Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-rj_CcjOIJarOKGOjKom6rjVrbE.roa
File: 1-rj_CcjOIJarOKGOjKom6rjVrbE.roa (raw, json)
Hash identifier: ycq/bG06BQcAVlUYO+fdjhN4OGaXwG7+FwaBa0f4Fa0=
Subject key identifier: FA:B8:FF:09:C8:CE:20:96:AB:38:A1:8E:8C:AA:26:EA:B8:D5:AD:B1
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018CC64B5F7FE880E6597EC29CEE3683F0E8
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-rj_CcjOIJarOKGOjKom6rjVrbE.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211440
IP address blocks: 212.60.0.0/22 maxlen: 24
139.28.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 13:51:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5f:7f:e8:80:e6:59:7e:c2:9c:ee:36:83:f0:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fab8ff09c8ce2096ab38a18e8caa26eab8d5adb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b6:52:2a:e1:8a:60:f9:57:db:01:7e:f9:1a:
32:7e:20:f2:4e:18:8e:be:a2:36:65:6e:bc:c8:af:
89:b2:28:f1:bd:56:a9:3f:24:bc:bd:cd:25:6e:c8:
41:51:e4:42:00:e8:46:63:62:9d:84:a6:05:78:df:
11:df:33:03:28:75:b8:85:f6:06:3a:a3:42:69:96:
49:8d:80:ee:bc:44:08:d4:52:c0:4a:f1:98:f3:d1:
50:c8:22:7f:7c:43:eb:ec:b9:cc:d5:6f:23:76:ae:
cd:93:13:54:5f:5c:d6:0f:96:ac:a0:c5:1f:de:3f:
31:3b:09:b8:4c:7e:39:e9:61:b7:a4:62:70:9c:15:
af:b4:f4:2a:a1:7b:49:29:6a:c0:5b:b7:5b:6e:8b:
a1:9e:09:fa:93:46:e4:a6:73:cf:bb:43:f0:cc:39:
9e:02:00:e9:36:17:1b:e4:dc:4e:30:d3:f7:e7:e9:
1c:41:7a:28:38:b6:0a:7a:7d:28:42:9c:9f:77:0e:
ad:6b:cf:12:74:45:f5:82:02:9f:3c:7e:35:eb:ca:
ef:b4:03:58:7a:d4:ee:92:47:83:55:f2:c5:67:77:
3d:08:f9:0f:3d:52:aa:53:4c:64:78:17:f2:37:69:
99:5e:a6:c2:e4:2b:56:06:a3:dd:1e:e5:e1:7c:44:
24:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B8:FF:09:C8:CE:20:96:AB:38:A1:8E:8C:AA:26:EA:B8:D5:AD:B1
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/1-rj_CcjOIJarOKGOjKom6rjVrbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.172.0/22
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
20:01:a7:90:d9:9e:ec:c1:07:6c:c8:fa:b4:74:e1:0a:db:cd:
cd:ce:bc:b3:d4:16:02:97:4b:6b:23:d1:00:00:86:b1:c0:ac:
31:e2:90:65:b5:44:64:38:9c:48:12:c2:5e:9f:10:ac:81:b7:
e2:e1:e8:f9:ab:71:c5:6f:dd:07:a2:f7:e7:58:83:5b:6d:4a:
d5:55:1e:a1:29:2b:6c:9e:9f:d1:7c:58:12:99:9a:4c:d6:e2:
ee:19:e9:83:d4:b6:f0:d7:3f:29:72:58:01:90:d3:f8:79:8b:
7b:f5:33:bb:a0:5b:01:1e:ee:7a:bd:7a:8c:86:c3:48:63:c0:
8a:4d:e1:2e:99:60:f4:be:55:e7:68:b4:f5:66:f9:eb:d9:fb:
ab:9b:94:25:bd:5d:af:0c:4a:7e:18:c5:0c:72:ac:76:60:61:
21:8d:cf:7c:8f:e5:fd:67:10:68:0d:da:64:20:ad:17:ad:9e:
73:f7:2b:cd:55:49:d7:d1:e7:cd:06:56:58:99:fc:0d:12:20:
e4:1b:38:cd:94:0e:8d:81:80:be:9e:aa:b0:9a:b6:66:62:b6:
54:e1:61:1e:8f:5d:5d:f7:0f:64:2a:bc:69:e2:73:0c:ff:dd:
6c:08:b7:94:b4:97:87:cf:59:50:e3:36:e2:42:3b:94:f0:c9:
0e:1b:e5:63
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzGS19/6IDmWX7CnO42g/DoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI4ZmYwOWM4Y2UyMDk2YWIzOGExOGU4Y2FhMjZlYWI4ZDVhZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrZSKuGKYPlX2wF++RoyfiDyThiO
vqI2ZW68yK+JsijxvVapPyS8vc0lbshBUeRCAOhGY2KdhKYFeN8R3zMDKHW4hfYG
OqNCaZZJjYDuvEQI1FLASvGY89FQyCJ/fEPr7LnM1W8jdq7NkxNUX1zWD5asoMUf
3j8xOwm4TH456WG3pGJwnBWvtPQqoXtJKWrAW7dbbouhngn6k0bkpnPPu0PwzDme
AgDpNhcb5NxOMNP35+kcQXooOLYKen0oQpyfdw6ta88SdEX1ggKfPH4168rvtANY
etTukkeDVfLFZ3c9CPkPPVKqU0xkeBfyN2mZXqbC5CtWBqPdHuXhfEQkeQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPq4/wnIziCWqzihjoyqJuq41a2xMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvMS1yal9DY2pPSUphck9LR09qS29tNnJqVnJiRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRk
My8xL2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAoscrAME
AtQ8ADANBgkqhkiG9w0BAQsFAAOCAQEAIAGnkNme7MEHbMj6tHThCtvNzc68s9QW
ApdLayPRAACGscCsMeKQZbVEZDicSBLCXp8QrIG34uHo+atxxW/dB6L351iDW21K
1VUeoSkrbJ6f0XxYEpmaTNbi7hnpg9S28Nc/KXJYAZDT+HmLe/Uzu6BbAR7uer16
jIbDSGPAik3hLplg9L5V52i09Wb569n7q5uUJb1drwxKfhjFDHKsdmBhIY3PfI/l
/WcQaA3aZCCtF62ec/crzVVJ19HnzQZWWJn8DRIg5Bs4zZQOjYGAvp6qsJq2ZmK2
VOFhHo9dXfcPZCq8aeJzDP/dbAi3lLSXh89ZUOM24kI7lPDJDhvlYw==
-----END CERTIFICATE-----
Generated at Tue Jan 23 17:52:31 2024 by rpki-client on console-ams.rpki-client.org