Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/eZq8KiUq_tXm2J8TnY8vHOKpxOM.roa
File: eZq8KiUq_tXm2J8TnY8vHOKpxOM.roa (raw, json)
Hash identifier: 7HPYu8RXfJOgXCcedIo32us3VoYwsQaXMKpIJk1PCro=
Subject key identifier: 79:9A:BC:2A:25:2A:FE:D5:E6:D8:9F:13:9D:8F:2F:1C:E2:A9:C4:E3
Certificate issuer: /CN=4398b577b223b5a76351219a74fda446704890f7
Certificate serial: 0185728C9FF2FD5D5F3A07CA55EDBB3B0AF8
Authority key identifier: 43:98:B5:77:B2:23:B5:A7:63:51:21:9A:74:FD:A4:46:70:48:90:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5i1d7IjtadjUSGadP2kRnBIkPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/eZq8KiUq_tXm2J8TnY8vHOKpxOM.roa
Signing time: Mon 02 Jan 2023 12:54:56 +0000
ROA not before: Mon 02 Jan 2023 12:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212323
IP address blocks: 185.209.12.0/24 maxlen: 24
2a10:d200::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:9f:f2:fd:5d:5f:3a:07:ca:55:ed:bb:3b:0a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4398b577b223b5a76351219a74fda446704890f7
Validity
Not Before: Jan 2 12:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=799abc2a252afed5e6d89f139d8f2f1ce2a9c4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e0:8c:62:1b:98:61:99:70:5e:8e:7b:ee:88:
f1:b7:9b:3e:5a:e2:77:56:04:97:c5:e0:8e:b6:21:
77:1a:10:43:97:54:89:5d:99:65:22:6e:e4:86:eb:
5a:09:05:5a:ba:34:dc:c9:28:c5:fc:ac:70:da:bb:
46:d9:70:cf:61:e0:35:7a:bd:e2:0c:a7:98:d4:bc:
5e:03:01:32:ac:48:2e:d9:63:7c:f3:72:29:df:60:
ba:b2:82:f9:5d:d6:f5:29:ac:13:59:cf:13:fe:d7:
88:7c:04:99:af:61:a9:14:58:08:cf:99:2c:ef:f0:
e2:d3:1a:67:ac:b7:1c:fe:12:df:71:7d:e1:09:d6:
1e:46:95:69:85:42:a4:42:cb:ca:53:8e:59:b4:e5:
91:94:7d:b5:58:b8:af:32:50:f4:ce:f9:b5:2d:57:
ed:de:f1:d3:91:14:33:72:2c:e9:80:a5:ed:08:25:
c6:3f:c8:03:70:9a:43:7b:dd:18:50:c3:e0:72:97:
e5:81:d8:ab:b4:dd:92:92:26:26:22:00:42:12:d7:
34:26:d7:3e:62:a8:59:24:9b:b1:7a:5a:db:a2:07:
80:08:c4:fd:76:25:97:64:ad:62:0c:2d:c8:f7:3b:
7f:a1:48:64:f4:ae:38:4a:03:ea:00:b3:a2:7d:cc:
8e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:9A:BC:2A:25:2A:FE:D5:E6:D8:9F:13:9D:8F:2F:1C:E2:A9:C4:E3
X509v3 Authority Key Identifier:
keyid:43:98:B5:77:B2:23:B5:A7:63:51:21:9A:74:FD:A4:46:70:48:90:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5i1d7IjtadjUSGadP2kRnBIkPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/eZq8KiUq_tXm2J8TnY8vHOKpxOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.12.0/24
IPv6:
2a10:d200::/29
Signature Algorithm: sha256WithRSAEncryption
2b:cb:10:af:95:09:61:38:fa:f9:8f:6e:cd:60:c3:66:ae:4e:
2e:38:24:99:2c:2d:83:b5:93:0a:31:f0:2e:b8:61:90:35:74:
28:4a:e9:e1:7d:2b:da:d1:ff:c0:7d:05:f5:cf:42:87:2a:1c:
eb:0e:3b:16:90:1d:ac:a3:49:9a:a3:a9:8b:a5:6f:a1:92:4d:
9e:f3:ad:63:18:a1:34:79:3e:91:49:8b:75:fb:7c:f9:0c:1b:
ff:a9:15:9d:b3:f0:7b:a5:f1:0c:cd:79:50:b7:64:3d:16:d1:
94:61:b4:6c:39:de:fd:6b:39:37:fb:66:43:12:26:06:52:f6:
6b:5b:bd:c0:ed:d7:9a:63:14:7c:ec:6f:da:11:68:6d:de:cd:
37:14:71:00:21:0f:8f:33:ad:5a:25:f2:42:30:0b:59:80:e0:
0a:10:05:85:68:b4:0c:b0:01:b3:00:17:12:02:c8:93:2b:79:
02:67:80:31:14:87:e8:ec:0d:a6:72:49:3f:de:99:79:50:fe:
a9:06:7e:34:4f:98:13:2d:da:f1:41:e9:2d:48:ac:30:61:8c:
43:63:ef:c1:3a:96:aa:7d:01:16:fe:86:70:48:8a:c2:c2:9c:
cc:6b:55:fe:34:58:bf:8f:66:8e:ee:55:df:ac:af:0f:d3:f8:
d0:47:66:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyjJ/y/V1fOgfKVe27Owr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOThiNTc3YjIyM2I1YTc2MzUxMjE5YTc0ZmRhNDQ2NzA0
ODkwZjcwHhcNMjMwMTAyMTI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTlhYmMyYTI1MmFmZWQ1ZTZkODlmMTM5ZDhmMmYxY2UyYTljNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+CMYhuYYZlwXo577ojxt5s+WuJ3
VgSXxeCOtiF3GhBDl1SJXZllIm7khutaCQVaujTcySjF/Kxw2rtG2XDPYeA1er3i
DKeY1LxeAwEyrEgu2WN883Ip32C6soL5Xdb1KawTWc8T/teIfASZr2GpFFgIz5ks
7/Di0xpnrLcc/hLfcX3hCdYeRpVphUKkQsvKU45ZtOWRlH21WLivMlD0zvm1LVft
3vHTkRQzcizpgKXtCCXGP8gDcJpDe90YUMPgcpflgdirtN2SkiYmIgBCEtc0Jtc+
YqhZJJuxelrbogeACMT9diWXZK1iDC3I9zt/oUhk9K44SgPqALOifcyOzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHmavColKv7V5tifE52PLxziqcTjMB8GA1UdIwQY
MBaAFEOYtXeyI7WnY1EhmnT9pEZwSJD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVpMWQ3SWp0YWRqVVNHYWRQMmtSbkJJa1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81ODI2OTUtNjFhMS00OGU3LWI2YWMt
N2JjNDUzNDBkZDI4LzEvZVpxOEtpVXFfdFhtMko4VG5ZOHZIT0tweE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81ODI2OTUtNjFhMS00OGU3LWI2YWMtN2JjNDUzNDBkZDI4
LzEvUTVpMWQ3SWp0YWRqVVNHYWRQMmtSbkJJa1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudEMMA0E
AgACMAcDBQMqENIAMA0GCSqGSIb3DQEBCwUAA4IBAQAryxCvlQlhOPr5j27NYMNm
rk4uOCSZLC2DtZMKMfAuuGGQNXQoSunhfSva0f/AfQX1z0KHKhzrDjsWkB2so0ma
o6mLpW+hkk2e861jGKE0eT6RSYt1+3z5DBv/qRWds/B7pfEMzXlQt2Q9FtGUYbRs
Od79azk3+2ZDEiYGUvZrW73A7deaYxR87G/aEWht3s03FHEAIQ+PM61aJfJCMAtZ
gOAKEAWFaLQMsAGzABcSAsiTK3kCZ4AxFIfo7A2mckk/3pl5UP6pBn40T5gTLdrx
QektSKwwYYxDY+/BOpaqfQEW/oZwSIrCwpzMa1X+NFi/j2aO7lXfrK8P0/jQR2a3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:48 2024 by rpki-client on console-ams.rpki-client.org