Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/2Ks0Nr4oa9QlrXON8NoG6_ajW7Y.roa
File: 2Ks0Nr4oa9QlrXON8NoG6_ajW7Y.roa (raw, json)
Hash identifier: oo5kPNe66NkoHqCZrp5TjgehPPgliFRgWoDtmoG0Zz4=
Subject key identifier: D8:AB:34:36:BE:28:6B:D4:25:AD:73:8D:F0:DA:06:EB:F6:A3:5B:B6
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018A98290C10970DA3031D3E1F9773683001
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/2Ks0Nr4oa9QlrXON8NoG6_ajW7Y.roa
Signing time: Fri 15 Sep 2023 09:25:41 +0000
ROA not before: Fri 15 Sep 2023 09:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211527
IP address blocks: 213.175.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:29:0c:10:97:0d:a3:03:1d:3e:1f:97:73:68:30:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Sep 15 09:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8ab3436be286bd425ad738df0da06ebf6a35bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c7:03:f7:51:90:cf:7d:f9:1e:82:59:1e:9e:
1c:a3:c8:22:82:a3:ef:74:d1:e7:95:a2:20:34:30:
7c:ef:0c:80:76:3c:37:7e:2f:98:f6:23:27:c1:d4:
68:76:3b:8a:ad:d0:79:5a:8d:f4:6b:e1:6e:3b:37:
f4:3f:be:80:e4:a3:f8:26:ec:f1:16:b1:19:e2:5d:
df:8b:e7:04:cc:eb:82:d2:79:0d:e1:1d:aa:6a:b2:
13:fa:47:63:e4:6a:f8:8f:6a:67:8e:4d:46:b7:4f:
2d:86:46:8d:67:8b:b7:c6:8f:94:c4:43:2a:ab:ee:
ca:bb:88:56:29:56:51:82:fe:4d:41:84:0e:44:9a:
58:43:bb:bc:fa:a8:3f:41:cc:2e:bd:f3:15:4d:df:
99:73:df:65:c4:50:ad:80:d7:7b:53:5f:0a:4b:05:
72:47:15:89:0b:e7:4f:e9:47:0e:e1:b4:31:36:5a:
e5:ef:c3:17:3e:26:23:0f:5e:67:95:1b:58:4a:32:
6b:49:50:60:47:42:bd:f9:4b:7e:fc:52:9c:c9:2e:
48:09:24:a5:56:73:61:32:b7:39:53:15:f0:0c:09:
00:bc:b9:9e:92:be:51:9f:c4:d1:c6:53:3e:f7:d6:
fa:dc:83:98:a3:02:83:19:94:59:7a:65:7e:80:4a:
3e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AB:34:36:BE:28:6B:D4:25:AD:73:8D:F0:DA:06:EB:F6:A3:5B:B6
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/2Ks0Nr4oa9QlrXON8NoG6_ajW7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.175.68.0/24
Signature Algorithm: sha256WithRSAEncryption
42:2a:36:5c:88:33:ff:8f:c8:22:46:33:a0:4b:e5:78:c8:ad:
7c:f9:66:32:4e:0b:a8:a4:70:dc:43:c3:1e:53:90:05:5a:8a:
b0:07:11:0a:b3:33:b8:4e:b2:3d:f1:53:f7:7e:a0:e3:ec:28:
d0:73:14:94:31:ca:d0:f7:45:61:f9:6e:78:79:13:d3:7f:25:
3d:b9:ba:a2:4a:70:dc:82:1f:18:c7:6b:9d:24:63:af:ef:ed:
0d:09:18:01:99:c6:cd:b9:ae:15:ba:31:db:e8:bd:d4:7d:34:
a9:4f:fe:fb:17:1b:3b:95:8d:29:8e:cf:84:21:24:c8:07:68:
4e:ec:b2:e9:96:e3:c9:6f:f1:50:29:55:37:85:f3:aa:8b:50:
40:f8:8d:10:18:ac:d9:6d:28:b1:ac:49:a5:28:85:c1:70:3a:
d4:bd:8f:2c:3d:39:4c:11:a6:f2:92:68:a4:06:0e:9a:a4:d5:
1c:22:0c:1e:f4:51:23:c7:6c:55:46:4e:ff:15:d7:db:b8:a6:
9f:1a:0c:d5:bf:7b:ec:30:b7:12:c4:96:f7:1c:6e:74:11:6f:
22:10:1f:9a:ef:b6:1b:2f:01:d1:52:4e:f4:ad:1f:fa:b6:22:
a4:73:a5:26:81:23:bf:49:69:6a:3c:4f:82:8e:b3:0e:b4:56:
aa:c3:93:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqYKQwQlw2jAx0+H5dzaDABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwOTE1MDkyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFiMzQzNmJlMjg2YmQ0MjVhZDczOGRmMGRhMDZlYmY2YTM1YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8cD91GQz335HoJZHp4co8gigqPv
dNHnlaIgNDB87wyAdjw3fi+Y9iMnwdRodjuKrdB5Wo30a+FuOzf0P76A5KP4Juzx
FrEZ4l3fi+cEzOuC0nkN4R2qarIT+kdj5Gr4j2pnjk1Gt08thkaNZ4u3xo+UxEMq
q+7Ku4hWKVZRgv5NQYQORJpYQ7u8+qg/QcwuvfMVTd+Zc99lxFCtgNd7U18KSwVy
RxWJC+dP6UcO4bQxNlrl78MXPiYjD15nlRtYSjJrSVBgR0K9+Ut+/FKcyS5ICSSl
VnNhMrc5UxXwDAkAvLmekr5Rn8TRxlM+99b63IOYowKDGZRZemV+gEo+VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNirNDa+KGvUJa1zjfDaBuv2o1u2MB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvMktzME5yNG9hOVFsclhPTjhOb0c2X2FqVzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1a9EMA0G
CSqGSIb3DQEBCwUAA4IBAQBCKjZciDP/j8giRjOgS+V4yK18+WYyTguopHDcQ8Me
U5AFWoqwBxEKszO4TrI98VP3fqDj7CjQcxSUMcrQ90Vh+W54eRPTfyU9ubqiSnDc
gh8Yx2udJGOv7+0NCRgBmcbNua4VujHb6L3UfTSpT/77Fxs7lY0pjs+EISTIB2hO
7LLpluPJb/FQKVU3hfOqi1BA+I0QGKzZbSixrEmlKIXBcDrUvY8sPTlMEabykmik
Bg6apNUcIgwe9FEjx2xVRk7/FdfbuKafGgzVv3vsMLcSxJb3HG50EW8iEB+a77Yb
LwHRUk70rR/6tiKkc6UmgSO/SWlqPE+CjrMOtFaqw5On
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:12 2024 by rpki-client on console-ams.rpki-client.org