Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/I_O1HvDRK4IYL2FefGtcV-huKBY.roa
File: I_O1HvDRK4IYL2FefGtcV-huKBY.roa (raw, json)
Hash identifier: CndOfsMn+EKy05UQy3NXTCV+vZlf6GfWA+lvwO3NN78=
Subject key identifier: 23:F3:B5:1E:F0:D1:2B:82:18:2F:61:5E:7C:6B:5C:57:E8:6E:28:16
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 01856C65CEAD9426E7EB206C3BA89EDB6BBD
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/I_O1HvDRK4IYL2FefGtcV-huKBY.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49649
IP address blocks: 213.109.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ce:ad:94:26:e7:eb:20:6c:3b:a8:9e:db:6b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23f3b51ef0d12b82182f615e7c6b5c57e86e2816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bf:55:52:ed:08:66:1e:0d:c1:43:07:7e:87:
6d:21:88:09:05:e6:c5:50:f0:b7:63:21:ea:39:c7:
c0:1a:3e:92:ec:d7:24:f8:c4:cb:35:69:d5:6f:8e:
c1:92:73:f9:eb:27:27:73:03:e1:55:39:b5:59:dd:
05:2d:1e:b7:be:6f:21:0c:a9:34:2c:7f:c6:85:86:
44:7a:87:2c:23:0c:3c:a1:58:b4:bb:e2:bd:52:26:
f1:08:b2:c3:dd:b4:d9:d3:b6:47:b8:a5:e6:8c:0d:
22:86:10:e0:37:51:04:59:72:09:c8:4c:ba:ec:ff:
a8:78:e2:bd:cd:fe:38:fa:33:0f:69:7f:24:43:8e:
ad:10:ed:83:8c:68:18:8d:fb:5d:27:3c:6f:9a:ee:
03:95:cc:77:6e:ff:66:3d:e2:18:28:46:f4:b4:21:
53:56:ef:d9:f7:8e:55:95:18:95:10:ca:90:c8:af:
e8:9d:8a:98:b7:39:1c:57:48:8f:4d:71:8e:a4:52:
07:02:70:66:41:b9:0e:41:c8:a9:1a:52:1f:d0:2c:
57:d2:12:67:ca:43:cb:dc:3e:61:83:d2:7f:49:2d:
36:38:9e:92:e1:e6:a7:0d:25:87:e3:39:35:8c:e9:
32:a7:e6:8e:ba:23:30:e0:84:33:1b:e0:e4:91:1f:
9d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F3:B5:1E:F0:D1:2B:82:18:2F:61:5E:7C:6B:5C:57:E8:6E:28:16
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/I_O1HvDRK4IYL2FefGtcV-huKBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.32.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:60:ec:2c:1a:0a:bb:7b:61:32:6f:cf:3b:79:7d:61:ce:d1:
66:63:8b:cf:df:f2:34:68:61:80:36:4c:13:c8:44:bc:c0:a0:
8d:9f:51:fc:9d:3c:45:23:8d:b6:fc:af:ef:31:b8:9a:94:98:
b6:41:7c:22:77:65:b3:bb:fb:c1:49:c1:c9:d2:b7:23:fe:d2:
f6:58:c9:03:c1:42:d3:02:26:ef:61:ac:48:f0:59:a9:88:02:
7e:d1:16:a6:f3:70:cf:68:58:c3:65:0b:be:98:fc:69:ac:67:
e6:c1:ec:67:b5:a5:39:24:2e:5a:ca:02:95:74:a1:f8:7f:2f:
7f:dd:9c:ab:ef:f0:aa:f2:57:3a:f8:19:b7:c6:ba:dd:6e:c8:
93:3f:dd:07:3a:7f:14:09:b5:5d:22:3b:06:2c:bc:1a:2b:77:
40:d5:41:63:c1:f4:49:e4:2f:c7:64:0f:95:c9:81:d0:3b:ff:
76:92:fd:a3:86:46:66:fa:a4:2d:57:36:fc:74:e0:26:68:89:
f1:60:24:47:ea:1a:10:84:57:e7:4a:f4:88:37:28:73:ef:f8:
d7:8b:5c:10:8f:4e:df:c1:f9:5b:c6:7b:0c:9a:e0:fe:cd:17:
72:7e:87:01:3c:93:53:4e:da:5a:76:0e:0b:9e:04:46:87:61:
a3:20:7d:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZc6tlCbn6yBsO6ie22u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2YzYjUxZWYwZDEyYjgyMTgyZjYxNWU3YzZiNWM1N2U4NmUyODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir9VUu0IZh4NwUMHfodtIYgJBebF
UPC3YyHqOcfAGj6S7Nck+MTLNWnVb47BknP56ycncwPhVTm1Wd0FLR63vm8hDKk0
LH/GhYZEeocsIww8oVi0u+K9UibxCLLD3bTZ07ZHuKXmjA0ihhDgN1EEWXIJyEy6
7P+oeOK9zf44+jMPaX8kQ46tEO2DjGgYjftdJzxvmu4Dlcx3bv9mPeIYKEb0tCFT
Vu/Z945VlRiVEMqQyK/onYqYtzkcV0iPTXGOpFIHAnBmQbkOQcipGlIf0CxX0hJn
ykPL3D5hg9J/SS02OJ6S4eanDSWH4zk1jOkyp+aOuiMw4IQzG+DkkR+dwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPztR7w0SuCGC9hXnxrXFfobigWMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvSV9PMUh2RFJLNElZTDJGZWZHdGNWLWh1S0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W0gMA0G
CSqGSIb3DQEBCwUAA4IBAQB9YOwsGgq7e2Eyb887eX1hztFmY4vP3/I0aGGANkwT
yES8wKCNn1H8nTxFI422/K/vMbialJi2QXwid2Wzu/vBScHJ0rcj/tL2WMkDwULT
AibvYaxI8FmpiAJ+0Ram83DPaFjDZQu+mPxprGfmwexntaU5JC5aygKVdKH4fy9/
3Zyr7/Cq8lc6+Bm3xrrdbsiTP90HOn8UCbVdIjsGLLwaK3dA1UFjwfRJ5C/HZA+V
yYHQO/92kv2jhkZm+qQtVzb8dOAmaInxYCRH6hoQhFfnSvSINyhz7/jXi1wQj07f
wflbxnsMmuD+zRdyfocBPJNTTtpadg4LngRGh2GjIH3c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org