Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/h-TDzS1bxz4yCsrRt-uMw6SuLhk.roa
File: h-TDzS1bxz4yCsrRt-uMw6SuLhk.roa (raw, json)
Hash identifier: JH8g5QoJqinfUYaQB2LDjl9NYyEvwSRBMBKKE7XQ1O4=
Subject key identifier: 87:E4:C3:CD:2D:5B:C7:3E:32:0A:CA:D1:B7:EB:8C:C3:A4:AE:2E:19
Certificate issuer: /CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Certificate serial: 0192BF77E1073CA9B18432410C62FE9C36C2
Authority key identifier: 97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/h-TDzS1bxz4yCsrRt-uMw6SuLhk.roa
Signing time: Thu 24 Oct 2024 16:59:17 +0000
ROA not before: Thu 24 Oct 2024 16:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209971
IP address blocks: 212.80.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:77:e1:07:3c:a9:b1:84:32:41:0c:62:fe:9c:36:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Validity
Not Before: Oct 24 16:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87e4c3cd2d5bc73e320acad1b7eb8cc3a4ae2e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:13:7c:71:dd:c3:cf:b3:d4:5d:54:ec:fd:b7:
a8:4c:bf:87:7a:5d:25:6a:a2:05:59:56:0d:3e:23:
d2:26:8a:8a:98:11:34:f4:5b:9a:75:47:7c:28:22:
f4:4e:a9:44:85:1c:8b:2c:55:89:89:cc:13:0d:34:
8e:97:00:6f:fc:1e:04:e7:22:c2:6e:fc:df:c1:a5:
98:9f:08:39:9e:ec:a1:6a:eb:89:76:ca:68:ea:02:
1c:00:31:e2:ec:6e:bd:4c:c3:4a:65:90:6b:d5:93:
ab:31:f3:19:b7:93:df:e7:ff:03:a0:36:37:1f:35:
b6:ad:5c:b2:a6:7c:01:77:fb:d1:9e:f7:88:3e:06:
71:f8:9c:1b:05:9b:5f:6b:f2:e9:d2:26:80:99:fc:
c1:54:1f:38:3f:35:f5:76:0f:de:82:dd:34:5e:13:
2b:c4:22:6f:5f:83:f0:c5:cb:7f:1c:a1:cc:b0:b6:
6c:72:05:d6:61:5b:ba:6e:7d:59:bf:4f:f3:89:f5:
b4:94:da:2c:79:8c:36:f7:7c:36:06:4e:23:8c:d3:
dd:df:51:50:ed:e2:f2:a0:4b:0f:f5:df:aa:2a:a6:
5c:a9:9e:69:fe:92:1c:6d:fb:4d:02:b8:3d:26:b5:
b2:f0:c9:87:84:51:94:55:47:e8:f0:a2:d9:55:79:
b8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E4:C3:CD:2D:5B:C7:3E:32:0A:CA:D1:B7:EB:8C:C3:A4:AE:2E:19
X509v3 Authority Key Identifier:
keyid:97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/h-TDzS1bxz4yCsrRt-uMw6SuLhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.196.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:5b:44:3e:38:2c:20:4b:e8:97:2b:5b:52:22:7a:fd:8b:ac:
f1:4e:9f:5d:8d:61:17:aa:0d:1a:9d:49:bf:27:4b:75:c2:57:
6b:8b:46:ee:5e:7d:91:00:da:17:0c:de:89:2e:91:eb:c8:62:
60:8a:50:36:e5:a5:2b:e4:0b:24:a9:be:71:88:88:ec:72:8a:
1e:a1:b9:10:32:09:3a:6d:b4:f2:e8:61:44:ea:4b:80:18:13:
02:e2:17:94:3c:f1:72:e8:1c:5a:96:6b:53:db:00:bb:93:57:
0b:e9:04:e9:e8:f1:9d:9c:46:36:37:a2:52:99:ba:4e:2a:43:
eb:c1:f6:c3:5e:a6:0b:10:84:bb:c7:6e:86:2b:5b:46:a7:fa:
de:1f:17:b7:3f:bc:1c:cc:79:33:6e:b8:cf:a3:e7:f3:4c:1e:
8d:38:03:86:dd:1c:90:fd:da:de:ea:f4:b7:c7:0c:3a:cf:d8:
d5:bd:e8:45:25:ba:a8:db:8c:0d:ee:6d:93:24:24:ba:d4:b2:
28:d8:5e:25:7b:71:3e:73:06:10:f9:94:8c:0d:33:8c:30:7d:
62:fc:db:f7:a3:bf:3b:b2:70:58:ab:9f:85:d9:3e:37:3c:2b:
78:46:8b:7b:39:ab:74:b1:74:93:fd:4d:f5:c7:35:ee:60:6d:
25:60:53:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK/d+EHPKmxhDJBDGL+nDbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDI0ZmZjNDkyN2JmZTM1Mjg5NDM1ZDlkMDI4MDQyMGI4
ZWNkY2IwHhcNMjQxMDI0MTY1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U0YzNjZDJkNWJjNzNlMzIwYWNhZDFiN2ViOGNjM2E0YWUyZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xN8cd3Dz7PUXVTs/beoTL+Hel0l
aqIFWVYNPiPSJoqKmBE09FuadUd8KCL0TqlEhRyLLFWJicwTDTSOlwBv/B4E5yLC
bvzfwaWYnwg5nuyhauuJdspo6gIcADHi7G69TMNKZZBr1ZOrMfMZt5Pf5/8DoDY3
HzW2rVyypnwBd/vRnveIPgZx+JwbBZtfa/Lp0iaAmfzBVB84PzX1dg/egt00XhMr
xCJvX4Pwxct/HKHMsLZscgXWYVu6bn1Zv0/zifW0lNoseYw293w2Bk4jjNPd31FQ
7eLyoEsP9d+qKqZcqZ5p/pIcbftNArg9JrWy8MmHhFGUVUfo8KLZVXm4GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfkw80tW8c+MgrK0bfrjMOkri4ZMB8GA1UdIwQY
MBaAFJcCT/xJJ7/jUolDXZ0CgEILjs3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDkt
NDAxYmRhNDQ3N2I1LzEvaC1URHpTMWJ4ejR5Q3NyUnQtdU13NlN1TGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDktNDAxYmRhNDQ3N2I1
LzEvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FDEMA0G
CSqGSIb3DQEBCwUAA4IBAQCqW0Q+OCwgS+iXK1tSInr9i6zxTp9djWEXqg0anUm/
J0t1wldri0buXn2RANoXDN6JLpHryGJgilA25aUr5Askqb5xiIjscooeobkQMgk6
bbTy6GFE6kuAGBMC4heUPPFy6BxalmtT2wC7k1cL6QTp6PGdnEY2N6JSmbpOKkPr
wfbDXqYLEIS7x26GK1tGp/reHxe3P7wczHkzbrjPo+fzTB6NOAOG3RyQ/dre6vS3
xww6z9jVvehFJbqo24wN7m2TJCS61LIo2F4le3E+cwYQ+ZSMDTOMMH1i/Nv3o787
snBYq5+F2T43PCt4Rot7Oat0sXST/U31xzXuYG0lYFN2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:19 2025 by rpki-client