Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/71tG4-WfOKXA0axTJ5OsBUmaFk0.roa
File: 71tG4-WfOKXA0axTJ5OsBUmaFk0.roa (raw, json)
Hash identifier: 2O2d1/zEkpT8DSti+YqcEanqXZ6qoUW13ehrEoU5WJo=
Subject key identifier: EF:5B:46:E3:E5:9F:38:A5:C0:D1:AC:53:27:93:AC:05:49:9A:16:4D
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 018CEDE646E90780DA65B7F1014DE6314386
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/71tG4-WfOKXA0axTJ5OsBUmaFk0.roa
Signing time: Tue 09 Jan 2024 11:05:40 +0000
ROA not before: Tue 09 Jan 2024 11:05:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 212.104.56.0/21 maxlen: 24
212.104.2.0/23 maxlen: 24
212.104.4.0/22 maxlen: 24
212.104.0.0/24 maxlen: 24
212.104.16.0/20 maxlen: 24
212.104.32.0/21 maxlen: 24
212.104.48.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 14:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:e6:46:e9:07:80:da:65:b7:f1:01:4d:e6:31:43:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Jan 9 11:05:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef5b46e3e59f38a5c0d1ac532793ac05499a164d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f0:29:66:de:d6:97:ff:3f:15:1a:93:d1:eb:
a6:18:08:a0:ba:2a:11:cf:2e:f4:c0:b6:79:e5:62:
4c:da:5b:44:af:e7:86:7d:39:a2:9c:d9:8d:a2:9c:
d7:e4:77:87:2c:c3:e1:4e:a3:f0:ac:35:ff:ab:5d:
a2:af:47:20:2e:fa:d3:25:05:b4:90:85:fd:c1:ce:
d2:e3:f1:51:4e:5d:4d:08:84:26:63:18:07:a3:43:
0b:02:6e:fb:b3:18:12:54:6a:40:87:cc:df:94:e8:
94:dc:92:e7:68:dc:4c:f0:42:47:41:35:ac:9d:ea:
63:0d:20:42:7e:6a:dc:e7:60:97:0f:f1:55:93:db:
e6:71:6a:6e:1d:f1:d3:6b:3f:5d:6c:ac:f0:1b:40:
63:51:47:7b:e1:c9:89:b8:19:60:a2:88:08:2e:b5:
b2:ce:7e:29:71:19:cc:20:75:9f:eb:e2:b2:94:13:
1e:8a:0f:0d:34:b3:cd:93:a9:16:db:dc:81:9d:ed:
1e:34:7a:45:db:ad:32:15:4c:86:5a:4f:fe:e9:9a:
29:8e:ab:b4:d0:53:8b:4c:f2:c8:a5:15:46:4f:1f:
aa:19:c9:72:a1:e4:93:4f:ac:66:21:06:82:c4:5f:
5f:85:16:f2:3c:6a:da:cc:65:3f:ee:63:66:50:b5:
4f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5B:46:E3:E5:9F:38:A5:C0:D1:AC:53:27:93:AC:05:49:9A:16:4D
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/71tG4-WfOKXA0axTJ5OsBUmaFk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/24
212.104.2.0-212.104.7.255
212.104.16.0-212.104.39.255
212.104.48.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:9d:ae:cd:8d:ed:0d:60:68:43:73:40:a9:db:d4:29:af:55:
c4:41:8c:72:e7:b5:cf:67:99:08:50:6d:92:0e:26:d7:c4:aa:
2b:16:dd:a9:13:b3:4a:6d:5e:22:6f:fb:b8:8c:16:63:78:f0:
71:07:d8:3a:3a:cd:c7:c4:0c:59:33:6d:5b:2e:09:e5:60:45:
04:08:8c:99:c7:1d:53:3e:e6:b0:be:ad:78:10:c3:73:9f:8d:
fa:c3:7c:99:84:b3:c1:a5:a3:13:28:4e:d4:99:f7:ba:e2:09:
09:3a:22:bf:94:53:3b:3a:8c:61:c2:54:24:d5:a1:b6:78:ab:
31:f0:5d:37:fb:51:9a:ef:f7:7d:c4:04:d5:ba:88:24:cc:ff:
e2:c4:da:a1:f0:c3:1a:16:d9:c1:93:0f:a9:2f:8b:fd:94:6d:
5e:94:44:26:1b:31:eb:92:89:ae:94:e6:45:e0:36:65:b2:22:
3a:ea:b0:43:03:48:83:44:9f:32:64:3f:97:5a:c3:29:a3:bf:
86:35:8a:3d:b6:52:e8:c4:02:60:73:42:12:8b:e4:17:0c:3a:
43:06:b1:f9:42:8b:2d:a0:8a:0c:5f:4b:ac:73:06:ad:a6:0a:
45:00:bf:91:ab:3c:e4:8c:f1:c3:a4:22:0b:1e:61:39:ae:ec:
76:7d:da:bb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzt5kbpB4DaZbfxAU3mMUOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjQwMTA5MTEwNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjViNDZlM2U1OWYzOGE1YzBkMWFjNTMyNzkzYWMwNTQ5OWExNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/ApZt7Wl/8/FRqT0eumGAiguioR
zy70wLZ55WJM2ltEr+eGfTminNmNopzX5HeHLMPhTqPwrDX/q12ir0cgLvrTJQW0
kIX9wc7S4/FRTl1NCIQmYxgHo0MLAm77sxgSVGpAh8zflOiU3JLnaNxM8EJHQTWs
nepjDSBCfmrc52CXD/FVk9vmcWpuHfHTaz9dbKzwG0BjUUd74cmJuBlgoogILrWy
zn4pcRnMIHWf6+KylBMeig8NNLPNk6kW29yBne0eNHpF260yFUyGWk/+6Zopjqu0
0FOLTPLIpRVGTx+qGclyoeSTT6xmIQaCxF9fhRbyPGrazGU/7mNmULVPTwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFO9bRuPlnzilwNGsUyeTrAVJmhZNMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvNzF0RzQtV2ZPS1hBMGF4VEo1T3NCVW1hRmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQA1GgAMAwD
BAHUaAIDBAPUaAAwDAMEBNRoEAMEA9RoIAMEBNRoMDANBgkqhkiG9w0BAQsFAAOC
AQEATZ2uzY3tDWBoQ3NAqdvUKa9VxEGMcue1z2eZCFBtkg4m18SqKxbdqROzSm1e
Im/7uIwWY3jwcQfYOjrNx8QMWTNtWy4J5WBFBAiMmccdUz7msL6teBDDc5+N+sN8
mYSzwaWjEyhO1Jn3uuIJCToiv5RTOzqMYcJUJNWhtnirMfBdN/tRmu/3fcQE1bqI
JMz/4sTaofDDGhbZwZMPqS+L/ZRtXpREJhsx65KJrpTmReA2ZbIiOuqwQwNIg0Sf
MmQ/l1rDKaO/hjWKPbZS6MQCYHNCEovkFww6Qwax+UKLLaCKDF9LrHMGraYKRQC/
kas85Izxw6QiCx5hOa7sdn3auw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:13 2025 by rpki-client