Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/PN_ef21ivDSPYYwvs-D-oQaOr8s.roa
File: PN_ef21ivDSPYYwvs-D-oQaOr8s.roa (raw, json)
Hash identifier: S1HFU4WzJS1Wo+oSrnD4TaoioKccxE6rNm/bQdK8DSc=
Subject key identifier: 3C:DF:DE:7F:6D:62:BC:34:8F:61:8C:2F:B3:E0:FE:A1:06:8E:AF:CB
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 01856F302114996605F99FEC26CE8CE5DB0A
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/PN_ef21ivDSPYYwvs-D-oQaOr8s.roa
Signing time: Sun 01 Jan 2023 21:15:03 +0000
ROA not before: Sun 01 Jan 2023 21:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60398
IP address blocks: 212.40.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:21:14:99:66:05:f9:9f:ec:26:ce:8c:e5:db:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 21:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cdfde7f6d62bc348f618c2fb3e0fea1068eafcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:c8:d7:24:c8:9c:af:7b:01:ac:91:80:86:
e0:a4:b8:dc:19:a0:10:8b:6f:93:aa:8b:b8:4c:3a:
9a:c7:21:90:be:05:a6:a5:3a:79:e1:c4:51:a5:e0:
18:3c:de:2f:c9:7f:2d:e1:55:58:78:60:f0:47:2a:
be:ca:7b:c1:ce:21:56:f6:03:00:46:81:fc:00:a5:
93:06:e4:e3:80:9d:45:b6:e6:a9:79:66:51:97:44:
17:3f:2f:d1:f6:94:26:b4:b6:9d:ee:4b:2a:cc:a6:
7d:7b:28:01:6a:00:be:6c:54:d7:a7:d8:24:bb:c8:
a6:8c:a4:f0:6e:2e:2f:71:b2:ed:92:ae:85:63:5b:
cc:80:9b:62:3c:c6:8c:2c:36:b0:39:4a:70:a2:2b:
f7:cb:78:50:9e:3f:2e:84:83:19:2a:cd:cd:83:29:
e3:3c:b9:04:25:be:ef:a7:cd:25:fb:bb:cf:ee:76:
63:0f:9e:63:06:05:60:ad:71:e0:4e:99:8b:d7:16:
eb:62:37:22:bd:b7:52:b4:fa:2f:f4:83:ea:b9:92:
85:a7:77:d1:c5:86:4a:b0:d6:50:4c:f5:c2:47:57:
51:9b:c8:3e:6a:e4:45:17:9b:6d:fc:5a:af:d3:e1:
8f:d6:75:ca:09:c8:54:b4:a6:45:83:6f:57:23:ba:
3d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DF:DE:7F:6D:62:BC:34:8F:61:8C:2F:B3:E0:FE:A1:06:8E:AF:CB
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/PN_ef21ivDSPYYwvs-D-oQaOr8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.40.140.0/24
Signature Algorithm: sha256WithRSAEncryption
34:16:5e:98:73:44:95:9a:91:58:9f:0f:16:4f:a6:33:70:e5:
08:02:94:04:aa:3f:66:42:22:f8:58:be:52:ff:8c:bf:59:3e:
be:26:d6:91:00:c8:54:ec:b7:f7:73:f5:a0:c8:dd:b4:15:06:
b7:3d:db:14:b3:71:fc:3d:49:64:61:6f:be:01:3e:28:53:13:
d3:3e:17:32:ef:a2:52:25:00:03:2b:f4:b3:b8:31:79:14:ea:
82:4a:9f:9b:d7:8b:00:5f:71:39:65:77:44:69:69:6d:c3:5a:
b7:b4:e5:4d:f9:5f:ba:3a:cc:80:ad:f8:1d:66:a2:73:b9:72:
6e:73:45:d5:61:d5:31:64:8f:55:c2:7a:ff:92:d1:40:20:7a:
b5:7c:7d:69:e3:2d:dc:59:89:9a:fd:0e:04:3b:2a:9a:04:e2:
26:72:3f:7c:a3:f5:0f:1a:82:a5:75:cf:bb:f7:20:f3:e6:f1:
06:3f:1d:10:91:3f:93:5b:41:bf:1c:30:53:c1:b4:2d:56:b7:
2b:6e:ea:4a:09:21:9d:55:14:71:8b:95:57:30:9a:30:f6:da:
86:ac:6d:f1:e3:55:9f:4c:57:e9:81:9f:64:a8:6b:b1:b5:f9:
a8:11:d7:b9:f0:6e:3c:f7:96:cd:17:84:12:df:58:04:0b:8b:
1a:cb:41:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMCEUmWYF+Z/sJs6M5dsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4
MDQ4NjAwHhcNMjMwMTAxMjExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RmZGU3ZjZkNjJiYzM0OGY2MThjMmZiM2UwZmVhMTA2OGVhZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokzI1yTInK97AayRgIbgpLjcGaAQ
i2+Tqou4TDqaxyGQvgWmpTp54cRRpeAYPN4vyX8t4VVYeGDwRyq+ynvBziFW9gMA
RoH8AKWTBuTjgJ1FtuapeWZRl0QXPy/R9pQmtLad7ksqzKZ9eygBagC+bFTXp9gk
u8imjKTwbi4vcbLtkq6FY1vMgJtiPMaMLDawOUpwoiv3y3hQnj8uhIMZKs3Ngynj
PLkEJb7vp80l+7vP7nZjD55jBgVgrXHgTpmL1xbrYjcivbdStPov9IPquZKFp3fR
xYZKsNZQTPXCR1dRm8g+auRFF5tt/Fqv0+GP1nXKCchUtKZFg29XI7o9xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzf3n9tYrw0j2GML7Pg/qEGjq/LMB8GA1UdIwQY
MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt
Y2UyMjUxODdmYzM4LzEvUE5fZWYyMWl2RFNQWVl3dnMtRC1vUWFPcjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4
LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CiMMA0G
CSqGSIb3DQEBCwUAA4IBAQA0Fl6Yc0SVmpFYnw8WT6YzcOUIApQEqj9mQiL4WL5S
/4y/WT6+JtaRAMhU7Lf3c/WgyN20FQa3PdsUs3H8PUlkYW++AT4oUxPTPhcy76JS
JQADK/SzuDF5FOqCSp+b14sAX3E5ZXdEaWltw1q3tOVN+V+6OsyArfgdZqJzuXJu
c0XVYdUxZI9Vwnr/ktFAIHq1fH1p4y3cWYma/Q4EOyqaBOImcj98o/UPGoKldc+7
9yDz5vEGPx0QkT+TW0G/HDBTwbQtVrcrbupKCSGdVRRxi5VXMJow9tqGrG3x41Wf
TFfpgZ9kqGuxtfmoEde58G4895bNF4QS31gEC4say0F0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:13 2024 by rpki-client on console-fra.rpki-client.org