Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/z2G6M8IiyrjBAVvei1q7cR7l4T8.roa
File: z2G6M8IiyrjBAVvei1q7cR7l4T8.roa (raw, json)
Hash identifier: DIOPPglqXx87CrdAXljkBhDkeAQy3X+8I9G5rW9sVq8=
Subject key identifier: CF:61:BA:33:C2:22:CA:B8:C1:01:5B:DE:8B:5A:BB:71:1E:E5:E1:3F
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 01856C6EF7C0D339EC9202DFE5AD2A28456F
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/z2G6M8IiyrjBAVvei1q7cR7l4T8.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12732
IP address blocks: 212.21.71.0/24 maxlen: 24
212.21.92.0/22 maxlen: 22
212.42.236.0/23 maxlen: 24
212.42.242.0/23 maxlen: 24
2001:bf1::/32 maxlen: 32
2001:bf0::/29 maxlen: 32
2001:bf0::/32 maxlen: 32
2001:bf0:40::/48 maxlen: 48
2001:bf0:69::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 05 Mar 2023 15:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f7:c0:d3:39:ec:92:02:df:e5:ad:2a:28:45:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf61ba33c222cab8c1015bde8b5abb711ee5e13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:26:9c:13:ee:11:55:c6:49:92:43:4e:de:31:
91:50:51:b3:cf:d0:db:58:8a:09:29:3b:2c:bb:c2:
7f:e6:a7:66:a8:ec:93:f9:8a:39:eb:75:c8:96:6a:
87:78:7e:ca:82:c3:22:d3:04:89:d0:62:13:04:03:
36:ff:a5:b9:d5:a8:39:5f:9e:92:23:1d:91:62:15:
52:88:5e:e5:79:cb:65:50:ff:c2:87:8c:bf:3d:cd:
ea:b0:d3:cb:c9:99:8a:20:bd:86:21:ee:dd:83:85:
3a:b2:74:79:d8:1e:fa:f2:d9:2b:99:8b:b7:08:60:
00:74:5d:84:4b:0e:c7:09:96:80:b9:a3:d1:fb:1d:
b0:e9:bd:4d:f4:66:e5:fa:85:f0:09:66:74:83:0b:
06:af:57:7b:51:0f:b0:c2:fd:bc:53:67:32:a2:07:
5d:b9:dd:4b:fe:58:ad:0d:a5:2b:1c:09:75:84:80:
49:4f:ea:4c:a7:5a:73:ef:19:c3:98:9c:e6:46:6e:
df:67:5f:4e:7f:b3:15:79:b0:35:cc:67:e9:c8:ae:
2d:c9:e6:79:4b:19:56:81:a1:c6:a6:5a:a3:3d:ed:
05:26:00:34:6c:48:e6:d3:40:06:89:5c:c8:ed:e8:
9c:e0:cc:01:48:96:46:4e:6e:ce:f2:3f:67:03:5e:
8b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:61:BA:33:C2:22:CA:B8:C1:01:5B:DE:8B:5A:BB:71:1E:E5:E1:3F
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/z2G6M8IiyrjBAVvei1q7cR7l4T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.71.0/24
212.21.92.0/22
212.42.236.0/23
212.42.242.0/23
IPv6:
2001:bf0::/29
Signature Algorithm: sha256WithRSAEncryption
74:07:14:4b:e1:ce:2c:34:4f:18:aa:cc:86:ae:78:18:f9:86:
e9:8d:39:ea:b3:2f:fe:fd:67:27:cf:ff:72:70:01:cd:9a:c9:
59:12:4b:dc:c0:cb:7c:9e:77:ab:74:95:1b:c5:b7:8e:80:f7:
58:d3:15:70:1a:41:a4:92:30:73:80:b2:25:8f:9b:3c:c2:52:
b2:9e:09:ce:51:b6:23:96:03:98:19:de:83:df:20:65:48:cc:
f4:fa:0f:18:d0:c5:6c:c1:cb:b5:ee:1f:9e:90:f9:ab:aa:e8:
30:24:5e:92:25:c8:85:f5:41:e6:4b:dd:81:4f:c5:c6:a5:10:
5d:c1:c1:23:2e:21:88:e4:7c:c4:d5:c1:eb:d5:3e:54:4c:f9:
dd:fe:56:76:4c:4f:09:27:29:91:83:a7:42:01:be:36:62:13:
b4:eb:da:4b:28:e6:df:ed:da:73:f5:b2:75:f3:a9:b4:e9:65:
97:07:62:92:e4:48:28:d2:2c:ff:69:6d:38:98:5a:86:ec:c8:
13:50:6f:4d:b2:42:4d:fe:d2:fd:18:a4:d0:d8:37:f1:24:72:
a9:05:28:45:72:c5:9c:5f:ab:42:b8:40:2a:a0:52:62:e4:42:
ce:5c:bb:c9:1e:c7:f6:0f:68:3f:59:c2:15:c5:f7:08:6d:5c:
f6:66:6b:c2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsbvfA0znskgLf5a0qKEVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjYxYmEzM2MyMjJjYWI4YzEwMTViZGU4YjVhYmI3MTFlZTVlMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiacE+4RVcZJkkNO3jGRUFGzz9Db
WIoJKTssu8J/5qdmqOyT+Yo563XIlmqHeH7KgsMi0wSJ0GITBAM2/6W51ag5X56S
Ix2RYhVSiF7lectlUP/Ch4y/Pc3qsNPLyZmKIL2GIe7dg4U6snR52B768tkrmYu3
CGAAdF2ESw7HCZaAuaPR+x2w6b1N9Gbl+oXwCWZ0gwsGr1d7UQ+wwv28U2cyogdd
ud1L/litDaUrHAl1hIBJT+pMp1pz7xnDmJzmRm7fZ19Of7MVebA1zGfpyK4tyeZ5
SxlWgaHGplqjPe0FJgA0bEjm00AGiVzI7eic4MwBSJZGTm7O8j9nA16LlQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM9hujPCIsq4wQFb3otau3Ee5eE/MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvejJHNk04SWl5cmpCQVZ2ZWkxcTdjUjdsNFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQA1BVHAwQC
1BVcAwQB1CrsAwQB1CryMA0EAgACMAcDBQMgAQvwMA0GCSqGSIb3DQEBCwUAA4IB
AQB0BxRL4c4sNE8YqsyGrngY+YbpjTnqsy/+/Wcnz/9ycAHNmslZEkvcwMt8nner
dJUbxbeOgPdY0xVwGkGkkjBzgLIlj5s8wlKyngnOUbYjlgOYGd6D3yBlSMz0+g8Y
0MVswcu17h+ekPmrqugwJF6SJciF9UHmS92BT8XGpRBdwcEjLiGI5HzE1cHr1T5U
TPnd/lZ2TE8JJymRg6dCAb42YhO069pLKObf7dpz9bJ186m06WWXB2KS5Ego0iz/
aW04mFqG7MgTUG9NskJN/tL9GKTQ2DfxJHKpBShFcsWcX6tCuEAqoFJi5ELOXLvJ
Hsf2D2g/WcIVxfcIbVz2ZmvC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:46 2024 by rpki-client on console-fra.rpki-client.org