Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/bdXyiDZfbT7KyPaEmd1S5F9gGmg.roa
File: bdXyiDZfbT7KyPaEmd1S5F9gGmg.roa (raw, json)
Hash identifier: mEXdP6xBwYeSQyeOjbbqNqw93n9UTFi8bC3OXd/94fQ=
Subject key identifier: 6D:D5:F2:88:36:5F:6D:3E:CA:C8:F6:84:99:DD:52:E4:5F:60:1A:68
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 0190CAF39404E39BAC9E7311C2698378BEAA
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/bdXyiDZfbT7KyPaEmd1S5F9gGmg.roa
Signing time: Fri 19 Jul 2024 12:24:39 +0000
ROA not before: Fri 19 Jul 2024 12:24:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214499
IP address blocks: 212.232.20.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 23 Jul 2024 05:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ca:f3:94:04:e3:9b:ac:9e:73:11:c2:69:83:78:be:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Jul 19 12:24:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dd5f288365f6d3ecac8f68499dd52e45f601a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:03:dc:cd:15:bd:bd:f6:70:82:ae:5a:b1:2a:
52:c6:a3:42:2d:9c:e8:d0:72:ae:64:6c:c7:3b:bb:
5f:4e:b0:d6:60:49:30:25:bf:b1:97:5d:c8:b8:74:
ce:4d:dc:e9:4c:79:b3:ea:a0:0a:e1:0b:3d:af:8f:
77:da:89:c4:43:03:91:79:c5:af:bc:52:43:63:cd:
2b:39:b4:14:92:29:32:90:8b:02:20:6b:2e:27:bd:
6a:30:22:c5:c3:72:54:d0:41:41:4d:d0:8d:da:c5:
43:02:0a:d2:df:78:81:5b:e2:5d:a0:df:21:fb:63:
7e:75:25:8c:0b:f3:89:9c:58:b2:bc:01:2d:d9:35:
77:e5:b8:3a:be:eb:4d:18:1c:d6:c1:96:ca:4e:02:
38:b6:09:5b:51:f2:c5:69:a4:2a:95:de:06:99:d5:
c7:a9:06:4c:4f:82:ae:d6:df:a7:be:1d:c6:8d:65:
53:f0:5f:00:cb:6e:aa:03:46:ad:1e:a1:9f:2e:f0:
2c:2a:db:7c:81:d5:d3:d5:f1:a8:2d:40:22:8a:60:
19:11:c3:f0:f9:16:e7:83:2b:a1:6a:da:5a:ea:21:
68:be:82:34:3b:e8:2b:c6:cb:b7:04:27:65:28:ab:
95:c3:44:b8:b3:e2:89:f5:04:38:ad:51:ed:54:4b:
d3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D5:F2:88:36:5F:6D:3E:CA:C8:F6:84:99:DD:52:E4:5F:60:1A:68
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/bdXyiDZfbT7KyPaEmd1S5F9gGmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.232.20.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:04:a8:3e:b5:b4:f5:59:27:3a:f3:8e:a5:4c:4a:20:a2:e4:
03:7c:69:67:ac:8b:81:49:38:ff:6f:d2:32:5d:bf:e4:d4:33:
55:f8:49:47:01:b9:be:af:b8:30:7f:a1:53:eb:6c:c9:3c:e8:
55:d9:0d:a6:d0:c4:da:c1:0f:30:b3:a8:7e:f3:e5:e8:3b:29:
93:7f:08:bb:c0:a7:a2:94:27:58:43:12:92:7a:45:e4:4f:cb:
ec:53:99:b9:c3:4f:78:11:09:fe:88:03:c4:e9:ee:0c:ee:3e:
b9:39:b9:37:d3:44:f4:79:99:08:3a:99:e1:bd:67:8c:e7:01:
05:2b:db:81:bd:46:40:96:70:7c:f4:a3:6d:df:ca:a1:30:b0:
3d:c5:c9:eb:ab:79:00:91:dd:b4:29:e8:8b:d2:f4:82:43:c6:
04:2f:17:7f:3a:4f:62:22:ee:4b:d5:e8:f6:d7:45:98:b1:da:
95:51:dd:86:dd:52:16:86:e2:d3:7c:16:9f:98:c7:7b:ad:34:
c1:3d:40:46:b4:b8:e4:94:31:dd:89:95:5d:a2:ca:c3:c5:e3:
99:29:3a:1d:c4:26:f2:e0:0b:13:29:46:f6:dc:9b:a5:fb:10:
7e:b9:46:f1:fc:09:d1:64:f0:76:da:c4:3a:72:7e:9e:80:5b:
d2:e0:ef:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDK85QE45usnnMRwmmDeL6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjQwNzE5MTIyNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ1ZjI4ODM2NWY2ZDNlY2FjOGY2ODQ5OWRkNTJlNDVmNjAxYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgPczRW9vfZwgq5asSpSxqNCLZzo
0HKuZGzHO7tfTrDWYEkwJb+xl13IuHTOTdzpTHmz6qAK4Qs9r4932onEQwORecWv
vFJDY80rObQUkikykIsCIGsuJ71qMCLFw3JU0EFBTdCN2sVDAgrS33iBW+JdoN8h
+2N+dSWMC/OJnFiyvAEt2TV35bg6vutNGBzWwZbKTgI4tglbUfLFaaQqld4GmdXH
qQZMT4Ku1t+nvh3GjWVT8F8Ay26qA0atHqGfLvAsKtt8gdXT1fGoLUAiimAZEcPw
+Rbngyuhatpa6iFovoI0O+grxsu3BCdlKKuVw0S4s+KJ9QQ4rVHtVEvTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3V8og2X20+ysj2hJndUuRfYBpoMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvYmRYeWlEWmZiVDdLeVBhRW1kMVM1RjlnR21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1OgUMA0G
CSqGSIb3DQEBCwUAA4IBAQChBKg+tbT1WSc6846lTEogouQDfGlnrIuBSTj/b9Iy
Xb/k1DNV+ElHAbm+r7gwf6FT62zJPOhV2Q2m0MTawQ8ws6h+8+XoOymTfwi7wKei
lCdYQxKSekXkT8vsU5m5w094EQn+iAPE6e4M7j65Obk300T0eZkIOpnhvWeM5wEF
K9uBvUZAlnB89KNt38qhMLA9xcnrq3kAkd20KeiL0vSCQ8YELxd/Ok9iIu5L1ej2
10WYsdqVUd2G3VIWhuLTfBafmMd7rTTBPUBGtLjklDHdiZVdosrDxeOZKTodxCby
4AsTKUb23Jul+xB+uUbx/AnRZPB22sQ6cn6egFvS4O8Z
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:11:55 2025 by rpki-client