Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/lIG8DjdEQpjbsQ0cdo7EeHrePh0.roa
File: lIG8DjdEQpjbsQ0cdo7EeHrePh0.roa (raw, json)
Hash identifier: vLehktA7XV29jXeXBko7fz+9VM32cugrmtvhZj7qDDs=
Subject key identifier: 94:81:BC:0E:37:44:42:98:DB:B1:0D:1C:76:8E:C4:78:7A:DE:3E:1D
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 01856F94D1C9A057BAE76BB4F37A43F8E327
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/lIG8DjdEQpjbsQ0cdo7EeHrePh0.roa
Signing time: Sun 01 Jan 2023 23:05:02 +0000
ROA not before: Sun 01 Jan 2023 23:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12912
IP address blocks: 213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
212.38.192.0/19 maxlen: 19
62.29.128.0/17 maxlen: 17
212.203.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d1:c9:a0:57:ba:e7:6b:b4:f3:7a:43:f8:e3:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Jan 1 23:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9481bc0e37444298dbb10d1c768ec4787ade3e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8f:12:6c:10:1a:84:e2:04:5b:1c:98:fe:57:
7f:62:8e:68:81:69:21:d2:a6:3e:87:0d:9d:b4:01:
06:a8:5c:c7:e2:5e:1d:db:04:79:c2:4c:16:6b:e2:
e2:9e:73:4e:c9:96:6d:17:05:cb:5c:4f:35:ba:3d:
fe:d2:fe:33:5c:b6:56:83:32:e2:f0:4a:c0:6e:b7:
3f:ef:b0:26:62:98:9c:88:56:af:32:e7:80:fa:49:
58:cc:22:f9:40:72:28:ec:9e:b3:bd:82:d8:e2:f5:
09:1d:63:43:c3:d3:39:7f:86:20:2e:de:2e:ed:8a:
4e:3a:1a:12:2f:22:22:39:28:c6:3b:cb:36:fb:29:
9c:64:1d:84:d9:82:e3:84:64:92:5c:f9:44:48:f4:
c9:f8:ef:8e:5e:4e:7f:8c:fa:fa:37:f7:38:8c:e0:
ab:51:8a:a2:21:00:ce:25:71:a3:ab:26:7b:18:d0:
60:80:cd:07:5c:38:86:e7:41:ad:5d:96:89:ca:34:
a9:44:a0:a2:24:8b:33:02:8b:52:20:6b:2c:bd:7f:
43:35:d1:90:d1:0a:86:70:17:0d:fa:b2:dc:af:b5:
9f:51:c2:29:92:54:9f:ad:77:36:8b:dd:47:d4:93:
eb:0b:e4:fa:b8:a6:81:45:1c:ea:d4:ca:92:fe:a9:
7a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:BC:0E:37:44:42:98:DB:B1:0D:1C:76:8E:C4:78:7A:DE:3E:1D
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/lIG8DjdEQpjbsQ0cdo7EeHrePh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
19:29:16:a4:8c:db:67:cd:b0:d6:3e:d5:07:44:c4:81:58:05:
4b:96:b9:2b:0a:d6:03:4c:c1:cb:35:9e:92:2b:11:54:45:35:
ae:8c:cc:e0:37:0e:4c:98:fe:89:12:2e:47:db:b5:99:da:e3:
f3:40:57:05:78:15:a4:c9:0e:ee:71:14:38:af:87:85:fa:7e:
83:d1:69:e1:a0:08:1e:cb:de:8b:14:dd:22:f4:11:17:fe:a2:
51:de:94:cf:6a:df:9f:9b:18:82:e3:e1:12:09:9c:b5:69:29:
ef:28:7f:39:00:16:b9:a5:2b:97:31:c7:c9:a2:57:7c:ce:bc:
d5:a8:29:ed:9a:ea:c1:ab:bc:02:4a:2c:46:7e:bb:ad:3c:86:
7d:f0:13:d2:5e:28:fb:c8:29:02:03:83:df:d6:8b:ed:b8:4a:
4b:a9:0e:4e:6f:6e:40:49:56:32:03:37:a7:e3:c0:2c:c1:e3:
d9:bf:7d:1b:1f:14:e5:05:3e:83:fe:5b:f5:8b:58:e3:fa:4e:
69:b7:c6:24:9e:a3:d3:12:78:ed:94:0c:e8:dc:28:b3:a0:73:
fc:8c:6c:50:71:29:f1:7e:bf:75:2f:2c:24:b2:46:64:f5:18:
58:f0:fb:bc:5a:a9:d7:52:74:9d:4f:0a:51:64:ee:23:1d:53:
c7:42:8d:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvlNHJoFe652u083pD+OMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNl
OThlMjAwHhcNMjMwMTAxMjMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDgxYmMwZTM3NDQ0Mjk4ZGJiMTBkMWM3NjhlYzQ3ODdhZGUzZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA448SbBAahOIEWxyY/ld/Yo5ogWkh
0qY+hw2dtAEGqFzH4l4d2wR5wkwWa+LinnNOyZZtFwXLXE81uj3+0v4zXLZWgzLi
8ErAbrc/77AmYpiciFavMueA+klYzCL5QHIo7J6zvYLY4vUJHWNDw9M5f4YgLt4u
7YpOOhoSLyIiOSjGO8s2+ymcZB2E2YLjhGSSXPlESPTJ+O+OXk5/jPr6N/c4jOCr
UYqiIQDOJXGjqyZ7GNBggM0HXDiG50GtXZaJyjSpRKCiJIszAotSIGssvX9DNdGQ
0QqGcBcN+rLcr7WfUcIpklSfrXc2i91H1JPrC+T6uKaBRRzq1MqS/ql6zQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJSBvA43REKY27ENHHaOxHh63j4dMB8GA1UdIwQY
MBaAFD4L6OSNugffIXEXRbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5Zjgt
MjBmOWYwZGJmNDU4LzEvbElHOERqZEVRcGpic1EwY2RvN0VlSHJlUGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4
LzEvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF
1CbAAwQH1MuAAwQF1dpgMA0GCSqGSIb3DQEBCwUAA4IBAQAZKRakjNtnzbDWPtUH
RMSBWAVLlrkrCtYDTMHLNZ6SKxFURTWujMzgNw5MmP6JEi5H27WZ2uPzQFcFeBWk
yQ7ucRQ4r4eF+n6D0WnhoAgey96LFN0i9BEX/qJR3pTPat+fmxiC4+ESCZy1aSnv
KH85ABa5pSuXMcfJold8zrzVqCntmurBq7wCSixGfrutPIZ98BPSXij7yCkCA4Pf
1ovtuEpLqQ5Ob25ASVYyAzen48AswePZv30bHxTlBT6D/lv1i1jj+k5pt8YknqPT
EnjtlAzo3CizoHP8jGxQcSnxfr91LywkskZk9RhY8Pu8WqnXUnSdTwpRZO4jHVPH
Qo3O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:19 2024 by rpki-client on console-fra.rpki-client.org