Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/xfwZ5daZDUX5hh-YY6rsRn8EJ6Y.roa
File: xfwZ5daZDUX5hh-YY6rsRn8EJ6Y.roa (raw, json)
Hash identifier: BnqAKG2hq70EPFaKJmMbFB6DYhljvHyniyfcZIXvreg=
Subject key identifier: C5:FC:19:E5:D6:99:0D:45:F9:86:1F:98:63:AA:EC:46:7F:04:27:A6
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0193F85253AA4C10FE69B1FB42FBBB73D76E
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/xfwZ5daZDUX5hh-YY6rsRn8EJ6Y.roa
Signing time: Tue 24 Dec 2024 10:59:25 +0000
ROA not before: Tue 24 Dec 2024 10:59:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54252
IP address blocks: 212.87.202.0/23 maxlen: 24
212.87.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:52:53:aa:4c:10:fe:69:b1:fb:42:fb:bb:73:d7:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Dec 24 10:59:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5fc19e5d6990d45f9861f9863aaec467f0427a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:86:f5:83:32:84:1a:85:94:7b:73:5d:e6:
69:80:f1:7e:74:c9:01:5d:cc:14:1f:60:b5:f3:79:
4c:c8:8f:8d:78:e0:dc:99:e9:1f:41:d0:74:a3:04:
ef:e5:f2:88:5f:e1:dc:33:1d:cb:13:65:55:94:17:
6d:c1:ad:e6:b9:9a:4b:8e:0d:49:a8:ba:cc:b4:a4:
89:7e:f8:b2:b5:a9:e6:df:18:5a:1f:cd:1c:b5:a8:
a7:9d:be:b8:e7:c0:8b:0a:df:a8:27:64:e0:63:19:
f8:fb:cc:fd:20:2b:b3:ca:95:7e:0c:ce:40:d5:27:
21:1b:eb:3a:ba:bb:61:2a:d9:54:c6:48:81:49:8e:
22:5e:22:67:62:a1:06:99:b8:6b:ed:c5:b0:65:fa:
3f:80:2b:56:6c:b3:13:f9:40:9e:00:73:28:df:ad:
12:c4:29:fd:46:93:f8:b8:a4:9f:89:99:20:aa:f5:
4a:b8:22:ff:71:3d:5d:1e:4b:f3:c9:c8:5e:74:86:
bb:43:29:1b:9c:38:e5:b7:18:52:df:ca:dd:2a:71:
88:62:ff:66:1b:39:1e:43:7b:71:dc:ac:72:76:b3:
6b:48:d2:e5:0a:04:c6:c2:f0:85:58:c4:87:9b:94:
d1:85:80:a8:22:de:d5:69:73:a2:e3:6c:74:fd:65:
a1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FC:19:E5:D6:99:0D:45:F9:86:1F:98:63:AA:EC:46:7F:04:27:A6
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/xfwZ5daZDUX5hh-YY6rsRn8EJ6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.202.0/23
Signature Algorithm: sha256WithRSAEncryption
49:c6:62:dc:b7:ea:89:3f:05:d8:29:75:2a:06:20:22:30:2d:
2b:f2:52:07:52:9a:14:db:eb:4c:5e:c3:d6:a6:bf:95:56:46:
e0:af:96:be:83:15:83:54:b6:63:7f:d3:da:60:91:e4:e0:d7:
96:06:6b:24:f8:19:b7:b7:18:a4:b6:af:88:15:93:38:0f:fe:
1a:36:58:a3:d2:10:e9:14:56:8d:f1:6c:70:d2:09:ed:b7:01:
91:33:c1:12:d2:af:dc:25:5a:37:54:ee:8c:fa:a8:a3:c6:a8:
af:0c:7b:11:0f:12:27:68:76:d6:81:3c:2e:10:d3:dd:62:77:
ee:81:43:53:60:89:e3:0b:ab:25:68:5c:1d:e1:4e:f5:4a:13:
71:1d:23:fd:37:cb:c3:7d:72:35:f4:e8:67:fb:a7:f3:b6:3b:
24:0d:eb:47:84:f3:af:b3:0b:e2:b0:73:54:33:c9:bc:38:9e:
b9:8a:3c:b8:24:67:70:b7:cd:96:62:8e:05:0b:38:c9:70:32:
8b:6f:f2:ae:e3:20:19:69:8f:13:9f:db:79:61:54:c0:65:b8:
6d:c8:0e:14:8a:0f:a4:d3:9e:68:3f:c0:29:83:36:d4:5e:fa:
ac:ae:2b:45:36:36:2e:91:50:41:0c:e5:14:87:dc:7e:f1:9e:
40:da:93:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP4UlOqTBD+abH7Qvu7c9duMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQxMjI0MTA1OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZjMTllNWQ2OTkwZDQ1Zjk4NjFmOTg2M2FhZWM0NjdmMDQyN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWqG9YMyhBqFlHtzXeZpgPF+dMkB
XcwUH2C183lMyI+NeODcmekfQdB0owTv5fKIX+HcMx3LE2VVlBdtwa3muZpLjg1J
qLrMtKSJfviytanm3xhaH80ctainnb6458CLCt+oJ2TgYxn4+8z9ICuzypV+DM5A
1SchG+s6urthKtlUxkiBSY4iXiJnYqEGmbhr7cWwZfo/gCtWbLMT+UCeAHMo360S
xCn9RpP4uKSfiZkgqvVKuCL/cT1dHkvzychedIa7QykbnDjltxhS38rdKnGIYv9m
GzkeQ3tx3KxydrNrSNLlCgTGwvCFWMSHm5TRhYCoIt7VaXOi42x0/WWhEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMX8GeXWmQ1F+YYfmGOq7EZ/BCemMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEveGZ3WjVkYVpEVVg1aGgtWVk2cnNSbjhFSjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FfKMA0G
CSqGSIb3DQEBCwUAA4IBAQBJxmLct+qJPwXYKXUqBiAiMC0r8lIHUpoU2+tMXsPW
pr+VVkbgr5a+gxWDVLZjf9PaYJHk4NeWBmsk+Bm3txiktq+IFZM4D/4aNlij0hDp
FFaN8Wxw0gnttwGRM8ES0q/cJVo3VO6M+qijxqivDHsRDxInaHbWgTwuENPdYnfu
gUNTYInjC6slaFwd4U71ShNxHSP9N8vDfXI19Ohn+6fztjskDetHhPOvswvisHNU
M8m8OJ65ijy4JGdwt82WYo4FCzjJcDKLb/Ku4yAZaY8Tn9t5YVTAZbhtyA4Uig+k
055oP8ApgzbUXvqsritFNjYukVBBDOUUh9x+8Z5A2pOZ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:59 2025 by rpki-client