Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/8i3xZ68ZOhPYNwuI4unvRxIqNVY.roa
File: 8i3xZ68ZOhPYNwuI4unvRxIqNVY.roa (raw, json)
Hash identifier: HDRXJi3M/WHHO1BTr90zKII+Y7QbRUCdnh88hULxsRs=
Subject key identifier: F2:2D:F1:67:AF:19:3A:13:D8:37:0B:88:E2:E9:EF:47:12:2A:35:56
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 018572E806F7E2AFBB11EBA76135545608DF
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/8i3xZ68ZOhPYNwuI4unvRxIqNVY.roa
Signing time: Mon 02 Jan 2023 14:34:46 +0000
ROA not before: Mon 02 Jan 2023 14:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210850
IP address blocks: 213.108.134.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Aug 2023 08:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:06:f7:e2:af:bb:11:eb:a7:61:35:54:56:08:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jan 2 14:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f22df167af193a13d8370b88e2e9ef47122a3556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e3:99:58:1b:db:68:a8:7c:89:0c:fa:63:34:
92:e7:02:ff:8b:b4:2d:68:fd:ab:67:f8:94:55:e2:
37:e4:1a:5f:b3:2c:a9:89:24:c2:66:78:b5:a1:af:
eb:9d:f9:59:10:f7:7f:e8:de:bf:c3:13:2c:5f:df:
f1:6e:ce:1e:c5:5a:44:63:5a:c7:7d:53:f9:1f:47:
1b:29:94:bc:a3:fa:ee:5e:9f:f4:76:72:8b:55:f6:
76:27:f8:1c:c5:b7:66:51:de:c1:5b:4b:e6:37:e2:
a9:1c:50:2a:86:db:13:81:06:de:26:34:69:1f:49:
d9:3c:62:3d:3f:1c:40:e4:35:04:bc:3f:7b:74:9b:
25:fa:74:5f:cb:0a:aa:bb:cc:2f:17:7e:a3:89:80:
dc:6d:09:06:5a:5d:cf:cf:5c:b0:2e:2a:d2:64:70:
4d:9f:1c:23:d8:03:b8:5a:5c:38:94:88:f4:53:f5:
04:35:f4:15:c9:99:3b:17:cb:70:91:d0:aa:9a:1f:
c7:29:5a:78:23:12:89:af:53:ed:04:9b:8c:e3:9a:
c3:95:ee:8e:1d:30:62:9a:20:13:0b:1a:95:37:99:
80:93:e3:f1:97:f5:34:53:e1:aa:c4:4a:28:61:79:
d8:b5:31:f1:13:08:19:83:56:f9:cc:9d:35:dc:e0:
60:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2D:F1:67:AF:19:3A:13:D8:37:0B:88:E2:E9:EF:47:12:2A:35:56
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/8i3xZ68ZOhPYNwuI4unvRxIqNVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.108.134.0/24
Signature Algorithm: sha256WithRSAEncryption
48:8b:af:fc:b1:18:ab:49:9b:01:9f:c7:4b:3d:5b:55:b0:30:
b0:55:7c:74:93:e8:c6:19:cd:64:fd:68:72:97:78:4d:39:61:
b4:5c:bc:4a:ad:60:88:ea:8e:67:bc:37:09:b8:61:78:22:ad:
e6:42:51:04:ef:bc:20:f7:04:5e:75:a6:04:d8:24:fd:fe:53:
2b:62:23:0a:49:0a:a0:bf:5e:6f:a5:b3:b6:67:26:12:90:03:
2a:ff:62:11:e4:41:ca:9e:67:09:1b:ac:3b:47:1f:c0:b4:68:
2f:81:c0:11:89:cb:4e:55:f4:91:b0:fe:5c:0a:09:85:08:9d:
92:ce:2b:a0:99:9e:a9:89:68:db:bb:1c:3c:e9:3d:32:46:53:
a0:b0:41:1f:f0:20:63:38:6f:1b:90:6f:b8:74:64:d7:f8:31:
b0:2b:16:50:c1:23:73:af:5c:84:77:6f:5e:a4:f1:09:8d:54:
2e:0a:5b:13:bb:6c:a4:04:fa:03:c9:82:65:9c:2f:92:4b:ca:
5a:9f:da:f2:a7:34:b9:59:3f:a4:09:eb:04:ee:ac:bb:8e:2f:
59:d2:02:ca:73:0f:0f:8b:8b:68:7b:af:b3:32:31:a4:89:31:
6a:24:c8:82:34:ba:e9:f4:06:fa:3b:2f:4a:ca:b2:34:cc:7d:
69:ce:56:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6Ab34q+7EeunYTVUVgjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjMwMTAyMTQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJkZjE2N2FmMTkzYTEzZDgzNzBiODhlMmU5ZWY0NzEyMmEzNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheOZWBvbaKh8iQz6YzSS5wL/i7Qt
aP2rZ/iUVeI35BpfsyypiSTCZni1oa/rnflZEPd/6N6/wxMsX9/xbs4exVpEY1rH
fVP5H0cbKZS8o/ruXp/0dnKLVfZ2J/gcxbdmUd7BW0vmN+KpHFAqhtsTgQbeJjRp
H0nZPGI9PxxA5DUEvD97dJsl+nRfywqqu8wvF36jiYDcbQkGWl3Pz1ywLirSZHBN
nxwj2AO4Wlw4lIj0U/UENfQVyZk7F8twkdCqmh/HKVp4IxKJr1PtBJuM45rDle6O
HTBimiATCxqVN5mAk+Pxl/U0U+GqxEooYXnYtTHxEwgZg1b5zJ013OBgTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIt8WevGToT2DcLiOLp70cSKjVWMB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvOGkzeFo2OFpPaFBZTnd1STR1bnZSeElxTlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1WyGMA0G
CSqGSIb3DQEBCwUAA4IBAQBIi6/8sRirSZsBn8dLPVtVsDCwVXx0k+jGGc1k/Why
l3hNOWG0XLxKrWCI6o5nvDcJuGF4Iq3mQlEE77wg9wRedaYE2CT9/lMrYiMKSQqg
v15vpbO2ZyYSkAMq/2IR5EHKnmcJG6w7Rx/AtGgvgcARictOVfSRsP5cCgmFCJ2S
ziugmZ6piWjbuxw86T0yRlOgsEEf8CBjOG8bkG+4dGTX+DGwKxZQwSNzr1yEd29e
pPEJjVQuClsTu2ykBPoDyYJlnC+SS8pan9rypzS5WT+kCesE7qy7ji9Z0gLKcw8P
i4toe6+zMjGkiTFqJMiCNLrp9Ab6Oy9KyrI0zH1pzlbZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org