzA2NThjOTQyODgzMmE1ZDNkYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2fLpdBIYsywYEBDhP3Rm8FpN8EX
QfOdF4OIfPQaHZbXXjALf+rg1gnP9x2lFZ616ep3l5hqiqMqW0eGyV5a3qkx/YJ+
Zeg1y2ZPEgvcB1frDsEVvsjpxb1DMQj8BzdP+UxGbJ8+IXX+4MXRlpvA1dzVsmA5
L1vIn4fcvmCy2NYb1/Z5VioOBLq7wxRFvbi2B18MPXKFANlwZ+aQu9TOD4o0cmos
CAZvncTAyYNkjnw/3mUYnw/35gjkkeDTuVouB2eDdB7SyH+wD3ipGdd8kpjeFdSK
wTnGql243e2VBWnoe+2pmaR9wwaK0ncKMg6Rk2CobF9Npl7bPGbcvYbpLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP6ekSG3ihk/CccGWMlCiDKl09oeMB8GA1UdIwQY
MBaAFK8NwSsPG1M9jQTsYRfWueUS/KqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYt
YmM1YjY5MTQ0NTg3LzEvX3A2UkliZUtHVDhKeHdaWXlVS0lNcVhUMmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYtYmM1YjY5MTQ0NTg3
LzEvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALVnlQD
BAXVnkAwDQYJKoZIhvcNAQELBQADggEBAJAOM78zQqOZ44wQB+6OE6v7OSkunIRH
X4Sw1037ZkRLzEF9WN4d61NJUzHPblN5xZO/77OEZW3zucYIuFa9XrRRZ+HrQEN8
yfitOJhalD0KSPQV+FRmBmqtmRgKYg93/SrNybNJLf5xIjqnw54zkyxBr+qivDiM
d5khsuhGWOAR5W784wa8pYcBH2tTn0R5OeL37DnlGVdVHt47f8n0qkGtILytydSx
W/n5fGHhvixU8HcUz45fKuxNz614Od3VuAgEULICgTSM8mQS9PSB0TupFccCq55q
enLB2sG+v580ZSMl449olCQgwWsoXyhv3cjgQiN79+UjCK1Laf2wNZU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:46 2025 by rpki-client