Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/cg0D3-J6gUwLjvzqWhPnyR0quM0.roa
File: cg0D3-J6gUwLjvzqWhPnyR0quM0.roa (raw, json)
Hash identifier: EUXwRX4PJtOulBzu2QFnzNwO6x4UO85cESj72xLOXOo=
Subject key identifier: 72:0D:03:DF:E2:7A:81:4C:0B:8E:FC:EA:5A:13:E7:C9:1D:2A:B8:CD
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 01906A2884ADAAA9AF62F17794FA9D599F41
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/cg0D3-J6gUwLjvzqWhPnyR0quM0.roa
Signing time: Sun 30 Jun 2024 17:19:18 +0000
ROA not before: Sun 30 Jun 2024 17:19:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 212.81.45.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 21:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6a:28:84:ad:aa:a9:af:62:f1:77:94:fa:9d:59:9f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jun 30 17:19:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=720d03dfe27a814c0b8efcea5a13e7c91d2ab8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:f5:93:16:7d:d9:3a:3e:e5:56:e5:21:0e:
46:ba:cd:f6:f6:6c:7d:32:4e:fc:51:d8:67:8d:9c:
7e:f3:c0:5c:ad:c0:11:e5:f0:e7:48:dc:3a:98:d1:
d7:5b:74:a1:da:bf:b0:74:b3:6d:86:3a:d2:fb:10:
0d:6a:f3:6f:88:9f:20:42:82:b5:ca:8f:d5:87:02:
2d:c3:51:5a:4f:26:a1:a3:1f:2c:1a:6e:78:fa:90:
ad:b6:3a:71:f4:55:c8:44:2f:34:56:1c:46:00:8c:
e8:18:51:52:ad:6c:c0:c8:2e:1b:6e:93:a0:40:9e:
dc:45:43:eb:36:5c:92:ad:ab:89:9f:da:c7:eb:d7:
11:65:63:db:03:97:bc:a5:56:5b:d4:96:38:5f:d0:
e0:13:ed:51:3c:0c:46:da:dc:ba:9a:4b:8e:5c:dd:
95:fa:c7:cc:7f:33:41:07:10:f3:5a:bb:a5:14:32:
39:b1:89:4e:fe:24:e7:dc:24:30:7d:80:e3:7d:a2:
7e:03:71:5d:a8:86:ed:f2:3b:39:23:ae:43:44:82:
d9:f1:7f:bd:43:9f:58:8d:82:0d:69:1f:95:94:29:
2e:1a:40:64:44:8c:77:d9:b1:d8:0c:68:be:48:8c:
b7:c4:ff:d4:6a:2d:63:71:94:c2:6e:3f:ec:05:61:
6c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0D:03:DF:E2:7A:81:4C:0B:8E:FC:EA:5A:13:E7:C9:1D:2A:B8:CD
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/cg0D3-J6gUwLjvzqWhPnyR0quM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.81.45.0/24
212.81.47.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d8:0b:a7:fa:36:98:53:bb:09:a1:2f:e6:44:aa:5e:9e:12:
fe:ef:54:d9:f6:7b:d4:ed:fe:3b:84:76:9e:a3:2d:11:78:1c:
47:79:61:94:db:6c:1c:b3:68:4c:36:bb:66:c7:97:95:0b:01:
aa:1a:f7:53:2d:78:55:57:09:bd:74:97:f7:81:d4:f1:fb:14:
a3:6a:fa:3c:be:ca:48:b4:40:95:58:a0:7c:d6:07:f1:1c:b6:
42:46:20:43:f1:4d:fd:ca:1d:ae:e9:a3:4d:9f:bc:99:b0:31:
05:13:5c:90:7f:63:e8:21:b2:fa:06:aa:c1:12:db:35:14:0e:
1d:37:e0:83:a1:30:f9:fa:93:d1:b3:9c:26:4e:9e:27:4e:1f:
94:68:3e:9a:a8:aa:9f:a5:8a:7e:39:aa:16:88:8d:5b:f1:69:
8b:48:fb:e6:48:78:07:8a:5c:16:53:2f:ec:9a:d6:98:e0:82:
89:04:02:58:f8:ed:d9:89:dd:0a:f1:a1:c1:56:1b:60:e8:e7:
8d:27:f1:f2:bd:f2:b9:9c:4b:58:51:80:75:5a:24:ee:36:73:
c8:e8:be:05:e0:52:1a:c8:b9:18:64:1d:67:5e:39:c7:b1:2c:
b8:b3:66:a3:9c:ff:c8:c9:a8:f5:cd:74:1c:0e:a2:a4:31:6f:
fb:e4:df:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBqKIStqqmvYvF3lPqdWZ9BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwNjMwMTcxOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBkMDNkZmUyN2E4MTRjMGI4ZWZjZWE1YTEzZTdjOTFkMmFiOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzD1kxZ92To+5VblIQ5Gus329mx9
Mk78UdhnjZx+88BcrcAR5fDnSNw6mNHXW3Sh2r+wdLNthjrS+xANavNviJ8gQoK1
yo/VhwItw1FaTyahox8sGm54+pCttjpx9FXIRC80VhxGAIzoGFFSrWzAyC4bbpOg
QJ7cRUPrNlySrauJn9rH69cRZWPbA5e8pVZb1JY4X9DgE+1RPAxG2ty6mkuOXN2V
+sfMfzNBBxDzWrulFDI5sYlO/iTn3CQwfYDjfaJ+A3FdqIbt8js5I65DRILZ8X+9
Q59YjYINaR+VlCkuGkBkRIx32bHYDGi+SIy3xP/Uai1jcZTCbj/sBWFsiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHINA9/ieoFMC4786loT58kdKrjNMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvY2cwRDMtSjZnVXdManZ6cVdoUG55UjBxdU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1FEtAwQA
1FEvMA0GCSqGSIb3DQEBCwUAA4IBAQBD2Aun+jaYU7sJoS/mRKpenhL+71TZ9nvU
7f47hHaeoy0ReBxHeWGU22wcs2hMNrtmx5eVCwGqGvdTLXhVVwm9dJf3gdTx+xSj
avo8vspItECVWKB81gfxHLZCRiBD8U39yh2u6aNNn7yZsDEFE1yQf2PoIbL6BqrB
Ets1FA4dN+CDoTD5+pPRs5wmTp4nTh+UaD6aqKqfpYp+OaoWiI1b8WmLSPvmSHgH
ilwWUy/smtaY4IKJBAJY+O3Zid0K8aHBVhtg6OeNJ/HyvfK5nEtYUYB1WiTuNnPI
6L4F4FIayLkYZB1nXjnHsSy4s2ajnP/Iyaj1zXQcDqKkMW/75N9V
-----END CERTIFICATE-----
Generated at Mon Aug 5 23:00:12 2024 by rpki-client on console-fra.rpki-client.org