Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/sWYZud9UdBXAGjEKoe56zeHc2Jg.roa
File: sWYZud9UdBXAGjEKoe56zeHc2Jg.roa (raw, json)
Hash identifier: jVrDPSAShcINTSm/GloLj8wgM959qH/qY2zH3HwFNhI=
Subject key identifier: B1:66:19:B9:DF:54:74:15:C0:1A:31:0A:A1:EE:7A:CD:E1:DC:D8:98
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB872052D5F5ADE919F258070C51A7
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/sWYZud9UdBXAGjEKoe56zeHc2Jg.roa
Signing time: Mon 02 Jan 2023 00:04:47 +0000
ROA not before: Mon 02 Jan 2023 00:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39396
IP address blocks: 212.21.129.0/24 maxlen: 24
212.21.133.0/24 maxlen: 24
212.21.159.0/24 maxlen: 24
2a00:e200:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:87:20:52:d5:f5:ad:e9:19:f2:58:07:0c:51:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b16619b9df547415c01a310aa1ee7acde1dcd898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6e:41:5f:f9:18:0a:fa:41:27:b6:15:f8:08:
1d:40:7c:a8:0a:8e:4c:e4:08:53:f8:35:7c:ef:c6:
54:bb:06:59:68:17:95:41:83:df:0e:19:87:99:bc:
8c:e5:61:1e:68:29:f5:be:a4:04:cb:e1:3d:36:9e:
cc:5b:05:30:85:13:98:50:80:66:1c:28:97:e8:ae:
10:d4:80:58:06:f6:44:7a:bc:5c:85:63:4a:a6:e5:
b3:ce:3a:03:fe:37:ad:65:33:d3:0e:c8:28:b4:45:
9f:b8:d4:8d:08:f9:7f:09:5d:05:3a:c8:07:2b:34:
45:75:c7:1d:c6:fe:ec:61:1d:86:f8:59:5c:ab:d9:
39:2f:c7:24:64:e3:47:35:d1:03:dd:96:55:ec:d5:
04:dd:8f:1e:79:3e:05:e9:3f:a4:91:b6:e0:66:08:
6a:9f:58:72:40:61:b1:ad:8c:ba:b5:6e:79:7d:4f:
a8:6a:4c:ba:02:12:8f:14:a3:5e:15:f4:bd:1f:9d:
ca:ed:e6:4d:ae:b6:ca:7f:71:77:45:e4:74:16:d1:
d1:b9:2c:07:eb:8e:14:9a:d6:4b:09:a5:cd:9d:c0:
07:92:5d:08:d8:76:bf:e8:23:ac:a1:04:fe:7e:20:
7b:eb:20:e4:9a:7c:d4:30:15:7c:93:14:fa:43:87:
9a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:66:19:B9:DF:54:74:15:C0:1A:31:0A:A1:EE:7A:CD:E1:DC:D8:98
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/sWYZud9UdBXAGjEKoe56zeHc2Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.129.0/24
212.21.133.0/24
212.21.159.0/24
IPv6:
2a00:e200:100::/48
Signature Algorithm: sha256WithRSAEncryption
21:d9:f3:f5:09:51:f5:3d:0d:f5:f1:1f:4c:bf:d3:20:c8:31:
ec:b5:54:b7:7a:40:9d:05:90:da:1e:b3:c3:4a:92:64:65:ee:
51:18:8d:a3:53:c8:ed:fa:0a:25:af:43:fe:2e:c1:50:4b:55:
1d:d4:86:d9:b6:0e:5f:f3:8e:65:18:23:1a:24:dd:0b:5b:aa:
a9:80:f6:e7:36:4c:6b:fa:77:b8:8e:9c:47:d6:cd:76:60:18:
c8:0a:3e:33:ca:05:9b:0f:87:dc:c7:2c:b3:d9:e6:4e:0f:7a:
76:64:45:b6:d2:38:51:a9:e7:47:53:54:9c:f1:ff:2e:4b:2f:
d2:6c:0d:c3:cd:59:9c:10:1f:06:cf:9b:8e:20:f7:74:c5:ff:
5d:e7:8f:88:4d:0f:ce:6e:4e:84:9f:91:dd:6a:cf:e4:99:51:
c7:b1:70:cd:9a:7a:48:5e:e3:c3:90:64:68:16:99:4c:90:e6:
ce:9e:87:4d:7f:7c:a3:2e:ae:c3:c9:81:88:e3:12:29:d6:09:
ab:38:4c:8b:65:03:10:0e:e4:aa:71:26:13:f1:53:46:ff:3e:
96:b6:24:50:e2:e1:da:08:5e:cc:bd:e5:64:4e:f9:32:14:0e:
ed:f6:72:89:bd:db:dd:72:6c:5a:1f:38:2b:25:0f:68:2f:55:
55:fa:a2:c3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvy4cgUtX1rekZ8lgHDFGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTY2MTliOWRmNTQ3NDE1YzAxYTMxMGFhMWVlN2FjZGUxZGNkODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW5BX/kYCvpBJ7YV+AgdQHyoCo5M
5AhT+DV878ZUuwZZaBeVQYPfDhmHmbyM5WEeaCn1vqQEy+E9Np7MWwUwhROYUIBm
HCiX6K4Q1IBYBvZEerxchWNKpuWzzjoD/jetZTPTDsgotEWfuNSNCPl/CV0FOsgH
KzRFdccdxv7sYR2G+Flcq9k5L8ckZONHNdED3ZZV7NUE3Y8eeT4F6T+kkbbgZghq
n1hyQGGxrYy6tW55fU+oaky6AhKPFKNeFfS9H53K7eZNrrbKf3F3ReR0FtHRuSwH
644UmtZLCaXNncAHkl0I2Ha/6COsoQT+fiB76yDkmnzUMBV8kxT6Q4ealQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLFmGbnfVHQVwBoxCqHues3h3NiYMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvc1dZWnVkOVVkQlhBR2pFS29lNTZ6ZUhjMkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQA1BWBAwQA
1BWFAwQA1BWfMA8EAgACMAkDBwAqAOIAAQAwDQYJKoZIhvcNAQELBQADggEBACHZ
8/UJUfU9DfXxH0y/0yDIMey1VLd6QJ0FkNoes8NKkmRl7lEYjaNTyO36CiWvQ/4u
wVBLVR3Uhtm2Dl/zjmUYIxok3QtbqqmA9uc2TGv6d7iOnEfWzXZgGMgKPjPKBZsP
h9zHLLPZ5k4PenZkRbbSOFGp50dTVJzx/y5LL9JsDcPNWZwQHwbPm44g93TF/13n
j4hND85uToSfkd1qz+SZUcexcM2aekhe48OQZGgWmUyQ5s6eh01/fKMursPJgYjj
EinWCas4TItlAxAO5KpxJhPxU0b/Ppa2JFDi4doIXsy95WRO+TIUDu32com9291y
bFofOCslD2gvVVX6osM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:30 2024 by rpki-client on console-fra.rpki-client.org