Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/IbRde3RNjMBu_p5vOIqe8BGAvKE.roa
File: IbRde3RNjMBu_p5vOIqe8BGAvKE.roa (raw, json)
Hash identifier: 8jFPvRvUcP8HQsueewQEIPmpGY/8TjpJNre6zycLCeI=
Subject key identifier: 21:B4:5D:7B:74:4D:8C:C0:6E:FE:9E:6F:38:8A:9E:F0:11:80:BC:A1
Certificate issuer: /CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Certificate serial: 018B4C714EC16245D5AD6353CCEC9DD09CC4
Authority key identifier: 4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/IbRde3RNjMBu_p5vOIqe8BGAvKE.roa
Signing time: Fri 20 Oct 2023 09:36:16 +0000
ROA not before: Fri 20 Oct 2023 09:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207503
IP address blocks: 212.110.240.0/21 maxlen: 21
185.102.242.0/23 maxlen: 23
212.110.232.0/21 maxlen: 21
185.102.240.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 07 Nov 2023 10:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:71:4e:c1:62:45:d5:ad:63:53:cc:ec:9d:d0:9c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8ae7871525be2ea4d0dffdae4f3a8bff372496
Validity
Not Before: Oct 20 09:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21b45d7b744d8cc06efe9e6f388a9ef01180bca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a0:8c:1f:62:ff:98:65:94:82:f7:6b:e1:69:
31:0d:97:0c:9a:89:de:b3:a2:ce:16:5a:c6:d2:49:
97:a5:a7:5b:55:36:08:9c:24:5d:e0:05:09:da:5f:
7b:d8:46:48:b2:e6:72:26:70:39:1d:ec:08:98:f0:
34:fc:91:62:e6:92:44:5b:4c:8d:10:7b:6f:d5:4e:
d8:f1:0b:eb:cb:f5:60:7d:02:f3:84:08:a4:f5:39:
a1:49:b3:5c:4c:b4:d3:ad:85:56:2f:bc:ba:5c:50:
4b:27:04:6e:63:46:4b:1c:9d:dc:09:f8:93:a1:d8:
40:41:4b:b0:bd:d5:da:29:0e:13:f6:c6:0e:36:b8:
ec:33:38:66:d6:8a:1c:9d:d6:97:4f:03:11:fd:60:
36:9a:46:8a:37:d5:79:21:c8:8c:94:9f:fe:52:b3:
be:1e:e7:ff:d8:21:e1:fe:14:c2:14:74:5b:27:d3:
ec:75:34:51:fe:10:36:33:f8:7a:e6:55:a2:bb:56:
da:41:49:79:52:ac:fc:18:9a:9d:22:08:2a:6a:cb:
d2:88:8a:9f:df:ec:4c:1f:4c:79:c6:05:e0:81:d7:
f0:a6:6e:08:80:5e:d8:4e:47:48:0b:65:71:55:00:
b9:67:af:9f:81:ee:e5:7a:20:e2:44:75:54:12:6a:
bd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B4:5D:7B:74:4D:8C:C0:6E:FE:9E:6F:38:8A:9E:F0:11:80:BC:A1
X509v3 Authority Key Identifier:
keyid:4A:8A:E7:87:15:25:BE:2E:A4:D0:DF:FD:AE:4F:3A:8B:FF:37:24:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SornhxUlvi6k0N_9rk86i_83JJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/IbRde3RNjMBu_p5vOIqe8BGAvKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/fa6cc2-27af-416c-a134-98f7454ba6ce/1/SornhxUlvi6k0N_9rk86i_83JJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.240.0/22
212.110.232.0-212.110.247.255
Signature Algorithm: sha256WithRSAEncryption
71:6e:ea:f2:e6:8a:3f:f2:1f:a3:72:29:76:13:17:68:6a:7f:
d4:c2:83:96:d7:6c:60:1d:21:56:c0:4b:f2:32:cf:99:09:b1:
3f:28:7e:1b:88:56:8b:87:d9:b3:da:d7:bd:f5:35:9a:7b:ce:
de:de:f5:d5:ef:d2:fe:f9:86:33:ab:47:7c:c3:e5:bc:1b:74:
25:c0:55:68:94:4f:82:55:81:ba:4a:68:ef:65:2d:54:47:89:
96:fb:54:aa:01:ce:00:af:10:98:1c:47:b2:81:b1:e2:6f:fb:
8c:01:95:5a:c3:56:4d:e6:ad:58:18:ee:5d:1c:2f:b9:1c:ed:
ac:d9:8e:8b:df:d5:5a:81:ca:45:72:e0:35:51:e5:17:96:be:
b7:f7:57:d0:c5:8f:3f:a6:e3:b4:c0:dc:c3:e5:19:e0:27:ac:
a4:53:75:ee:45:45:97:07:fa:07:97:6b:ac:51:47:5b:13:55:
e8:35:e9:02:31:de:6f:cc:92:a3:8a:ac:29:95:3f:7a:7e:f1:
02:5e:f4:b6:05:86:76:b0:79:4e:df:23:7b:c6:f4:73:68:12:
3d:0b:73:28:44:1b:f7:17:90:3d:57:aa:a4:6f:d4:fd:2e:a7:
49:fb:27:26:1e:c3:04:be:fd:bf:4e:b0:9a:42:82:10:0f:94:
ea:ec:14:0e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYtMcU7BYkXVrWNTzOyd0JzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGFlNzg3MTUyNWJlMmVhNGQwZGZmZGFlNGYzYThiZmYz
NzI0OTYwHhcNMjMxMDIwMDkzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI0NWQ3Yjc0NGQ4Y2MwNmVmZTllNmYzODhhOWVmMDExODBiY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qCMH2L/mGWUgvdr4WkxDZcMmone
s6LOFlrG0kmXpadbVTYInCRd4AUJ2l972EZIsuZyJnA5HewImPA0/JFi5pJEW0yN
EHtv1U7Y8Qvry/VgfQLzhAik9TmhSbNcTLTTrYVWL7y6XFBLJwRuY0ZLHJ3cCfiT
odhAQUuwvdXaKQ4T9sYONrjsMzhm1oocndaXTwMR/WA2mkaKN9V5IciMlJ/+UrO+
Huf/2CHh/hTCFHRbJ9PsdTRR/hA2M/h65lWiu1baQUl5Uqz8GJqdIggqasvSiIqf
3+xMH0x5xgXggdfwpm4IgF7YTkdIC2VxVQC5Z6+fge7leiDiRHVUEmq9SQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCG0XXt0TYzAbv6ebziKnvARgLyhMB8GA1UdIwQY
MBaAFEqK54cVJb4upNDf/a5POov/NySWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU29ybmh4VWx2aTZrME5fOXJrODZpXzgzSkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9mYTZjYzItMjdhZi00MTZjLWExMzQt
OThmNzQ1NGJhNmNlLzEvSWJSZGUzUk5qTUJ1X3A1dk9JcWU4QkdBdktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9mYTZjYzItMjdhZi00MTZjLWExMzQtOThmNzQ1NGJhNmNl
LzEvU29ybmh4VWx2aTZrME5fOXJrODZpXzgzSkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuWbwMAwD
BAPUbugDBAPUbvAwDQYJKoZIhvcNAQELBQADggEBAHFu6vLmij/yH6NyKXYTF2hq
f9TCg5bXbGAdIVbAS/Iyz5kJsT8ofhuIVouH2bPa1731NZp7zt7e9dXv0v75hjOr
R3zD5bwbdCXAVWiUT4JVgbpKaO9lLVRHiZb7VKoBzgCvEJgcR7KBseJv+4wBlVrD
Vk3mrVgY7l0cL7kc7azZjovf1VqBykVy4DVR5ReWvrf3V9DFjz+m47TA3MPlGeAn
rKRTde5FRZcH+geXa6xRR1sTVeg16QIx3m/MkqOKrCmVP3p+8QJe9LYFhnaweU7f
I3vG9HNoEj0LcyhEG/cXkD1XqqRv1P0up0n7JyYewwS+/b9OsJpCghAPlOrsFA4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:17 2024 by rpki-client on console-ams.rpki-client.org