Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/9I3t5-GlkqUVY8e6Kxtyd9cWJ0k.roa
File: 9I3t5-GlkqUVY8e6Kxtyd9cWJ0k.roa (raw, json)
Hash identifier: gm344/qivL3fuo59uXZZGLL9AZW+DcvoaQGgPh18+lY=
Subject key identifier: F4:8D:ED:E7:E1:A5:92:A5:15:63:C7:BA:2B:1B:72:77:D7:16:27:49
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0192331AF897C24D628699A315908E4C797D
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/9I3t5-GlkqUVY8e6Kxtyd9cWJ0k.roa
Signing time: Fri 27 Sep 2024 10:50:58 +0000
ROA not before: Fri 27 Sep 2024 10:50:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12548
IP address blocks: 212.68.160.0/22 maxlen: 22
212.68.172.0/22 maxlen: 22
212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/22 maxlen: 22
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.180.0/22 maxlen: 22
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 14:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:1a:f8:97:c2:4d:62:86:99:a3:15:90:8e:4c:79:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Sep 27 10:50:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f48dede7e1a592a51563c7ba2b1b7277d7162749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:17:03:c8:3a:e8:3f:6c:3d:db:16:12:13:8c:
ef:ac:66:18:70:a9:06:03:01:80:c0:1c:b6:01:53:
5a:3d:05:ab:c8:a1:dc:13:a1:1c:f5:8b:e5:ee:7b:
31:08:66:79:21:4e:33:e8:f1:6a:e2:f9:44:1f:98:
c4:51:d7:7c:9e:58:e9:d7:98:7c:b5:dc:d9:f1:f8:
77:44:a8:e6:cf:03:98:0d:02:ee:ad:bb:28:4a:cb:
83:58:72:ef:a9:91:04:9f:46:d0:fa:b0:99:d2:67:
95:6e:41:ca:84:ea:7a:bd:c3:ae:a8:19:70:d5:e3:
37:8d:4a:cc:0f:3e:74:c3:49:e1:eb:81:0f:b6:dc:
b2:f4:88:97:2a:da:6b:65:94:e5:93:66:40:f6:ff:
c3:96:5c:c2:61:4b:a0:27:62:f6:d1:a4:22:0f:49:
32:2a:a5:d9:f2:26:eb:5c:ec:8e:08:4b:75:af:b7:
4f:71:30:e2:d2:fd:05:da:20:51:cf:31:11:6b:5b:
1c:dc:c0:9d:d7:39:8b:1f:3b:99:d9:03:61:e1:00:
04:6a:5c:68:4e:0e:05:c9:c0:52:6e:39:bb:61:5e:
06:98:f6:53:95:74:16:87:78:aa:65:87:c1:0a:d9:
36:86:e7:09:f2:f2:ab:a1:03:6b:7b:8c:84:53:71:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:8D:ED:E7:E1:A5:92:A5:15:63:C7:BA:2B:1B:72:77:D7:16:27:49
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/9I3t5-GlkqUVY8e6Kxtyd9cWJ0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.160.0/22
212.68.172.0-212.68.183.255
Signature Algorithm: sha256WithRSAEncryption
34:84:45:ab:ef:f5:ee:b6:28:fe:50:7a:e1:9f:2b:ae:d1:f5:
db:9f:26:97:18:69:a5:a5:88:e4:44:77:be:49:3a:b7:5d:cb:
de:9c:f3:2f:6b:f3:b1:ab:64:ba:47:1a:dc:39:78:a4:84:d0:
8f:63:0c:14:a4:1c:c1:f3:fd:73:b2:4a:87:9d:b3:7c:2b:da:
c0:3c:fd:d2:be:ef:f5:99:db:cf:f3:14:08:c3:62:63:26:52:
e0:a3:af:75:3a:c8:b9:70:e6:61:47:1a:9b:81:0c:2a:a6:cd:
4f:48:50:7d:7a:de:41:22:d9:4d:29:a0:12:f9:90:e5:2f:b1:
5a:bd:5f:61:0e:71:dd:fd:36:90:56:b3:0d:79:52:9a:3c:e3:
0b:37:cd:fd:13:5e:be:5e:2b:26:c4:48:ea:e0:fe:2f:c9:be:
99:69:1e:b5:42:5f:9e:16:2e:00:63:75:c3:7a:98:f9:b8:c8:
b6:82:27:fe:07:bd:cb:72:39:b8:20:90:d2:81:e4:0d:31:0f:
ec:e7:11:db:fe:fe:db:0a:ab:0d:5c:c4:24:b9:04:cd:21:55:
ad:f7:e4:76:b4:4b:3b:26:39:83:ac:66:32:85:55:ed:04:37:
86:e2:ed:0a:bf:fd:f5:ed:7d:f9:73:e8:58:6c:ed:84:0a:9a:
2a:48:93:7a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZIzGviXwk1ihpmjFZCOTHl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwOTI3MTA1MDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDhkZWRlN2UxYTU5MmE1MTU2M2M3YmEyYjFiNzI3N2Q3MTYyNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohcDyDroP2w92xYSE4zvrGYYcKkG
AwGAwBy2AVNaPQWryKHcE6Ec9Yvl7nsxCGZ5IU4z6PFq4vlEH5jEUdd8nljp15h8
tdzZ8fh3RKjmzwOYDQLurbsoSsuDWHLvqZEEn0bQ+rCZ0meVbkHKhOp6vcOuqBlw
1eM3jUrMDz50w0nh64EPttyy9IiXKtprZZTlk2ZA9v/DllzCYUugJ2L20aQiD0ky
KqXZ8ibrXOyOCEt1r7dPcTDi0v0F2iBRzzERa1sc3MCd1zmLHzuZ2QNh4QAEalxo
Tg4FycBSbjm7YV4GmPZTlXQWh3iqZYfBCtk2hucJ8vKroQNre4yEU3GbQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPSN7efhpZKlFWPHuisbcnfXFidJMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvOUkzdDUtR2xrcVVWWThlNkt4dHlkOWNXSjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1ESgMAwD
BALURKwDBAPURLAwDQYJKoZIhvcNAQELBQADggEBADSERavv9e62KP5QeuGfK67R
9dufJpcYaaWliOREd75JOrddy96c8y9r87GrZLpHGtw5eKSE0I9jDBSkHMHz/XOy
Soeds3wr2sA8/dK+7/WZ28/zFAjDYmMmUuCjr3U6yLlw5mFHGpuBDCqmzU9IUH16
3kEi2U0poBL5kOUvsVq9X2EOcd39NpBWsw15Upo84ws3zf0TXr5eKybESOrg/i/J
vplpHrVCX54WLgBjdcN6mPm4yLaCJ/4HvctyObggkNKB5A0xD+znEdv+/tsKqw1c
xCS5BM0hVa335Ha0SzsmOYOsZjKFVe0EN4bi7Qq//fXtfflz6Fhs7YQKmipIk3o=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:13 2025 by rpki-client