Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/VrbJPKd0Lob5piAv2WZi9sytocI.roa
File: VrbJPKd0Lob5piAv2WZi9sytocI.roa (raw, json)
Hash identifier: A5YFIuAogFc26/Y6RERb4GNa7hSNCHIzNbZfBtcJdeI=
Subject key identifier: 56:B6:C9:3C:A7:74:2E:86:F9:A6:20:2F:D9:66:62:F6:CC:AD:A1:C2
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB85A0EC22E5934E75BB1DDED1E05C
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/VrbJPKd0Lob5piAv2WZi9sytocI.roa
Signing time: Mon 02 Jan 2023 00:04:46 +0000
ROA not before: Mon 02 Jan 2023 00:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25374
IP address blocks: 212.21.130.0/24 maxlen: 24
212.21.140.0/22 maxlen: 24
212.21.144.0/21 maxlen: 24
212.21.152.0/22 maxlen: 24
212.21.156.0/23 maxlen: 24
212.21.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:85:a0:ec:22:e5:93:4e:75:bb:1d:de:d1:e0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56b6c93ca7742e86f9a6202fd96662f6ccada1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:c5:99:cb:a6:60:da:f3:25:23:a9:0e:17:
e1:7b:d9:d9:13:2b:44:9f:b4:19:65:7a:f5:b8:ed:
dc:cd:c7:c9:0b:eb:78:48:8c:45:ab:bb:96:cc:35:
47:b9:5a:e0:b6:5a:f3:98:5d:ef:c1:e1:e8:3a:4f:
b9:73:39:96:77:38:58:dd:28:89:94:6e:8f:c3:38:
2a:e1:32:d8:3a:c7:b5:22:95:25:b0:04:6f:66:8b:
e4:3e:95:1a:26:18:26:7e:39:a3:a7:3e:d6:7b:26:
65:c3:c8:27:65:f6:3e:00:d0:0d:35:68:31:2f:31:
09:b9:ad:93:75:3b:a3:4e:ef:f2:01:4a:93:2e:e6:
ac:11:78:6d:ef:1f:ec:48:d4:bd:c9:38:8c:9c:5d:
a6:fe:39:65:59:8c:74:e9:f0:99:0f:61:f8:f1:b4:
0f:ab:ed:48:57:d2:f2:6b:24:46:22:6c:5c:0c:66:
f5:fc:2d:29:c1:ab:ef:18:aa:73:94:72:be:d6:1c:
d1:c2:10:71:4a:8f:98:58:4a:10:b1:86:6c:04:a7:
a8:80:91:a7:e9:7a:c9:fd:af:6d:7e:df:69:17:75:
8e:81:2d:ea:4d:1f:99:fb:d2:40:7a:18:10:89:79:
b1:7f:e3:51:ee:0f:31:5c:5e:e4:6e:d4:43:ec:63:
3b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B6:C9:3C:A7:74:2E:86:F9:A6:20:2F:D9:66:62:F6:CC:AD:A1:C2
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/VrbJPKd0Lob5piAv2WZi9sytocI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.130.0/24
212.21.140.0-212.21.158.255
Signature Algorithm: sha256WithRSAEncryption
6f:9f:ed:22:bd:6f:e7:8f:94:a1:60:e1:51:f5:00:95:1a:c0:
b8:bb:bf:2e:ed:a9:b9:f7:5c:50:65:b2:2a:25:0b:c7:7a:c7:
dd:ec:9b:9a:46:6e:be:48:41:e5:88:48:0d:de:d2:2e:00:c5:
3b:e0:ca:e4:60:25:52:d7:ab:ea:95:11:cd:e8:ea:49:26:67:
dc:17:be:e3:ae:16:66:ef:8f:3a:59:d3:32:54:a9:e2:44:3e:
d9:b2:52:87:77:c2:11:12:43:9f:e6:a3:be:fe:bd:73:a6:80:
f7:5f:e8:a5:38:1a:0a:52:15:0d:f4:b3:7d:4d:dc:e6:b4:fc:
f1:20:ca:80:57:ae:45:8d:9c:19:d6:1a:c5:fd:b1:7a:5b:58:
cd:1d:3a:36:3b:bf:ac:4b:a2:51:c1:19:72:c2:ab:84:d8:0d:
57:56:ed:97:f8:e9:6d:b9:2e:7e:9a:b8:ff:97:95:96:f7:39:
df:19:21:ae:8e:b6:68:75:ff:92:b1:ef:19:63:3e:50:e7:72:
2d:d8:e4:b5:17:44:d8:91:40:bc:1e:6f:4b:09:f9:bf:4a:a6:
47:64:55:a4:1d:03:bd:73:31:86:62:31:40:b7:d3:2e:db:12:
17:6f:f9:44:95:09:b8:18:e7:59:44:3d:b0:14:48:45:91:d0:
1a:fb:31:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvy4Wg7CLlk051ux3e0eBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI2YzkzY2E3NzQyZTg2ZjlhNjIwMmZkOTY2NjJmNmNjYWRhMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTDFmcumYNrzJSOpDhfhe9nZEytE
n7QZZXr1uO3czcfJC+t4SIxFq7uWzDVHuVrgtlrzmF3vweHoOk+5czmWdzhY3SiJ
lG6Pwzgq4TLYOse1IpUlsARvZovkPpUaJhgmfjmjpz7WeyZlw8gnZfY+ANANNWgx
LzEJua2TdTujTu/yAUqTLuasEXht7x/sSNS9yTiMnF2m/jllWYx06fCZD2H48bQP
q+1IV9LyayRGImxcDGb1/C0pwavvGKpzlHK+1hzRwhBxSo+YWEoQsYZsBKeogJGn
6XrJ/a9tft9pF3WOgS3qTR+Z+9JAehgQiXmxf+NR7g8xXF7kbtRD7GM74QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFa2yTyndC6G+aYgL9lmYvbMraHCMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvVnJiSlBLZDBMb2I1cGlBdjJXWmk5c3l0b2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1BWCMAwD
BALUFYwDBADUFZ4wDQYJKoZIhvcNAQELBQADggEBAG+f7SK9b+ePlKFg4VH1AJUa
wLi7vy7tqbn3XFBlsiolC8d6x93sm5pGbr5IQeWISA3e0i4AxTvgyuRgJVLXq+qV
Ec3o6kkmZ9wXvuOuFmbvjzpZ0zJUqeJEPtmyUod3whESQ5/mo77+vXOmgPdf6KU4
GgpSFQ30s31N3Oa0/PEgyoBXrkWNnBnWGsX9sXpbWM0dOjY7v6xLolHBGXLCq4TY
DVdW7Zf46W25Ln6auP+XlZb3Od8ZIa6Otmh1/5Kx7xljPlDnci3Y5LUXRNiRQLwe
b0sJ+b9KpkdkVaQdA71zMYZiMUC30y7bEhdv+USVCbgY51lEPbAUSEWR0Br7Mfw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org