Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/WHm9A5VMXpF2tX2lKCPbxhlSYvw.roa
File: WHm9A5VMXpF2tX2lKCPbxhlSYvw.roa (raw, json)
Hash identifier: B66ZMfPcIl+D/caseZ4QIep5ESVpNutVFCZa09dyJOs=
Subject key identifier: 58:79:BD:03:95:4C:5E:91:76:B5:7D:A5:28:23:DB:C6:19:52:62:FC
Certificate issuer: /CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Certificate serial: 018571958AEB0739CE6BC3EAFD38230EFC01
Authority key identifier: A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/WHm9A5VMXpF2tX2lKCPbxhlSYvw.roa
Signing time: Mon 02 Jan 2023 08:25:03 +0000
ROA not before: Mon 02 Jan 2023 08:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 212.101.192.0/24 maxlen: 24
212.101.192.0/19 maxlen: 24
212.101.204.0/24 maxlen: 24
212.101.205.0/24 maxlen: 24
212.101.201.0/24 maxlen: 24
212.101.211.0/24 maxlen: 24
212.101.212.0/23 maxlen: 24
212.101.207.0/24 maxlen: 24
212.101.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:8a:eb:07:39:ce:6b:c3:ea:fd:38:23:0e:fc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Validity
Not Before: Jan 2 08:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5879bd03954c5e9176b57da52823dbc6195262fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:98:71:5f:c4:b5:df:a4:4f:98:03:0c:86:e9:
9e:db:f2:43:47:d7:58:c6:2d:89:9c:7e:bb:ec:29:
10:47:5d:30:37:8c:0a:de:d9:8a:3e:6a:f9:6d:8d:
ce:10:bc:83:1a:61:b4:db:e7:db:b9:f1:9a:59:11:
26:a5:57:ce:46:b5:e7:b4:db:ef:44:8c:cd:45:0a:
f8:ee:da:7e:17:90:a4:b1:f4:54:5b:a7:1f:e6:20:
5f:94:cc:41:44:12:f9:5c:e9:25:37:ef:22:b9:f1:
90:10:88:16:3b:c0:33:61:e6:01:53:3f:aa:97:b2:
ac:c4:bb:1f:31:d3:81:98:34:f5:f5:82:75:7c:34:
a4:c5:0e:95:15:76:0c:b6:1d:8c:b6:89:65:da:c0:
19:ae:13:3d:47:77:a5:2d:19:97:c8:5f:14:17:48:
48:d8:8b:70:e3:9d:e5:fe:93:fe:3e:8b:3e:18:f1:
3e:46:e8:fd:80:c3:c6:f5:ae:7a:55:45:82:ee:96:
13:b4:03:70:71:7c:cd:ff:05:0c:a0:28:6c:c1:a2:
21:28:d4:fb:4d:97:1d:77:4b:d5:2d:0b:cd:38:82:
78:9f:94:c4:c3:31:eb:44:5d:ee:45:ec:df:68:5b:
ff:9b:4f:39:05:84:c9:2a:b2:c1:68:59:db:2f:1f:
ef:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:79:BD:03:95:4C:5E:91:76:B5:7D:A5:28:23:DB:C6:19:52:62:FC
X509v3 Authority Key Identifier:
keyid:A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/WHm9A5VMXpF2tX2lKCPbxhlSYvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p67mdiDZwK5j0pV4XJ2VbwY8IcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.192.0/19
Signature Algorithm: sha256WithRSAEncryption
58:9e:1d:45:eb:dd:69:3d:9f:ce:41:fa:e9:e9:5e:30:8b:ba:
02:59:2a:bd:8f:70:0a:bc:98:2f:42:59:e4:38:00:fc:0f:f5:
f1:bc:9f:c5:9f:e9:22:27:17:3e:f4:bc:b6:c8:85:e2:83:ce:
a8:6b:1c:48:07:62:62:1f:ca:67:27:7e:7e:ba:12:cc:08:a0:
64:67:af:b9:a2:ca:0e:fd:9c:7f:56:03:a9:47:3f:4e:13:89:
00:85:c6:69:4f:25:b9:78:90:68:21:a1:dc:e1:34:5a:8a:47:
59:d1:30:bf:13:55:0d:42:27:f2:e5:58:25:26:a6:4e:b5:16:
ab:f9:34:09:00:72:07:62:df:a9:a4:f7:ef:af:4e:3f:86:40:
e6:c1:46:89:56:ac:dd:5c:62:b8:dc:88:54:a8:89:70:a8:bc:
a3:88:84:f3:01:fa:9f:ea:2a:eb:ab:5d:06:cc:87:1e:4c:71:
fb:4d:db:f2:16:9d:ab:16:64:f6:17:6b:d8:38:c7:7f:50:58:
56:12:6f:80:c3:ae:c7:61:42:80:1c:21:04:1b:1e:5b:0e:5f:
57:54:37:1d:20:89:a1:7d:0b:e8:36:24:6d:57:ec:49:90:38:
67:98:9d:a7:1e:e0:9a:8a:a8:f5:e6:d9:34:64:6b:cb:c9:6a:
f2:3d:4b:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlYrrBznOa8Pq/TgjDvwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YWVlNjc2MjBkOWMwYWU2M2QyOTU3ODVjOWQ5NTZmMDYz
YzIxYzMwHhcNMjMwMTAyMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc5YmQwMzk1NGM1ZTkxNzZiNTdkYTUyODIzZGJjNjE5NTI2MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZhxX8S136RPmAMMhume2/JDR9dY
xi2JnH677CkQR10wN4wK3tmKPmr5bY3OELyDGmG02+fbufGaWREmpVfORrXntNvv
RIzNRQr47tp+F5CksfRUW6cf5iBflMxBRBL5XOklN+8iufGQEIgWO8AzYeYBUz+q
l7KsxLsfMdOBmDT19YJ1fDSkxQ6VFXYMth2Mtoll2sAZrhM9R3elLRmXyF8UF0hI
2Itw453l/pP+Pos+GPE+Ruj9gMPG9a56VUWC7pYTtANwcXzN/wUMoChswaIhKNT7
TZcdd0vVLQvNOIJ4n5TEwzHrRF3uRezfaFv/m085BYTJKrLBaFnbLx/vkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFh5vQOVTF6RdrV9pSgj28YZUmL8MB8GA1UdIwQY
MBaAFKeu5nYg2cCuY9KVeFydlW8GPCHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDY3bWRpRFp3SzVqMHBWNFhKMlZid1k4SWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYmEyNWEtMGFiZC00NTUwLWJjYTQt
MGI3ZjE1YjUwOWNiLzEvV0htOUE1Vk1YcEYydFgybEtDUGJ4aGxTWXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYmEyNWEtMGFiZC00NTUwLWJjYTQtMGI3ZjE1YjUwOWNi
LzEvcDY3bWRpRFp3SzVqMHBWNFhKMlZid1k4SWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1GXAMA0G
CSqGSIb3DQEBCwUAA4IBAQBYnh1F691pPZ/OQfrp6V4wi7oCWSq9j3AKvJgvQlnk
OAD8D/XxvJ/Fn+kiJxc+9Ly2yIXig86oaxxIB2JiH8pnJ35+uhLMCKBkZ6+5osoO
/Zx/VgOpRz9OE4kAhcZpTyW5eJBoIaHc4TRaikdZ0TC/E1UNQify5VglJqZOtRar
+TQJAHIHYt+ppPfvr04/hkDmwUaJVqzdXGK43IhUqIlwqLyjiITzAfqf6irrq10G
zIceTHH7TdvyFp2rFmT2F2vYOMd/UFhWEm+Aw67HYUKAHCEEGx5bDl9XVDcdIImh
fQvoNiRtV+xJkDhnmJ2nHuCaiqj15tk0ZGvLyWryPUtv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:08 2024 by rpki-client on console-fra.rpki-client.org