Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/oRIIJ-dLttpVypMYHpzM3N97OK4.roa
File: oRIIJ-dLttpVypMYHpzM3N97OK4.roa (raw, json)
Hash identifier: wEqJI0NgivN+m+jBWKxnBOM0GYvr9MxgtL3EpoavqRk=
Subject key identifier: A1:12:08:27:E7:4B:B6:DA:55:CA:93:18:1E:9C:CC:DC:DF:7B:38:AE
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 0187C23711F8B812F5561FF478F8A32C2078
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/oRIIJ-dLttpVypMYHpzM3N97OK4.roa
Signing time: Thu 27 Apr 2023 10:16:41 +0000
ROA not before: Thu 27 Apr 2023 10:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12541
IP address blocks: 212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
185.123.120.0/22 maxlen: 24
212.66.160.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:37:11:f8:b8:12:f5:56:1f:f4:78:f8:a3:2c:20:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Apr 27 10:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1120827e74bb6da55ca93181e9cccdcdf7b38ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a1:a8:d0:f3:7f:02:65:66:a7:d2:06:2c:a4:
42:0e:25:bc:3d:ab:93:4c:a1:89:5d:cc:5b:17:fb:
4e:50:d3:fe:ed:5c:03:03:a1:a7:b0:ce:1d:2e:9e:
4c:58:3d:7b:9e:8d:c9:84:7a:b9:70:22:1f:64:ec:
f4:cb:b3:c6:da:ac:38:52:36:14:4a:df:9f:84:3f:
50:dc:92:c8:38:99:fe:8e:a6:86:d1:b2:49:60:a5:
22:56:68:63:55:c1:ae:21:50:cd:c4:42:d2:1c:6a:
c2:d7:8b:6a:83:6f:06:b0:93:96:d0:40:b5:71:05:
eb:e0:b5:45:f0:bb:7e:99:3e:93:e8:40:12:3e:f0:
2c:23:57:ea:0a:2f:57:85:f8:6c:51:e8:fe:79:93:
a1:8e:19:88:3e:e1:63:d2:2b:1b:18:97:b1:45:d2:
ee:2d:75:4b:1a:30:3e:bb:ea:08:1f:44:72:7f:b8:
37:af:8e:75:22:63:16:fa:3b:8a:74:ec:b9:c4:fc:
2b:0f:bb:4e:10:45:96:1e:21:3f:e4:da:b8:31:66:
bd:9a:e7:d2:61:92:f6:33:d5:e9:8a:c7:fb:f9:68:
67:23:ba:e7:6a:82:f1:6c:20:ed:4a:ab:4d:f3:a7:
30:30:82:8d:e4:62:bd:60:25:d4:b8:b6:e0:76:3a:
90:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:12:08:27:E7:4B:B6:DA:55:CA:93:18:1E:9C:CC:DC:DF:7B:38:AE
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/oRIIJ-dLttpVypMYHpzM3N97OK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:08:df:03:1c:af:8f:62:6a:e7:2c:14:8a:0e:b7:d3:65:00:
fd:1f:fd:51:da:a1:50:56:f1:a5:5c:cf:d3:26:c3:91:25:44:
ac:5f:f2:35:67:96:b7:54:3d:8e:e3:ef:3a:66:40:8a:09:fe:
76:68:42:dc:0b:15:f3:8c:f2:f6:5d:37:d4:28:96:7c:a4:1b:
cd:1d:42:17:76:91:24:af:f2:a4:34:9a:1e:ce:3a:4b:3a:1c:
4d:1b:3c:aa:29:7c:0c:15:27:c1:8e:84:33:8b:95:e3:d4:2b:
76:65:c7:d9:83:6c:fb:74:c1:da:06:1e:37:83:7c:6a:e7:32:
ec:10:15:75:66:bc:f8:f3:de:7a:50:bc:21:d0:63:d9:a0:1d:
0d:26:b4:72:3e:07:9b:5f:2b:e4:f3:8f:68:4f:d5:ea:cc:bd:
21:8a:82:09:f0:a2:77:34:c6:67:a2:e3:07:2b:9a:b5:62:6f:
31:28:03:56:85:b2:09:9c:50:a0:b2:e8:5f:7b:cd:a1:0b:d8:
9d:80:34:09:70:7c:e5:e3:46:e4:41:30:62:6e:20:13:d7:48:
26:20:42:c2:15:6f:9a:4e:a1:d6:91:e9:a4:af:b9:e9:de:54:
8a:57:1f:cb:29:68:be:e6:fc:56:3c:7a:39:34:7e:d5:e1:2f:
39:ef:54:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfCNxH4uBL1Vh/0ePijLCB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwNDI3MTAxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTEyMDgyN2U3NGJiNmRhNTVjYTkzMTgxZTljY2NkY2RmN2IzOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaGo0PN/AmVmp9IGLKRCDiW8PauT
TKGJXcxbF/tOUNP+7VwDA6GnsM4dLp5MWD17no3JhHq5cCIfZOz0y7PG2qw4UjYU
St+fhD9Q3JLIOJn+jqaG0bJJYKUiVmhjVcGuIVDNxELSHGrC14tqg28GsJOW0EC1
cQXr4LVF8Lt+mT6T6EASPvAsI1fqCi9XhfhsUej+eZOhjhmIPuFj0isbGJexRdLu
LXVLGjA+u+oIH0Ryf7g3r451ImMW+juKdOy5xPwrD7tOEEWWHiE/5Nq4MWa9mufS
YZL2M9Xpisf7+WhnI7rnaoLxbCDtSqtN86cwMIKN5GK9YCXUuLbgdjqQXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKESCCfnS7baVcqTGB6czNzfeziuMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvb1JJSUotZEx0dHBWeXBNWUhwek0zTjk3T0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQCMCN8DHK+PYmrnLBSK
DrfTZQD9H/1R2qFQVvGlXM/TJsORJUSsX/I1Z5a3VD2O4+86ZkCKCf52aELcCxXz
jPL2XTfUKJZ8pBvNHUIXdpEkr/KkNJoezjpLOhxNGzyqKXwMFSfBjoQzi5Xj1Ct2
ZcfZg2z7dMHaBh43g3xq5zLsEBV1Zrz48956ULwh0GPZoB0NJrRyPgebXyvk849o
T9XqzL0hioIJ8KJ3NMZnouMHK5q1Ym8xKANWhbIJnFCgsuhfe82hC9idgDQJcHzl
40bkQTBibiAT10gmIELCFW+aTqHWkemkr7np3lSKVx/LKWi+5vxWPHo5NH7V4S85
71SZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:41 2024 by rpki-client on console-fra.rpki-client.org