Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/Y2pDcjJsRc4i8Lw4BLnJ8OVoJiU.roa
File: Y2pDcjJsRc4i8Lw4BLnJ8OVoJiU.roa (raw, json)
Hash identifier: lgou6HiglyTd9KsJ0TJORnIwjqCr82Dp3lg7eYg6W40=
Subject key identifier: 63:6A:43:72:32:6C:45:CE:22:F0:BC:38:04:B9:C9:F0:E5:68:26:25
Certificate issuer: /CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Certificate serial: 018B9465B81985E221A806E5FFEB41AB7F45
Authority key identifier: B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/Y2pDcjJsRc4i8Lw4BLnJ8OVoJiU.roa
Signing time: Fri 03 Nov 2023 08:56:16 +0000
ROA not before: Fri 03 Nov 2023 08:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8925
IP address blocks: 212.8.192.0/19 maxlen: 24
212.15.192.0/19 maxlen: 24
2001:ae0::/30 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Nov 2023 10:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:65:b8:19:85:e2:21:a8:06:e5:ff:eb:41:ab:7f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Validity
Not Before: Nov 3 08:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=636a4372326c45ce22f0bc3804b9c9f0e5682625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:94:e4:b9:53:94:77:2a:b8:65:71:70:a5:
1f:6b:3c:01:2b:2b:19:9f:38:4b:56:69:28:05:8f:
df:ee:f2:e1:43:ed:6e:a9:80:3b:2b:ff:d3:ab:f3:
b3:31:c8:c1:9c:2e:f4:62:8d:e4:35:77:00:dd:47:
be:ea:1c:6a:7f:89:e0:07:8f:4f:67:d1:6d:ae:39:
b1:7e:6e:f7:65:0c:05:52:41:2a:f1:05:de:97:fc:
f7:59:97:a6:c4:ad:b4:7e:ad:a3:e2:23:4b:a4:26:
f0:3b:c5:89:74:ee:39:73:49:45:84:6e:89:07:58:
00:25:4c:44:2e:ed:27:88:0f:92:4f:42:6a:d7:47:
ad:9a:4b:04:9a:56:1e:e1:f7:58:e8:74:31:22:53:
af:fc:9e:6a:31:05:4e:2b:f3:59:c5:0b:70:f3:4d:
95:2b:80:dd:cf:5d:55:6a:e7:1b:48:3e:33:66:70:
1a:06:51:04:91:43:96:95:55:14:1b:c2:7c:39:2d:
af:ff:6b:97:de:07:c5:34:9b:f3:48:51:ce:1c:40:
a2:44:f7:86:9e:b9:0d:28:54:d0:ef:53:a2:7d:b6:
21:8e:55:b6:25:0b:e0:3c:79:f0:a4:92:dd:32:63:
21:28:bd:8d:75:7c:f6:2a:2e:93:d2:f3:ef:11:c2:
12:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6A:43:72:32:6C:45:CE:22:F0:BC:38:04:B9:C9:F0:E5:68:26:25
X509v3 Authority Key Identifier:
keyid:B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/Y2pDcjJsRc4i8Lw4BLnJ8OVoJiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.192.0/19
212.15.192.0/19
IPv6:
2001:ae0::/30
Signature Algorithm: sha256WithRSAEncryption
02:8e:04:ba:18:90:1d:78:70:99:ac:b9:33:5c:5c:22:b6:e4:
1d:41:50:f2:a0:17:99:20:e5:91:7a:ad:75:81:b6:f4:93:70:
6b:a2:0a:95:e0:34:a0:ce:66:1a:f6:21:a5:ab:cc:b6:11:9d:
b6:46:d1:3c:b1:1e:f2:9b:6a:9b:c3:00:9d:cf:32:2b:22:47:
eb:91:ca:29:b4:1e:49:d1:11:fc:d0:25:74:81:ca:9c:d4:d1:
08:ca:f6:82:e5:de:70:07:40:02:57:8a:14:d8:3e:be:b7:01:
76:32:0b:b5:14:6a:19:d8:2b:ea:ef:2a:7c:4d:5b:7b:fd:10:
a8:3b:d1:9a:1e:54:f8:60:18:64:fd:f7:07:33:3b:bc:58:2a:
9f:30:67:04:b3:87:eb:65:0a:bc:d7:a9:35:d6:c7:3e:73:ea:
fc:08:af:17:e9:43:e1:4b:32:bb:10:87:a9:ce:f1:89:ea:a9:
88:5a:21:12:3b:e8:4f:ed:68:be:64:ef:21:01:01:72:34:65:
6b:1c:4e:eb:0c:d4:ea:31:1a:7e:fa:5a:b4:ed:e3:fd:53:3a:
4a:b7:9c:af:20:9c:d9:01:f2:79:41:17:86:a6:d5:77:d7:29:
bd:e7:36:c1:80:c8:bd:a9:cc:bd:f8:d2:e4:d3:f1:10:a6:f3:
69:fb:7a:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuUZbgZheIhqAbl/+tBq39FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwY2M5NWZjNDJmM2Q4MTkyMGY0NjRiMGYyMGM4YTUyMDNm
MjFlMzAwHhcNMjMxMTAzMDg1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZhNDM3MjMyNmM0NWNlMjJmMGJjMzgwNGI5YzlmMGU1NjgyNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8+U5LlTlHcquGVxcKUfazwBKysZ
nzhLVmkoBY/f7vLhQ+1uqYA7K//Tq/OzMcjBnC70Yo3kNXcA3Ue+6hxqf4ngB49P
Z9Ftrjmxfm73ZQwFUkEq8QXel/z3WZemxK20fq2j4iNLpCbwO8WJdO45c0lFhG6J
B1gAJUxELu0niA+ST0Jq10etmksEmlYe4fdY6HQxIlOv/J5qMQVOK/NZxQtw802V
K4Ddz11VaucbSD4zZnAaBlEEkUOWlVUUG8J8OS2v/2uX3gfFNJvzSFHOHECiRPeG
nrkNKFTQ71OifbYhjlW2JQvgPHnwpJLdMmMhKL2NdXz2Ki6T0vPvEcISeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGNqQ3IybEXOIvC8OAS5yfDlaCYlMB8GA1UdIwQY
MBaAFLDMlfxC89gZIPRksPIMilID8h4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEt
ODQ1M2MwZjEzNWQ2LzEvWTJwRGNqSnNSYzRpOEx3NEJMbko4T1ZvSmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEtODQ1M2MwZjEzNWQ2
LzEvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1AjAAwQF
1A/AMA0EAgACMAcDBQIgAQrgMA0GCSqGSIb3DQEBCwUAA4IBAQACjgS6GJAdeHCZ
rLkzXFwituQdQVDyoBeZIOWReq11gbb0k3BrogqV4DSgzmYa9iGlq8y2EZ22RtE8
sR7ym2qbwwCdzzIrIkfrkcoptB5J0RH80CV0gcqc1NEIyvaC5d5wB0ACV4oU2D6+
twF2Mgu1FGoZ2Cvq7yp8TVt7/RCoO9GaHlT4YBhk/fcHMzu8WCqfMGcEs4frZQq8
16k11sc+c+r8CK8X6UPhSzK7EIepzvGJ6qmIWiESO+hP7Wi+ZO8hAQFyNGVrHE7r
DNTqMRp++lq07eP9UzpKt5yvIJzZAfJ5QReGptV31ym95zbBgMi9qcy9+NLk0/EQ
pvNp+3rR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org