Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/4c0shamHHQ_UIOGl9IZrxNp7PSQ.roa
File: 4c0shamHHQ_UIOGl9IZrxNp7PSQ.roa (raw, json)
Hash identifier: GWzBlg12AyIItN0FQh/PKFAC5+avZWLmyCzoR+BG8lY=
Subject key identifier: E1:CD:2C:85:A9:87:1D:0F:D4:20:E1:A5:F4:86:6B:C4:DA:7B:3D:24
Certificate issuer: /CN=1ea1f59a96797271e1fd6673a9c534257da88e6b
Certificate serial: 018570DE4C1C2B62D4D2B4D17B1ADB121D11
Authority key identifier: 1E:A1:F5:9A:96:79:72:71:E1:FD:66:73:A9:C5:34:25:7D:A8:8E:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/4c0shamHHQ_UIOGl9IZrxNp7PSQ.roa
Signing time: Mon 02 Jan 2023 05:04:54 +0000
ROA not before: Mon 02 Jan 2023 05:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48918
IP address blocks: 212.58.64.0/19 maxlen: 24
2a00:fb80::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:4c:1c:2b:62:d4:d2:b4:d1:7b:1a:db:12:1d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea1f59a96797271e1fd6673a9c534257da88e6b
Validity
Not Before: Jan 2 05:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1cd2c85a9871d0fd420e1a5f4866bc4da7b3d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:21:28:db:59:b9:50:62:a9:65:1b:73:95:92:
d1:37:ba:a3:de:2e:08:65:73:ab:37:34:60:5c:e2:
15:ff:63:e2:55:ec:46:ff:b0:5d:5e:6d:e0:aa:04:
e0:06:d7:f3:b9:78:22:c9:43:bb:1d:a0:31:73:e9:
51:fc:41:5d:ef:cb:1f:0b:aa:6d:d4:a6:a9:a0:50:
8f:f3:49:df:39:3d:db:aa:5e:8c:47:93:ed:e9:77:
ed:7f:f5:58:11:bd:bb:31:94:98:5c:25:a0:62:e8:
d0:7a:96:22:5d:41:a8:9f:89:39:1e:e6:3e:e1:a8:
88:c9:1e:97:04:c3:ba:4e:43:77:1f:e8:4b:c2:55:
40:99:92:5b:1a:3e:dd:5e:fc:c2:fc:56:dd:b6:45:
1c:6c:c6:7f:b6:09:3e:14:09:5d:56:c8:cd:8a:41:
48:19:99:fe:d4:0f:b0:c9:59:98:ad:19:2f:b6:0f:
76:90:10:58:10:51:76:19:37:dc:8b:71:87:4a:a8:
c5:48:2f:3a:45:44:0f:9d:b4:b7:f6:1c:d8:2a:32:
72:84:71:a8:40:d7:e2:e5:4d:27:86:75:2c:aa:4e:
23:63:63:cc:ab:1d:d4:f2:e3:ea:3a:1e:53:c6:a0:
92:d4:31:58:c0:be:ad:a1:bd:5d:81:f5:54:54:4c:
5d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CD:2C:85:A9:87:1D:0F:D4:20:E1:A5:F4:86:6B:C4:DA:7B:3D:24
X509v3 Authority Key Identifier:
keyid:1E:A1:F5:9A:96:79:72:71:E1:FD:66:73:A9:C5:34:25:7D:A8:8E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/4c0shamHHQ_UIOGl9IZrxNp7PSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/HqH1mpZ5cnHh_WZzqcU0JX2ojms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.58.64.0/19
IPv6:
2a00:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
bc:a2:31:cc:be:22:a6:6b:49:ac:ef:eb:bc:85:57:6d:05:29:
e7:cc:1a:d8:41:85:aa:96:41:79:8d:06:c0:2f:34:9d:bc:ce:
a4:64:b2:18:a6:fa:cc:4e:1c:db:51:b9:d0:43:3e:52:c1:ef:
c9:3e:f4:20:6b:ce:f4:50:71:a6:75:27:f4:52:8e:c5:5b:79:
5d:a2:4e:15:89:70:4d:5f:b4:2b:8e:83:27:1b:eb:00:72:06:
ac:ba:f4:27:92:ea:c8:62:fb:30:40:e9:af:b8:7f:fd:77:a0:
12:47:10:49:cc:27:2b:85:72:4f:17:8d:92:97:51:a1:e4:92:
ca:68:0b:1d:1f:8f:e9:2e:8a:bf:20:bd:82:ce:2b:00:ac:7c:
f6:35:7e:33:c5:f9:e4:cf:2d:8c:18:ee:73:0a:fa:9e:98:e9:
85:97:2c:89:c1:52:b0:94:f3:d7:d2:97:b0:ad:9f:a8:0a:6d:
d6:4b:58:41:e0:25:c9:ec:fd:f6:ab:3d:58:8b:d8:e1:77:22:
4d:8e:d3:59:f5:bd:e1:a2:f9:98:81:58:86:bd:4a:b5:70:6c:
92:f8:d6:a8:57:ac:d0:d1:49:47:73:5f:8a:f6:56:20:29:25:
69:1f:03:96:8c:84:55:56:4d:aa:27:7b:47:a7:d5:0b:85:17:
5e:7e:fa:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw3kwcK2LU0rTRexrbEh0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTFmNTlhOTY3OTcyNzFlMWZkNjY3M2E5YzUzNDI1N2Rh
ODhlNmIwHhcNMjMwMTAyMDUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWNkMmM4NWE5ODcxZDBmZDQyMGUxYTVmNDg2NmJjNGRhN2IzZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyEo21m5UGKpZRtzlZLRN7qj3i4I
ZXOrNzRgXOIV/2PiVexG/7BdXm3gqgTgBtfzuXgiyUO7HaAxc+lR/EFd78sfC6pt
1KapoFCP80nfOT3bql6MR5Pt6Xftf/VYEb27MZSYXCWgYujQepYiXUGon4k5HuY+
4aiIyR6XBMO6TkN3H+hLwlVAmZJbGj7dXvzC/FbdtkUcbMZ/tgk+FAldVsjNikFI
GZn+1A+wyVmYrRkvtg92kBBYEFF2GTfci3GHSqjFSC86RUQPnbS39hzYKjJyhHGo
QNfi5U0nhnUsqk4jY2PMqx3U8uPqOh5TxqCS1DFYwL6tob1dgfVUVExdKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOHNLIWphx0P1CDhpfSGa8Taez0kMB8GA1UdIwQY
MBaAFB6h9ZqWeXJx4f1mc6nFNCV9qI5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFIMW1wWjVjbkhoX1daenFjVTBKWDJvam1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85MmI1MDgtMWZhZC00Mjk5LTg3MjAt
N2M0YWZiODhlMmYyLzEvNGMwc2hhbUhIUV9VSU9HbDlJWnJ4TnA3UFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85MmI1MDgtMWZhZC00Mjk5LTg3MjAtN2M0YWZiODhlMmYy
LzEvSHFIMW1wWjVjbkhoX1daenFjVTBKWDJvam1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1DpAMA0E
AgACMAcDBQAqAPuAMA0GCSqGSIb3DQEBCwUAA4IBAQC8ojHMviKma0ms7+u8hVdt
BSnnzBrYQYWqlkF5jQbALzSdvM6kZLIYpvrMThzbUbnQQz5Swe/JPvQga870UHGm
dSf0Uo7FW3ldok4ViXBNX7QrjoMnG+sAcgasuvQnkurIYvswQOmvuH/9d6ASRxBJ
zCcrhXJPF42Sl1Gh5JLKaAsdH4/pLoq/IL2CzisArHz2NX4zxfnkzy2MGO5zCvqe
mOmFlyyJwVKwlPPX0pewrZ+oCm3WS1hB4CXJ7P32qz1Yi9jhdyJNjtNZ9b3hovmY
gViGvUq1cGyS+NaoV6zQ0UlHc1+K9lYgKSVpHwOWjIRVVk2qJ3tHp9ULhRdefvoO
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:56 2024 by rpki-client on console-fra.rpki-client.org