Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/2kUOE59-Y854118aOyP9GOghSYo.roa
File: 2kUOE59-Y854118aOyP9GOghSYo.roa (raw, json)
Hash identifier: XTQpNULlSnKU394yarg/J9I72c8JUwL2baliPCuuLJQ=
Subject key identifier: DA:45:0E:13:9F:7E:63:CE:78:D7:5F:1A:3B:23:FD:18:E8:21:49:8A
Certificate issuer: /CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Certificate serial: 01856FD4E9C1A90785F2A6E42E4BAC1BE82C
Authority key identifier: FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/2kUOE59-Y854118aOyP9GOghSYo.roa
Signing time: Mon 02 Jan 2023 00:15:02 +0000
ROA not before: Mon 02 Jan 2023 00:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209689
IP address blocks: 212.87.210.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:e9:c1:a9:07:85:f2:a6:e4:2e:4b:ac:1b:e8:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Validity
Not Before: Jan 2 00:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da450e139f7e63ce78d75f1a3b23fd18e821498a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:e5:4c:27:8b:a1:42:19:27:9f:17:85:df:
9f:1f:ec:29:61:7b:95:7e:03:e6:aa:b2:84:e2:61:
e4:7c:1e:f2:f0:c9:6f:1c:6c:10:43:31:96:66:75:
28:84:49:4c:c9:05:99:5f:36:84:49:03:b4:87:aa:
de:bd:f4:53:d3:e3:cd:86:16:96:fb:91:c0:91:98:
35:52:6b:7d:28:07:54:d8:73:a0:f5:44:6c:be:cd:
07:c9:d9:6e:d0:1c:ad:e5:a4:24:72:23:2f:9b:6a:
1b:72:ec:a2:09:d3:94:50:89:1f:02:2c:21:2c:27:
e3:be:b6:bb:e2:d4:7a:f9:86:7d:f9:5a:6e:6f:ad:
8c:e3:cf:12:41:7f:98:6b:a1:13:c1:a7:74:15:c4:
a8:37:72:68:b4:ec:1c:79:50:d4:93:a3:1c:12:3b:
82:37:64:cf:c0:3c:1e:a1:8b:37:e7:92:0c:64:61:
52:63:c0:7c:53:36:ed:8c:e5:3c:ae:be:86:43:0e:
fe:3b:e0:5e:f5:c3:50:53:d0:ca:e8:d4:dc:52:98:
28:09:b5:19:a1:31:83:b5:b8:1e:b2:26:82:3e:31:
2d:bf:71:e4:59:68:f1:7f:74:44:04:b4:e5:3a:98:
8a:aa:d4:61:0f:34:c4:ef:f7:c0:44:0c:ad:d3:7b:
25:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:45:0E:13:9F:7E:63:CE:78:D7:5F:1A:3B:23:FD:18:E8:21:49:8A
X509v3 Authority Key Identifier:
keyid:FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/2kUOE59-Y854118aOyP9GOghSYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.210.0/23
Signature Algorithm: sha256WithRSAEncryption
88:de:b8:0e:be:2f:c8:3f:86:ad:f1:6b:ef:1c:5a:02:c1:f2:
62:4f:57:b8:32:ef:c4:b2:03:6e:81:c5:0f:8a:44:48:d0:56:
9c:8a:80:ed:a9:b4:75:ec:46:c8:59:0a:91:d8:58:65:a4:24:
a0:fc:3f:61:64:50:f2:0d:16:15:bf:92:77:bb:fb:a8:00:99:
09:ec:db:e7:9d:cc:d4:5f:fe:63:98:dc:5f:37:33:ca:e2:43:
17:d7:df:2e:6b:ec:05:34:71:1d:a6:ee:e8:00:27:6e:83:3c:
22:19:e9:e4:e3:a4:de:3e:6c:d8:ad:b6:95:8f:21:b8:67:00:
b2:23:02:2e:dd:e3:d0:f5:5a:ce:5c:79:55:05:e1:36:d0:b2:
21:10:0c:c4:27:5d:05:45:55:6a:d1:df:ae:0d:6f:9e:b8:6b:
44:87:f7:23:34:79:4b:b5:b2:b7:e1:f0:97:3b:80:24:fd:ac:
d7:de:fe:d6:7b:9b:6d:e1:ca:c7:04:e9:c7:ff:db:9c:8b:e9:
7c:f1:9b:be:53:19:f6:96:ee:da:d0:c4:ab:b8:fc:3d:6d:52:
aa:08:7f:dc:73:38:29:d3:2c:4e:84:f9:f7:90:f5:6c:cc:0a:
73:1d:5f:c1:a7:16:b5:db:03:d4:1f:39:e7:f2:f4:13:b2:3c:
40:c5:29:78
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1OnBqQeF8qbkLkusG+gsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzgyYjc4ZjIwYTZlNGI3MDY0MzA1MmJkMWE0MGFmMTVh
NTYzMzgwHhcNMjMwMTAyMDAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ1MGUxMzlmN2U2M2NlNzhkNzVmMWEzYjIzZmQxOGU4MjE0OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSTlTCeLoUIZJ58Xhd+fH+wpYXuV
fgPmqrKE4mHkfB7y8MlvHGwQQzGWZnUohElMyQWZXzaESQO0h6revfRT0+PNhhaW
+5HAkZg1Umt9KAdU2HOg9URsvs0Hydlu0Byt5aQkciMvm2obcuyiCdOUUIkfAiwh
LCfjvra74tR6+YZ9+Vpub62M488SQX+Ya6ETwad0FcSoN3JotOwceVDUk6McEjuC
N2TPwDweoYs355IMZGFSY8B8UzbtjOU8rr6GQw7+O+Be9cNQU9DK6NTcUpgoCbUZ
oTGDtbgesiaCPjEtv3HkWWjxf3REBLTlOpiKqtRhDzTE7/fARAyt03sl1wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNpFDhOffmPOeNdfGjsj/RjoIUmKMB8GA1UdIwQY
MBaAFPt4K3jyCm5LcGQwUr0aQK8VpWM4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zZ3JlUElLYmt0d1pEQlN2UnBBcnhXbFl6Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVk
LThmN2Q1NjkxYzFiZS8xLzJrVU9FNTktWTg1NDExOGFPeVA5R09naFNZby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVkLThmN2Q1NjkxYzFi
ZS8xLzEtM2dyZVBJS2JrdHdaREJTdlJwQXJ4V2xZemcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHUV9Iw
DQYJKoZIhvcNAQELBQADggEBAIjeuA6+L8g/hq3xa+8cWgLB8mJPV7gy78SyA26B
xQ+KREjQVpyKgO2ptHXsRshZCpHYWGWkJKD8P2FkUPINFhW/kne7+6gAmQns2+ed
zNRf/mOY3F83M8riQxfX3y5r7AU0cR2m7ugAJ26DPCIZ6eTjpN4+bNittpWPIbhn
ALIjAi7d49D1Ws5ceVUF4TbQsiEQDMQnXQVFVWrR364Nb564a0SH9yM0eUu1srfh
8Jc7gCT9rNfe/tZ7m23hyscE6cf/25yL6Xzxm75TGfaW7trQxKu4/D1tUqoIf9xz
OCnTLE6E+feQ9WzMCnMdX8GnFrXbA9QfOefy9BOyPEDFKXg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:26 2023 by rpki-client on console-fra.rpki-client.org