Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/KE00P2pIo1G7lqH_u7lxoAPduJA.roa
File: KE00P2pIo1G7lqH_u7lxoAPduJA.roa (raw, json)
Hash identifier: +ou7y3n5rt1T3zzG7p9sJOk0PK2EY6NrxWXy+jp0+MQ=
Subject key identifier: 28:4D:34:3F:6A:48:A3:51:BB:96:A1:FF:BB:B9:71:A0:03:DD:B8:90
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 018D5FF964EB58B5B08C825F5366D241C1D1
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/KE00P2pIo1G7lqH_u7lxoAPduJA.roa
Signing time: Wed 31 Jan 2024 14:43:16 +0000
ROA not before: Wed 31 Jan 2024 14:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28716
IP address blocks: 212.104.0.0/24 maxlen: 24
212.104.2.0/23 maxlen: 24
212.104.4.0/22 maxlen: 24
212.104.8.0/23 maxlen: 24
212.104.16.0/20 maxlen: 24
212.104.32.0/21 maxlen: 24
212.104.48.0/21 maxlen: 24
212.104.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 10:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:f9:64:eb:58:b5:b0:8c:82:5f:53:66:d2:41:c1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Jan 31 14:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=284d343f6a48a351bb96a1ffbbb971a003ddb890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d0:da:13:4a:63:11:59:45:73:ff:04:6f:49:
42:96:99:d1:fb:f6:8d:a5:81:5d:72:54:83:78:08:
c4:af:64:88:b8:80:0d:95:4e:5a:25:c0:67:4c:28:
6a:5e:96:ea:43:e3:d9:86:42:41:7e:b1:56:62:32:
d6:0a:3d:97:52:e3:7f:42:16:e0:27:09:03:53:83:
a1:f3:6c:67:6b:06:f0:37:a9:b7:b4:7e:1e:8c:a4:
c6:f1:4f:ce:0b:c5:b9:df:46:5f:7e:a6:ad:e5:db:
64:f7:00:b5:59:64:f2:be:36:c7:c8:d2:43:24:4f:
88:04:0b:8a:84:02:c5:48:49:54:4e:c4:94:31:0f:
6c:10:25:2a:bc:57:79:07:c7:90:37:85:bb:bd:69:
3d:59:c1:36:a2:80:ca:f1:f0:47:c3:70:b0:2e:c4:
40:49:29:b2:a7:61:1d:d2:31:6c:2b:ba:19:63:c2:
73:8b:37:b1:f6:4e:0d:f8:a0:ab:2b:8e:43:80:ea:
87:62:22:3a:55:ec:31:00:e9:b9:31:2b:e5:a6:28:
7b:ac:55:fb:e4:10:cb:ea:39:93:be:f3:f1:0d:e6:
50:22:2d:cd:07:92:64:bf:52:8d:65:e8:0d:be:8b:
ad:bb:00:64:60:d7:5c:34:9d:ca:80:f2:6b:54:ed:
9b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4D:34:3F:6A:48:A3:51:BB:96:A1:FF:BB:B9:71:A0:03:DD:B8:90
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/KE00P2pIo1G7lqH_u7lxoAPduJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/24
212.104.2.0-212.104.9.255
212.104.16.0-212.104.39.255
212.104.48.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:e2:32:08:4b:a4:73:ab:97:7d:f7:c7:dd:48:7b:1a:30:c1:
44:e5:fc:3a:44:27:db:14:61:27:16:23:27:83:71:26:aa:42:
cc:e3:ae:7e:5f:f3:24:9f:ea:fd:15:64:38:06:46:21:60:a9:
fb:e5:d6:bd:d3:e8:ab:36:78:3d:16:ad:cf:2d:46:ce:e0:10:
ee:a3:c8:29:4c:8b:c2:64:f4:ab:e6:f9:f8:6a:61:60:f2:cb:
3e:22:73:28:47:20:6c:1f:02:f2:09:37:a6:1e:d8:96:55:a3:
79:e2:47:46:ae:84:b5:a5:46:fb:ac:9b:d1:44:c0:db:e3:9f:
cc:03:06:f2:10:68:cf:3a:78:e0:ec:d9:a2:d7:0f:11:9e:8f:
bf:b0:ee:4a:8d:f2:a3:03:39:14:9f:15:25:85:18:22:73:3d:
82:20:da:18:55:67:40:4e:87:9f:90:f7:14:36:7b:7d:7c:0a:
50:a6:da:bd:70:fe:88:b3:80:e1:90:cc:32:ff:1d:5e:d3:3a:
74:b2:e6:d7:fc:17:19:14:c1:97:76:b3:aa:3f:4a:07:2a:86:
56:0c:63:06:c9:cd:15:6d:73:f9:27:be:a3:bd:8a:a0:55:82:
b8:a9:46:f6:97:35:65:84:22:f2:92:a1:a7:38:f8:43:2f:f5:
00:ad:1d:61
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY1f+WTrWLWwjIJfU2bSQcHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjQwMTMxMTQ0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRkMzQzZjZhNDhhMzUxYmI5NmExZmZiYmI5NzFhMDAzZGRiODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttDaE0pjEVlFc/8Eb0lClpnR+/aN
pYFdclSDeAjEr2SIuIANlU5aJcBnTChqXpbqQ+PZhkJBfrFWYjLWCj2XUuN/Qhbg
JwkDU4Oh82xnawbwN6m3tH4ejKTG8U/OC8W530Zffqat5dtk9wC1WWTyvjbHyNJD
JE+IBAuKhALFSElUTsSUMQ9sECUqvFd5B8eQN4W7vWk9WcE2ooDK8fBHw3CwLsRA
SSmyp2Ed0jFsK7oZY8Jzizex9k4N+KCrK45DgOqHYiI6VewxAOm5MSvlpih7rFX7
5BDL6jmTvvPxDeZQIi3NB5Jkv1KNZegNvoutuwBkYNdcNJ3KgPJrVO2b2QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFChNND9qSKNRu5ah/7u5caAD3biQMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvS0UwMFAycElvMUc3bHFIX3U3bHhvQVBkdUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQA1GgAMAwD
BAHUaAIDBAHUaAgwDAMEBNRoEAMEA9RoIAMEBNRoMDANBgkqhkiG9w0BAQsFAAOC
AQEAjeIyCEukc6uXfffH3Uh7GjDBROX8OkQn2xRhJxYjJ4NxJqpCzOOufl/zJJ/q
/RVkOAZGIWCp++XWvdPoqzZ4PRatzy1GzuAQ7qPIKUyLwmT0q+b5+GphYPLLPiJz
KEcgbB8C8gk3ph7YllWjeeJHRq6EtaVG+6yb0UTA2+OfzAMG8hBozzp44OzZotcP
EZ6Pv7DuSo3yowM5FJ8VJYUYInM9giDaGFVnQE6Hn5D3FDZ7fXwKUKbavXD+iLOA
4ZDMMv8dXtM6dLLm1/wXGRTBl3azqj9KByqGVgxjBsnNFW1z+Se+o72KoFWCuKlG
9pc1ZYQi8pKhpzj4Qy/1AK0dYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:13 2024 by rpki-client on console-ams.rpki-client.org