Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/W-SYZcWb0ZEgxKm8plVefygYHXE.roa
File: W-SYZcWb0ZEgxKm8plVefygYHXE.roa (raw, json)
Hash identifier: eE41IIA+KzuLLYjY3bdzm7mufZlti0Q9DV/V5RFapaU=
Subject key identifier: 5B:E4:98:65:C5:9B:D1:91:20:C4:A9:BC:A6:55:5E:7F:28:18:1D:71
Certificate issuer: /CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Certificate serial: 018BA940306A206861FBB517A13CBE4ADD23
Authority key identifier: B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/W-SYZcWb0ZEgxKm8plVefygYHXE.roa
Signing time: Tue 07 Nov 2023 10:07:18 +0000
ROA not before: Tue 07 Nov 2023 10:07:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212215
IP address blocks: 212.8.192.0/19 maxlen: 24
212.15.192.0/19 maxlen: 24
2001:ae0::/30 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:40:30:6a:20:68:61:fb:b5:17:a1:3c:be:4a:dd:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Validity
Not Before: Nov 7 10:07:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5be49865c59bd19120c4a9bca6555e7f28181d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:17:03:8b:14:e9:cb:d7:2b:6a:28:43:d9:0c:
be:70:db:f4:88:e6:d4:4a:d8:0f:89:9d:d2:e1:b0:
80:66:58:3f:9a:ad:21:34:49:bc:b7:52:a3:39:57:
d9:cb:34:f6:44:03:3f:88:aa:cf:64:e7:4e:4d:3f:
01:85:1d:4a:de:47:f4:72:a0:d9:80:4b:2f:e6:01:
06:ec:3c:69:78:4b:f0:a5:da:4b:47:6c:2e:e7:81:
9c:6c:e5:c0:50:fd:ae:3c:b0:9f:c9:11:69:e4:99:
5d:c5:81:f9:44:cc:1e:9e:26:4c:f2:e6:bb:c8:06:
08:6b:8e:69:3e:72:06:47:12:0f:da:02:b1:af:06:
c3:db:f3:22:1b:4b:4c:f3:75:d4:3b:1e:9d:b8:3d:
22:b3:ab:8e:a8:09:37:c5:9a:59:8e:7b:18:e2:6e:
c6:d9:83:2d:9c:e2:58:2e:9a:65:a0:31:c8:9f:c3:
9e:04:36:93:9a:65:24:bb:a1:1a:8b:32:62:83:13:
ee:03:3f:36:08:17:f4:7f:52:d5:32:29:1f:20:b7:
82:d6:06:dc:01:68:c9:91:e8:8f:dc:e4:6d:b0:4c:
59:00:8a:0f:8b:f9:32:72:f6:4c:15:5d:a7:2d:64:
a1:bc:59:c9:2f:15:c4:80:ef:99:83:85:b3:49:9a:
c9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E4:98:65:C5:9B:D1:91:20:C4:A9:BC:A6:55:5E:7F:28:18:1D:71
X509v3 Authority Key Identifier:
keyid:B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/W-SYZcWb0ZEgxKm8plVefygYHXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.192.0/19
212.15.192.0/19
IPv6:
2001:ae0::/30
Signature Algorithm: sha256WithRSAEncryption
8e:79:9d:d0:08:79:e5:81:48:51:32:b4:cc:f1:08:c8:15:07:
97:64:76:a9:a5:e7:1c:1b:7d:7a:65:a8:b1:0a:60:33:cb:25:
ce:64:6c:d8:25:1d:8d:ee:f4:49:f3:74:ab:6a:f8:ee:a6:d2:
78:65:50:73:fa:9c:c0:82:00:6f:a0:03:5e:20:bc:52:cb:33:
e9:0d:1a:fd:ea:a8:83:01:fd:b5:8f:15:63:fa:b8:a1:5a:6e:
c4:07:6f:28:77:d0:5a:c4:f3:69:c1:be:17:14:aa:55:1b:04:
76:be:9c:b5:89:32:29:29:8d:ec:6a:ad:3a:66:d4:36:69:5f:
b5:f9:b4:d8:c8:ea:e8:48:e5:be:cc:f7:cf:d2:ca:d3:80:de:
39:33:b1:f1:d0:cb:de:10:17:57:7f:5a:c9:ce:22:35:1f:21:
13:7d:9a:71:fb:25:54:a3:8a:4c:e1:db:bd:4c:73:a4:d3:46:
26:56:fb:d6:a6:73:ff:29:b4:3d:f8:d3:ea:1c:e4:3d:ba:37:
75:92:70:2d:95:1e:e9:f7:60:bf:fa:a5:99:22:04:2f:bb:97:
07:59:ae:f4:b7:5b:38:3f:33:d3:d6:b1:30:41:f1:c1:e3:34:
03:23:74:1a:de:31:c9:c9:37:d2:ff:d2:18:f3:26:e1:e2:95:
de:b5:3f:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYupQDBqIGhh+7UXoTy+St0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwY2M5NWZjNDJmM2Q4MTkyMGY0NjRiMGYyMGM4YTUyMDNm
MjFlMzAwHhcNMjMxMTA3MTAwNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU0OTg2NWM1OWJkMTkxMjBjNGE5YmNhNjU1NWU3ZjI4MTgxZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxcDixTpy9craihD2Qy+cNv0iObU
StgPiZ3S4bCAZlg/mq0hNEm8t1KjOVfZyzT2RAM/iKrPZOdOTT8BhR1K3kf0cqDZ
gEsv5gEG7DxpeEvwpdpLR2wu54GcbOXAUP2uPLCfyRFp5JldxYH5RMweniZM8ua7
yAYIa45pPnIGRxIP2gKxrwbD2/MiG0tM83XUOx6duD0is6uOqAk3xZpZjnsY4m7G
2YMtnOJYLpploDHIn8OeBDaTmmUku6EaizJigxPuAz82CBf0f1LVMikfILeC1gbc
AWjJkeiP3ORtsExZAIoPi/kycvZMFV2nLWShvFnJLxXEgO+Zg4WzSZrJpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFvkmGXFm9GRIMSpvKZVXn8oGB1xMB8GA1UdIwQY
MBaAFLDMlfxC89gZIPRksPIMilID8h4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEt
ODQ1M2MwZjEzNWQ2LzEvVy1TWVpjV2IwWkVneEttOHBsVmVmeWdZSFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEtODQ1M2MwZjEzNWQ2
LzEvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1AjAAwQF
1A/AMA0EAgACMAcDBQIgAQrgMA0GCSqGSIb3DQEBCwUAA4IBAQCOeZ3QCHnlgUhR
MrTM8QjIFQeXZHappeccG316ZaixCmAzyyXOZGzYJR2N7vRJ83SravjuptJ4ZVBz
+pzAggBvoANeILxSyzPpDRr96qiDAf21jxVj+rihWm7EB28od9BaxPNpwb4XFKpV
GwR2vpy1iTIpKY3saq06ZtQ2aV+1+bTYyOroSOW+zPfP0srTgN45M7Hx0MveEBdX
f1rJziI1HyETfZpx+yVUo4pM4du9THOk00YmVvvWpnP/KbQ9+NPqHOQ9ujd1knAt
lR7p92C/+qWZIgQvu5cHWa70t1s4PzPT1rEwQfHB4zQDI3Qa3jHJyTfS/9IY8ybh
4pXetT+K
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:33 2024 by rpki-client on console-ams.rpki-client.org