Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/lpPjWj_rydkCwHug_IgVBUdZnqg.roa
File: lpPjWj_rydkCwHug_IgVBUdZnqg.roa (raw, json)
Hash identifier: XG+u6fBm5V0i/zPUHPa1b0kqZfkOXWFtDk5+6F2TOeo=
Subject key identifier: 96:93:E3:5A:3F:EB:C9:D9:02:C0:7B:A0:FC:88:15:05:47:59:9E:A8
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 0187C774511FAC1ACDA6ADAB4E95B9733485
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/lpPjWj_rydkCwHug_IgVBUdZnqg.roa
Signing time: Fri 28 Apr 2023 10:41:41 +0000
ROA not before: Fri 28 Apr 2023 10:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9076
IP address blocks: 212.104.0.0/20 maxlen: 24
212.104.1.0/24 maxlen: 24
212.104.10.0/24 maxlen: 24
212.104.14.0/24 maxlen: 24
212.104.43.0/24 maxlen: 24
212.104.40.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 14:59:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:74:51:1f:ac:1a:cd:a6:ad:ab:4e:95:b9:73:34:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Apr 28 10:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9693e35a3febc9d902c07ba0fc88150547599ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:95:da:05:a3:9c:4d:fc:b6:b6:a1:48:82:12:
72:c2:90:12:f2:0f:e4:02:cd:d7:b8:e3:aa:98:16:
39:3d:99:94:45:34:eb:4e:7b:42:51:c6:9e:66:1f:
d3:e5:e4:c6:0d:3f:10:0b:c0:0f:2f:f9:10:96:b7:
20:16:96:64:00:f3:de:be:ef:b3:18:88:9c:4e:a1:
9b:db:9a:01:9b:33:0c:75:be:ff:c5:01:ee:ec:40:
73:cf:20:c7:8d:2b:6b:9a:d4:c3:c9:24:ad:5a:3b:
ae:7e:4a:cb:25:a2:15:0f:71:57:cc:e2:ce:f8:ee:
04:89:80:5d:67:92:46:e1:4b:43:ba:c0:92:8c:5c:
b4:7c:2a:07:00:3d:dd:ca:a7:a0:d3:12:70:79:bc:
50:11:fc:d2:3a:f2:24:65:d5:d4:37:da:ac:5a:b0:
2f:1d:c0:bc:82:9a:e8:3a:ad:e7:85:a0:7a:80:c4:
1c:82:a3:71:a1:77:db:0a:5f:b6:3f:fa:ca:26:33:
a7:e8:21:b1:da:97:7c:99:4d:3c:e8:ce:83:2a:ea:
3d:24:6e:91:92:aa:b4:22:20:14:24:5e:26:bb:72:
ea:da:47:d4:c9:7f:18:a6:11:22:e4:e3:73:d7:66:
c9:fa:f6:a5:4c:10:30:f9:64:97:e1:56:c1:a8:3f:
eb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:93:E3:5A:3F:EB:C9:D9:02:C0:7B:A0:FC:88:15:05:47:59:9E:A8
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/lpPjWj_rydkCwHug_IgVBUdZnqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/20
212.104.40.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:42:04:0c:24:48:8e:23:91:31:07:47:c6:c2:a0:d7:60:3e:
7e:ef:8e:70:a5:22:8f:e5:c8:a7:3e:02:c5:b7:d2:f8:89:3b:
58:f6:05:50:7a:f1:06:09:65:75:b6:33:ff:23:38:a6:5a:be:
ba:bc:db:54:fc:0f:85:14:9d:42:89:3f:5e:1c:4d:ff:58:bd:
c2:30:2e:2f:99:78:86:d8:6b:11:aa:c1:aa:4f:ee:9a:f1:9d:
72:de:88:02:d9:8d:3f:98:63:21:7e:42:81:d5:ca:1c:5f:f3:
93:bb:dd:98:37:54:24:e5:fe:59:e7:b9:bd:7b:14:05:35:97:
c3:0d:5f:b4:6a:07:3c:92:7b:c3:cf:f6:65:02:50:df:b7:69:
3e:b2:35:6e:c4:15:5b:99:4b:90:f5:40:07:9c:37:fd:5b:12:
c3:49:8c:39:81:d0:69:0e:d8:ae:3f:81:e1:05:76:1c:e1:4e:
e9:4e:ba:e1:d3:6c:f2:f6:cc:3e:4a:9c:ce:c3:e3:25:99:b3:
ba:06:50:d3:e6:98:34:16:b6:98:e5:f1:60:7f:b2:ff:35:8c:
03:50:51:a8:12:79:c1:96:3d:a7:0a:80:c6:02:95:7f:3e:aa:
c3:e8:e2:db:85:34:bf:f9:b4:2b:f6:ec:e7:f5:52:cc:6e:4f:
ac:f4:0e:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfHdFEfrBrNpq2rTpW5czSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjMwNDI4MTA0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjkzZTM1YTNmZWJjOWQ5MDJjMDdiYTBmYzg4MTUwNTQ3NTk5ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJXaBaOcTfy2tqFIghJywpAS8g/k
As3XuOOqmBY5PZmURTTrTntCUcaeZh/T5eTGDT8QC8APL/kQlrcgFpZkAPPevu+z
GIicTqGb25oBmzMMdb7/xQHu7EBzzyDHjStrmtTDySStWjuufkrLJaIVD3FXzOLO
+O4EiYBdZ5JG4UtDusCSjFy0fCoHAD3dyqeg0xJwebxQEfzSOvIkZdXUN9qsWrAv
HcC8gproOq3nhaB6gMQcgqNxoXfbCl+2P/rKJjOn6CGx2pd8mU086M6DKuo9JG6R
kqq0IiAUJF4mu3Lq2kfUyX8YphEi5ONz12bJ+valTBAw+WSX4VbBqD/rmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJaT41o/68nZAsB7oPyIFQVHWZ6oMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvbHBQaldqX3J5ZGtDd0h1Z19JZ1ZCVWRabnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE1GgAAwQD
1GgoMA0GCSqGSIb3DQEBCwUAA4IBAQBaQgQMJEiOI5ExB0fGwqDXYD5+745wpSKP
5cinPgLFt9L4iTtY9gVQevEGCWV1tjP/IzimWr66vNtU/A+FFJ1CiT9eHE3/WL3C
MC4vmXiG2GsRqsGqT+6a8Z1y3ogC2Y0/mGMhfkKB1cocX/OTu92YN1Qk5f5Z57m9
exQFNZfDDV+0agc8knvDz/ZlAlDft2k+sjVuxBVbmUuQ9UAHnDf9WxLDSYw5gdBp
DtiuP4HhBXYc4U7pTrrh02zy9sw+SpzOw+MlmbO6BlDT5pg0FraY5fFgf7L/NYwD
UFGoEnnBlj2nCoDGApV/PqrD6OLbhTS/+bQr9uzn9VLMbk+s9A5n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:13 2024 by rpki-client on console-ams.rpki-client.org