Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/LDrsjyuF7h27ZQEavj30ieRd8mM.roa
File: LDrsjyuF7h27ZQEavj30ieRd8mM.roa (raw, json)
Hash identifier: m5acmWu+phbhsoR2jdabhipe/dwCoIq+JZ/rL32sXF4=
Subject key identifier: 2C:3A:EC:8F:2B:85:EE:1D:BB:65:01:1A:BE:3D:F4:89:E4:5D:F2:63
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01857039ADDB719D933AF84768CBE199A5C0
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/LDrsjyuF7h27ZQEavj30ieRd8mM.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212582
IP address blocks: 213.21.239.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ad:db:71:9d:93:3a:f8:47:68:cb:e1:99:a5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c3aec8f2b85ee1dbb65011abe3df489e45df263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6a:4e:13:e9:28:23:a6:2f:14:73:cb:3d:94:
40:f6:80:ba:c6:02:f5:68:bc:1f:e6:9b:89:cb:ec:
96:37:0a:9f:a2:18:66:94:c9:ee:7a:e0:ea:46:13:
f5:da:76:76:f0:c9:05:01:23:9f:26:04:49:cb:56:
42:81:b2:29:07:fb:ba:75:36:da:02:c4:28:95:ed:
b2:65:75:d8:ff:22:ce:f9:9a:fa:0a:07:a7:66:f0:
8b:d8:68:f9:19:35:21:56:3c:d4:51:91:b1:f0:95:
ca:d2:d9:5e:70:6e:5d:61:c6:44:d3:7d:9f:35:66:
09:80:f0:39:29:6a:e1:cb:1e:93:8c:2c:8a:55:06:
0d:a2:2d:cb:eb:18:7e:aa:d4:a6:4c:f7:03:7e:53:
9b:9d:fa:63:d6:29:a2:0f:77:a6:64:24:32:c5:03:
9e:3d:ed:cd:55:6d:8c:6a:d4:8d:7b:ca:1b:54:a1:
c3:c8:ef:08:70:07:7a:0e:e9:0f:a5:b3:49:77:03:
1b:f1:23:4f:71:ad:a8:a7:15:f2:04:bd:4d:38:b1:
ee:73:6c:95:d7:ea:ba:81:3d:bb:ab:24:c5:d4:b6:
d8:75:bc:01:ef:01:8e:f6:0f:c3:33:b1:f0:80:f7:
d4:48:6d:66:bc:c8:6a:2c:c2:b3:3e:36:3d:53:4c:
db:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3A:EC:8F:2B:85:EE:1D:BB:65:01:1A:BE:3D:F4:89:E4:5D:F2:63
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/LDrsjyuF7h27ZQEavj30ieRd8mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.239.0/24
Signature Algorithm: sha256WithRSAEncryption
77:c6:01:94:e4:50:bd:48:a0:c9:77:5c:0c:36:95:dd:a7:b9:
09:66:ec:d7:c4:aa:44:7b:d8:18:8a:9f:1c:0c:48:4d:84:eb:
d8:4f:20:dc:6d:bc:6b:f8:c9:13:3c:c5:84:b5:fb:e6:a2:db:
b9:7a:2a:a1:c3:47:bc:c5:a6:60:2c:44:11:f1:e0:18:ac:00:
1a:ab:f4:ca:9b:e2:2c:6d:5e:10:27:9c:7a:32:00:f3:dc:af:
f3:cb:2e:e3:ce:bd:e8:36:33:a0:9d:66:da:c1:d3:54:7c:4d:
e2:e2:10:a8:85:2d:09:a2:1b:ef:68:44:e8:59:6b:b4:b0:44:
dc:52:15:f2:20:c3:88:26:d5:a1:3d:02:0d:8b:d4:46:27:ac:
ca:6f:87:1f:73:d0:cd:4f:c8:ed:aa:4d:f7:22:f9:fe:e6:f4:
a9:84:dd:23:85:89:87:d5:86:7e:53:3b:63:61:36:4f:6f:2a:
e4:18:0d:32:92:be:89:2f:88:a1:78:01:bc:41:06:70:94:b7:
3c:81:ee:e8:cf:c4:17:2f:80:a6:28:ab:66:0f:10:7b:c1:ce:
40:5a:be:1e:e3:d0:39:ed:b9:49:87:90:3e:d9:c6:3f:24:a4:
59:8e:b7:e1:82:99:b0:29:99:8f:16:60:de:18:34:ad:70:a7:
ec:c1:3e:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOa3bcZ2TOvhHaMvhmaXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNhZWM4ZjJiODVlZTFkYmI2NTAxMWFiZTNkZjQ4OWU0NWRmMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWpOE+koI6YvFHPLPZRA9oC6xgL1
aLwf5puJy+yWNwqfohhmlMnueuDqRhP12nZ28MkFASOfJgRJy1ZCgbIpB/u6dTba
AsQole2yZXXY/yLO+Zr6CgenZvCL2Gj5GTUhVjzUUZGx8JXK0tlecG5dYcZE032f
NWYJgPA5KWrhyx6TjCyKVQYNoi3L6xh+qtSmTPcDflObnfpj1imiD3emZCQyxQOe
Pe3NVW2MatSNe8obVKHDyO8IcAd6DukPpbNJdwMb8SNPca2opxXyBL1NOLHuc2yV
1+q6gT27qyTF1LbYdbwB7wGO9g/DM7HwgPfUSG1mvMhqLMKzPjY9U0zbNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCw67I8rhe4du2UBGr499InkXfJjMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvTERyc2p5dUY3aDI3WlFFYXZqMzBpZVJkOG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXvMA0G
CSqGSIb3DQEBCwUAA4IBAQB3xgGU5FC9SKDJd1wMNpXdp7kJZuzXxKpEe9gYip8c
DEhNhOvYTyDcbbxr+MkTPMWEtfvmotu5eiqhw0e8xaZgLEQR8eAYrAAaq/TKm+Is
bV4QJ5x6MgDz3K/zyy7jzr3oNjOgnWbawdNUfE3i4hCohS0JohvvaEToWWu0sETc
UhXyIMOIJtWhPQINi9RGJ6zKb4cfc9DNT8jtqk33Ivn+5vSphN0jhYmH1YZ+Uztj
YTZPbyrkGA0ykr6JL4iheAG8QQZwlLc8ge7oz8QXL4CmKKtmDxB7wc5AWr4e49A5
7blJh5A+2cY/JKRZjrfhgpmwKZmPFmDeGDStcKfswT7Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:20 2023 by rpki-client on console-fra.rpki-client.org