Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/t5keJpwhhh_pGIXnpJKICeWWeZg.roa
File: t5keJpwhhh_pGIXnpJKICeWWeZg.roa (raw, json)
Hash identifier: pcwj8Ov6q6dnRwWxWnQWSk6Ne7wEuSmT8AaFRoCEEdU=
Subject key identifier: B7:99:1E:26:9C:21:86:1F:E9:18:85:E7:A4:92:88:09:E5:96:79:98
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0185986F7399BF4C8A96F74317427A812F6A
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/t5keJpwhhh_pGIXnpJKICeWWeZg.roa
Signing time: Mon 09 Jan 2023 21:28:38 +0000
ROA not before: Mon 09 Jan 2023 21:28:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12548
IP address blocks: 212.68.160.0/22 maxlen: 22
212.68.164.0/22 maxlen: 22
212.68.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:98:6f:73:99:bf:4c:8a:96:f7:43:17:42:7a:81:2f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jan 9 21:28:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7991e269c21861fe91885e7a4928809e5967998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c6:d4:4c:6d:7c:71:0d:f2:1a:fa:c9:f5:ab:
55:4c:29:bc:87:c4:50:6a:e6:07:e7:4a:0f:44:73:
4b:35:e1:00:eb:31:bd:0a:39:0a:04:e0:91:45:72:
f6:25:e2:3d:05:d7:a9:af:c7:02:2b:5c:05:a8:48:
c3:1d:0a:c0:72:28:77:d5:e4:b3:6d:ac:90:61:06:
ad:6a:90:4c:58:c5:8f:51:9f:67:6f:cf:9f:cd:85:
68:ae:78:73:a4:1f:a0:45:da:1e:61:97:79:44:96:
b2:c8:9b:f8:95:92:2d:42:7d:61:b7:94:de:74:11:
17:08:29:5f:a5:8f:3b:7a:19:de:42:76:32:fb:9e:
45:0b:4d:6a:af:83:f4:57:54:cd:dc:03:86:98:d2:
4c:ac:f4:0b:78:4c:97:4f:a1:56:78:27:6a:5f:84:
e9:77:68:28:a8:c6:ee:8a:de:86:4c:32:ff:fb:40:
5b:0b:fc:e8:b2:28:fd:99:35:15:6f:b3:12:e6:ca:
80:b3:16:6b:6a:b7:61:85:e0:2c:f6:a4:e6:56:dc:
f8:74:6a:45:7a:5e:33:99:8a:cf:ec:11:5f:01:57:
ab:8f:47:73:79:b1:8c:9c:db:55:46:0d:79:04:1b:
b4:ea:6d:a5:0d:49:57:14:be:fd:91:cb:2a:49:1c:
f0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:99:1E:26:9C:21:86:1F:E9:18:85:E7:A4:92:88:09:E5:96:79:98
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/t5keJpwhhh_pGIXnpJKICeWWeZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.160.0/21
212.68.176.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:45:63:6f:50:f2:c6:9d:c8:24:4d:88:b7:ec:35:3e:b5:ad:
89:73:df:29:d9:21:1a:d3:f6:4d:35:c0:38:aa:23:06:93:4e:
5e:01:b3:a0:bb:48:e7:cb:ff:52:99:4c:8a:fa:ba:ba:29:6a:
63:5b:59:e4:4a:a9:38:65:b5:46:cb:a4:b2:ba:d3:38:e8:e9:
90:52:22:f5:c1:74:8e:92:26:fd:b0:e9:b7:9d:81:b6:cb:5c:
6b:d2:8e:68:51:2e:22:ff:d9:fd:ec:9f:02:aa:25:44:58:11:
29:a9:47:14:1c:d5:d4:22:43:30:33:46:77:89:ee:74:36:a7:
07:7a:bd:23:87:de:5f:22:07:00:c2:b9:be:fd:6d:10:e8:0b:
7a:66:3d:33:a3:d4:e6:b2:90:49:3c:47:62:95:6d:b4:14:6a:
fe:c8:c2:a1:f8:25:6a:4f:84:5b:7e:53:2b:34:28:ed:3d:31:
a6:bc:a3:1b:44:52:91:4e:fd:88:ee:61:76:18:b4:ad:31:f1:
02:95:2a:f1:ce:6e:61:c8:3c:06:9e:ee:eb:fb:bc:3e:0d:37:
79:72:ce:70:bc:ab:50:ae:d8:e0:62:86:fe:2e:cb:eb:f1:9f:
19:13:7a:fe:a1:c3:7c:4a:71:9c:05:0f:83:71:e7:e0:ea:fb:
7a:d5:ba:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWYb3OZv0yKlvdDF0J6gS9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMwMTA5MjEyODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzk5MWUyNjljMjE4NjFmZTkxODg1ZTdhNDkyODgwOWU1OTY3OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsbUTG18cQ3yGvrJ9atVTCm8h8RQ
auYH50oPRHNLNeEA6zG9CjkKBOCRRXL2JeI9Bdepr8cCK1wFqEjDHQrAcih31eSz
bayQYQatapBMWMWPUZ9nb8+fzYVornhzpB+gRdoeYZd5RJayyJv4lZItQn1ht5Te
dBEXCClfpY87ehneQnYy+55FC01qr4P0V1TN3AOGmNJMrPQLeEyXT6FWeCdqX4Tp
d2goqMbuit6GTDL/+0BbC/zosij9mTUVb7MS5sqAsxZrardhheAs9qTmVtz4dGpF
el4zmYrP7BFfAVerj0dzebGMnNtVRg15BBu06m2lDUlXFL79kcsqSRzwHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLeZHiacIYYf6RiF56SSiAnllnmYMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvdDVrZUpwd2hoaF9wR0lYbnBKS0lDZVdXZVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1ESgAwQC
1ESwMA0GCSqGSIb3DQEBCwUAA4IBAQB6RWNvUPLGncgkTYi37DU+ta2Jc98p2SEa
0/ZNNcA4qiMGk05eAbOgu0jny/9SmUyK+rq6KWpjW1nkSqk4ZbVGy6SyutM46OmQ
UiL1wXSOkib9sOm3nYG2y1xr0o5oUS4i/9n97J8CqiVEWBEpqUcUHNXUIkMwM0Z3
ie50NqcHer0jh95fIgcAwrm+/W0Q6At6Zj0zo9TmspBJPEdilW20FGr+yMKh+CVq
T4RbflMrNCjtPTGmvKMbRFKRTv2I7mF2GLStMfEClSrxzm5hyDwGnu7r+7w+DTd5
cs5wvKtQrtjgYob+Lsvr8Z8ZE3r+ocN8SnGcBQ+Dcefg6vt61bp0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:04 2023 by rpki-client on console-fra.rpki-client.org