Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/1-kTfKb5neaiwvYxaqUmp9nXicvM.roa
File: 1-kTfKb5neaiwvYxaqUmp9nXicvM.roa (raw, json)
Hash identifier: kxWs9YB6jro7AMQ3O7p/ZXn+ZgHf9a2ro/F7T4p0Ing=
Subject key identifier: FA:44:DF:29:BE:67:79:A8:B0:BD:8C:5A:A9:49:A9:F6:75:E2:72:F3
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01856F5DC7137147C1FF82729BF8701D9732
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/1-kTfKb5neaiwvYxaqUmp9nXicvM.roa
Signing time: Sun 01 Jan 2023 22:04:54 +0000
ROA not before: Sun 01 Jan 2023 22:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 212.16.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 07 Jun 2023 10:08:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c7:13:71:47:c1:ff:82:72:9b:f8:70:1d:97:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 22:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa44df29be6779a8b0bd8c5aa949a9f675e272f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c7:1f:9f:89:f9:d7:a5:b7:0c:83:19:cf:81:
f3:95:8a:d8:01:b7:21:be:47:28:2d:e0:21:64:91:
2e:e3:db:e6:d1:ac:20:d8:aa:cc:de:f5:92:62:22:
a4:d0:01:10:31:f8:58:c5:97:a7:e8:bf:88:c0:1f:
c0:44:f3:d7:d9:c4:a4:e2:a8:30:2c:b6:27:60:b0:
c1:e9:12:fb:cf:9f:d3:bf:60:92:a0:e9:01:b4:f1:
82:3f:83:d7:1d:8d:59:1d:d6:98:68:3a:f2:f2:7d:
ff:5b:92:99:0c:f0:2d:da:bc:ca:84:ee:8e:1e:81:
c4:9f:99:26:fb:0a:6f:00:24:58:74:6a:93:98:9f:
7e:d9:23:90:af:ed:40:d5:3e:6c:49:8c:68:fe:bc:
58:d2:61:8b:6c:dc:a6:c9:8c:ff:b2:67:1c:a1:cd:
4b:d0:47:e6:cb:b3:f5:8d:94:69:31:2a:1a:63:d4:
bd:ed:86:4c:79:52:50:55:f6:3d:a8:25:28:49:9d:
08:94:ef:d8:11:e9:a4:94:36:e5:eb:58:25:48:c4:
ee:eb:1b:a6:fa:78:c9:d7:4c:e2:40:f5:82:78:8f:
20:d0:1a:33:b6:5f:5d:1c:64:13:43:0b:df:7f:58:
62:55:77:7a:04:cc:67:5c:64:d1:e7:c1:8c:7d:58:
ae:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:44:DF:29:BE:67:79:A8:B0:BD:8C:5A:A9:49:A9:F6:75:E2:72:F3
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/1-kTfKb5neaiwvYxaqUmp9nXicvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:9c:50:77:7d:f5:b8:0e:eb:25:1a:4e:e7:35:0f:62:b4:2b:
b4:e9:4f:07:ac:8e:2e:71:c2:fc:64:29:da:a6:64:b3:c6:52:
3a:6a:b6:57:28:25:be:50:4a:09:ae:9b:b7:f2:1c:d8:6c:ee:
ff:e4:da:e8:13:5a:c0:41:7b:a1:59:d0:6b:72:71:76:ff:f2:
b0:0b:12:59:46:8d:e9:cd:96:4e:de:5e:86:8b:5b:0c:15:3f:
21:0b:14:fb:76:99:1f:ea:2a:eb:04:9c:2d:b6:38:5a:c6:99:
f0:4b:77:2b:e5:5c:6d:4e:da:cd:63:af:ff:8d:cf:cf:80:98:
b8:ec:23:99:48:cd:8e:8f:68:e2:e8:ff:71:ef:a9:26:40:03:
e4:34:49:ab:6c:f8:53:d7:55:75:06:e4:95:ce:5a:69:20:e3:
77:24:cc:d1:5b:da:16:c0:4d:ba:ad:e2:c1:33:ec:42:09:92:
fd:8f:5c:b5:91:f2:25:b9:b5:ec:8b:43:34:a5:b1:65:48:4b:
76:a1:60:c7:59:56:67:c6:9a:f0:a9:b7:42:d9:c6:61:a8:a3:
6c:34:f7:05:f0:06:f5:fe:82:76:70:27:0c:33:6f:b4:92:d7:
c7:b7:a6:02:cc:ef:16:8b:f0:ab:cd:45:e9:2f:62:3c:56:d3:
94:f4:f2:22
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvXccTcUfB/4Jym/hwHZcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ0ZGYyOWJlNjc3OWE4YjBiZDhjNWFhOTQ5YTlmNjc1ZTI3MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ccfn4n516W3DIMZz4HzlYrYAbch
vkcoLeAhZJEu49vm0awg2KrM3vWSYiKk0AEQMfhYxZen6L+IwB/ARPPX2cSk4qgw
LLYnYLDB6RL7z5/Tv2CSoOkBtPGCP4PXHY1ZHdaYaDry8n3/W5KZDPAt2rzKhO6O
HoHEn5km+wpvACRYdGqTmJ9+2SOQr+1A1T5sSYxo/rxY0mGLbNymyYz/smccoc1L
0Efmy7P1jZRpMSoaY9S97YZMeVJQVfY9qCUoSZ0IlO/YEemklDbl61glSMTu6xum
+njJ10ziQPWCeI8g0Boztl9dHGQTQwvff1hiVXd6BMxnXGTR58GMfViuVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpE3ym+Z3mosL2MWqlJqfZ14nLzMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvMS1rVGZLYjVuZWFpd3ZZeGFxVW1wOW5YaWN2TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWQvZjUwNWI1LTBlNDYtNGIzZi1iZjFiLTg0OWQzYTZiOWMy
ZC8xL2h3eFltazhpcWNvdi1adE1TUGk5OUpLSEZ5VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtQQIDAN
BgkqhkiG9w0BAQsFAAOCAQEAnJxQd331uA7rJRpO5zUPYrQrtOlPB6yOLnHC/GQp
2qZks8ZSOmq2VyglvlBKCa6bt/Ic2Gzu/+Ta6BNawEF7oVnQa3Jxdv/ysAsSWUaN
6c2WTt5ehotbDBU/IQsU+3aZH+oq6wScLbY4WsaZ8Et3K+VcbU7azWOv/43Pz4CY
uOwjmUjNjo9o4uj/ce+pJkAD5DRJq2z4U9dVdQbklc5aaSDjdyTM0VvaFsBNuq3i
wTPsQgmS/Y9ctZHyJbm17ItDNKWxZUhLdqFgx1lWZ8aa8Km3QtnGYaijbDT3BfAG
9f6CdnAnDDNvtJLXx7emAszvFovwq81F6S9iPFbTlPTyIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org