Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/IGSgH4uXHNAl9PFuCDW_arNbwuU.roa
File: IGSgH4uXHNAl9PFuCDW_arNbwuU.roa (raw, json)
Hash identifier: opwEsMsEDBQrErECE1kyzrVbNrjBlTbNF3dQ9NV6BTY=
Subject key identifier: 20:64:A0:1F:8B:97:1C:D0:25:F4:F1:6E:08:35:BF:6A:B3:5B:C2:E5
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 018CC56EEA7E247B29A3E895E28C36712639
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/IGSgH4uXHNAl9PFuCDW_arNbwuU.roa
Signing time: Mon 01 Jan 2024 14:30:29 +0000
ROA not before: Mon 01 Jan 2024 14:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 212.104.56.0/21 maxlen: 24
212.104.2.0/23 maxlen: 24
212.104.0.0/24 maxlen: 24
212.104.16.0/20 maxlen: 24
212.104.32.0/21 maxlen: 24
212.104.48.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 11:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ea:7e:24:7b:29:a3:e8:95:e2:8c:36:71:26:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Jan 1 14:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2064a01f8b971cd025f4f16e0835bf6ab35bc2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ac:11:e9:93:af:8a:f3:c9:93:6e:00:ad:c1:
cb:69:7d:27:de:36:69:24:13:fc:37:cb:44:57:a8:
cc:09:81:00:a0:b9:d5:eb:2e:27:e9:e6:c7:87:a6:
32:46:04:a7:a0:30:24:f5:87:96:31:3f:eb:26:68:
cb:c6:03:92:b9:76:dc:1c:8e:02:23:ee:11:d6:92:
07:e3:06:76:95:d8:4a:7d:8c:ea:41:5c:fe:73:78:
ec:ce:a6:f8:e3:46:58:ec:25:17:57:b2:b5:aa:74:
44:55:aa:0c:10:8a:c4:bb:8e:42:dc:39:ef:d1:13:
54:e8:b5:3d:d4:46:bc:13:99:9c:2e:d1:03:85:ff:
63:46:04:81:be:dd:2d:cf:fe:0b:4d:03:11:c8:e0:
7b:b5:9e:59:78:18:91:aa:78:a5:2a:f2:8d:e9:0d:
db:6b:b9:50:65:78:2d:79:1c:3e:2f:af:d4:f1:f3:
18:43:4a:86:0e:45:31:4e:63:5f:36:74:c3:d1:bc:
ee:e9:f2:b3:51:b9:86:48:a6:01:2b:2e:6c:f4:7f:
5a:a4:82:4c:41:3b:3c:0d:ce:e6:cd:a3:b8:09:f8:
53:d5:2c:38:83:8d:39:a5:50:4f:72:8b:99:72:80:
4d:64:17:78:6b:a8:d8:a5:3b:e0:85:ad:a3:b6:3a:
7f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:64:A0:1F:8B:97:1C:D0:25:F4:F1:6E:08:35:BF:6A:B3:5B:C2:E5
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/IGSgH4uXHNAl9PFuCDW_arNbwuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/24
212.104.2.0/23
212.104.16.0-212.104.39.255
212.104.48.0/20
Signature Algorithm: sha256WithRSAEncryption
9f:34:c9:d7:52:71:8e:f2:48:18:63:4f:d4:56:08:73:1b:16:
1f:db:bd:22:8f:c4:e5:d2:27:63:76:ba:5d:6c:83:4e:24:38:
1c:07:07:dc:40:09:32:ea:48:ed:ff:8f:ff:85:2d:58:4d:e9:
e2:bd:c4:6d:2c:88:30:3c:fa:d2:2b:28:67:03:16:8a:ce:62:
0f:58:c1:66:60:1f:f2:25:68:19:12:09:d7:b5:29:a6:ba:4c:
21:4c:d2:20:08:9a:5b:ca:31:7d:1b:0a:92:8b:31:ac:82:af:
e7:ce:23:45:44:f7:94:e4:44:de:26:a2:6a:55:74:77:1a:40:
58:18:bb:ff:2b:61:3b:c1:cf:60:ed:4d:95:64:06:0a:0b:fd:
39:0c:c3:84:5b:47:b5:e5:45:6e:2b:3b:be:fa:92:4d:33:89:
48:ef:97:01:3e:e6:20:2a:c6:d5:11:1e:a3:82:c1:c6:a9:63:
bf:5a:66:96:eb:44:53:6a:9e:81:e8:78:44:eb:0d:d5:15:64:
40:01:f5:8f:28:ed:1c:bd:ee:b3:88:c8:c9:ad:96:ab:b1:b6:
37:01:1c:da:fa:35:a7:d6:b7:52:2f:3d:6e:c7:0c:2d:e8:0b:
81:3c:b6:64:20:bc:b5:f8:04:b1:f3:15:84:99:ab:93:60:a2:
d9:19:4b:fc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFbup+JHspo+iV4ow2cSY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjQwMTAxMTQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY0YTAxZjhiOTcxY2QwMjVmNGYxNmUwODM1YmY2YWIzNWJjMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqwR6ZOvivPJk24ArcHLaX0n3jZp
JBP8N8tEV6jMCYEAoLnV6y4n6ebHh6YyRgSnoDAk9YeWMT/rJmjLxgOSuXbcHI4C
I+4R1pIH4wZ2ldhKfYzqQVz+c3jszqb440ZY7CUXV7K1qnREVaoMEIrEu45C3Dnv
0RNU6LU91Ea8E5mcLtEDhf9jRgSBvt0tz/4LTQMRyOB7tZ5ZeBiRqnilKvKN6Q3b
a7lQZXgteRw+L6/U8fMYQ0qGDkUxTmNfNnTD0bzu6fKzUbmGSKYBKy5s9H9apIJM
QTs8Dc7mzaO4CfhT1Sw4g405pVBPcouZcoBNZBd4a6jYpTvgha2jtjp/awIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCBkoB+LlxzQJfTxbgg1v2qzW8LlMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvSUdTZ0g0dVhITkFsOVBGdUNEV19hck5id3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1GgAAwQB
1GgCMAwDBATUaBADBAPUaCADBATUaDAwDQYJKoZIhvcNAQELBQADggEBAJ80yddS
cY7ySBhjT9RWCHMbFh/bvSKPxOXSJ2N2ul1sg04kOBwHB9xACTLqSO3/j/+FLVhN
6eK9xG0siDA8+tIrKGcDForOYg9YwWZgH/IlaBkSCde1Kaa6TCFM0iAImlvKMX0b
CpKLMayCr+fOI0VE95TkRN4mompVdHcaQFgYu/8rYTvBz2DtTZVkBgoL/TkMw4Rb
R7XlRW4rO776kk0ziUjvlwE+5iAqxtURHqOCwcapY79aZpbrRFNqnoHoeETrDdUV
ZEAB9Y8o7Ry97rOIyMmtlquxtjcBHNr6NafWt1IvPW7HDC3oC4E8tmQgvLX4BLHz
FYSZq5NgotkZS/w=
-----END CERTIFICATE-----
Generated at Tue Jan 9 13:52:14 2024 by rpki-client on console-ams.rpki-client.org