Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/mI9KUc4tNw3miunmIH6tSmg8jOQ.roa
File: mI9KUc4tNw3miunmIH6tSmg8jOQ.roa (raw, json)
Hash identifier: kExQXnEDfotbqIuCLesjPjwShpvpT6MEgmMRLMJiv84=
Subject key identifier: 98:8F:4A:51:CE:2D:37:0D:E6:8A:E9:E6:20:7E:AD:4A:68:3C:8C:E4
Certificate issuer: /CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Certificate serial: 018CC49361032119B40B53D4CCAD7E857C00
Authority key identifier: B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/mI9KUc4tNw3miunmIH6tSmg8jOQ.roa
Signing time: Mon 01 Jan 2024 10:30:42 +0000
ROA not before: Mon 01 Jan 2024 10:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9030
IP address blocks: 212.8.192.0/19 maxlen: 24
212.15.192.0/19 maxlen: 24
2001:ae0::/30 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 Aug 2024 13:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:61:03:21:19:b4:0b:53:d4:cc:ad:7e:85:7c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Validity
Not Before: Jan 1 10:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=988f4a51ce2d370de68ae9e6207ead4a683c8ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:70:f9:7d:27:9b:60:1f:4b:30:04:ab:07:db:
b9:11:d7:b0:30:f5:59:19:3f:28:24:37:cb:1f:c6:
be:91:82:50:f2:7b:49:a9:5c:5f:ac:e3:ae:58:cc:
f3:d3:d5:91:e5:f8:13:57:ab:1f:0b:8c:8f:b2:2f:
35:05:83:91:40:18:2a:a0:0d:cf:03:2a:ca:15:ca:
ac:f3:d8:04:3c:85:c3:83:f0:fb:4b:de:6c:14:e9:
59:e7:1b:0c:c1:f7:99:dd:c6:7b:c1:37:f6:9d:55:
53:32:c4:99:9c:67:91:2c:aa:db:31:57:6c:00:2d:
2f:3a:6f:a4:c2:23:9d:fa:e0:a7:72:3e:ac:0f:36:
e9:e0:15:89:f7:7c:f4:7a:9c:33:10:0d:a2:02:a1:
a4:57:06:01:d8:7a:35:9e:b9:4f:83:3a:77:c4:a1:
36:ce:51:fd:40:d0:9b:07:01:05:53:05:8d:d7:fc:
76:26:3b:fc:60:ba:a1:b7:30:0d:87:c3:00:80:75:
ce:03:b0:75:d6:31:7b:04:e6:97:b2:03:e5:13:d0:
54:8c:f3:ac:3d:78:9d:38:7c:87:56:a9:74:7b:79:
c8:56:ca:ae:4e:86:ee:91:e5:d4:53:d9:d9:97:9f:
a3:50:8a:6c:4c:6f:3d:4d:b2:c5:17:28:4b:0c:dc:
05:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8F:4A:51:CE:2D:37:0D:E6:8A:E9:E6:20:7E:AD:4A:68:3C:8C:E4
X509v3 Authority Key Identifier:
keyid:B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/mI9KUc4tNw3miunmIH6tSmg8jOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.192.0/19
212.15.192.0/19
IPv6:
2001:ae0::/30
Signature Algorithm: sha256WithRSAEncryption
18:c6:ce:36:d0:f4:30:60:44:c0:e0:b2:22:9e:bd:0c:f8:a9:
8c:cb:5e:c3:d5:75:a1:bd:78:8c:37:d4:3c:32:c1:e7:bd:5a:
dd:5d:6b:47:13:98:9c:6c:5b:fa:a0:6f:1c:e3:3d:b2:a9:25:
23:27:ae:24:61:71:7c:4a:42:60:10:40:72:0b:fc:52:eb:74:
5b:a2:f3:8d:ee:66:d0:56:08:6d:fc:f6:a7:6a:71:6a:db:7e:
40:9f:a1:ed:e0:29:ba:6a:33:ba:91:2d:3a:ea:f6:bc:7f:9e:
3a:3d:01:ce:f5:b4:cb:16:f5:f9:cf:06:0e:f1:1c:03:80:fb:
53:c9:d8:38:1a:d3:4b:96:1c:54:ee:fb:13:11:04:f0:c2:20:
c5:5a:9a:37:cb:b1:21:16:1d:df:49:ac:d0:69:7c:53:31:2a:
ce:f2:d1:b4:44:03:ae:aa:b7:d4:2d:f9:38:02:b7:d2:d3:c8:
c5:81:fa:2f:d2:6b:7c:d1:e6:5c:6d:de:f8:32:9e:47:c8:c8:
9e:67:af:52:70:ad:66:1c:35:db:d0:6b:25:af:87:29:d1:df:
81:f2:3e:5d:3e:33:00:bf:03:db:c9:6e:b2:a0:1e:4a:5d:32:
c5:bb:b7:3a:c3:ae:58:66:c3:dd:c9:80:60:94:56:11:5d:d5:
37:83:fc:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEk2EDIRm0C1PUzK1+hXwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwY2M5NWZjNDJmM2Q4MTkyMGY0NjRiMGYyMGM4YTUyMDNm
MjFlMzAwHhcNMjQwMTAxMTAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhmNGE1MWNlMmQzNzBkZTY4YWU5ZTYyMDdlYWQ0YTY4M2M4Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XD5fSebYB9LMASrB9u5EdewMPVZ
GT8oJDfLH8a+kYJQ8ntJqVxfrOOuWMzz09WR5fgTV6sfC4yPsi81BYORQBgqoA3P
AyrKFcqs89gEPIXDg/D7S95sFOlZ5xsMwfeZ3cZ7wTf2nVVTMsSZnGeRLKrbMVds
AC0vOm+kwiOd+uCncj6sDzbp4BWJ93z0epwzEA2iAqGkVwYB2Ho1nrlPgzp3xKE2
zlH9QNCbBwEFUwWN1/x2Jjv8YLqhtzANh8MAgHXOA7B11jF7BOaXsgPlE9BUjPOs
PXidOHyHVql0e3nIVsquTobukeXUU9nZl5+jUIpsTG89TbLFFyhLDNwFIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJiPSlHOLTcN5orp5iB+rUpoPIzkMB8GA1UdIwQY
MBaAFLDMlfxC89gZIPRksPIMilID8h4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEt
ODQ1M2MwZjEzNWQ2LzEvbUk5S1VjNHROdzNtaXVubUlINnRTbWc4ak9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEtODQ1M2MwZjEzNWQ2
LzEvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1AjAAwQF
1A/AMA0EAgACMAcDBQIgAQrgMA0GCSqGSIb3DQEBCwUAA4IBAQAYxs420PQwYETA
4LIinr0M+KmMy17D1XWhvXiMN9Q8MsHnvVrdXWtHE5icbFv6oG8c4z2yqSUjJ64k
YXF8SkJgEEByC/xS63RbovON7mbQVght/PananFq235An6Ht4Cm6ajO6kS066va8
f546PQHO9bTLFvX5zwYO8RwDgPtTydg4GtNLlhxU7vsTEQTwwiDFWpo3y7EhFh3f
SazQaXxTMSrO8tG0RAOuqrfULfk4ArfS08jFgfov0mt80eZcbd74Mp5HyMieZ69S
cK1mHDXb0Gslr4cp0d+B8j5dPjMAvwPbyW6yoB5KXTLFu7c6w65YZsPdyYBglFYR
XdU3g/xH
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:30:00 2025 by rpki-client