Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/nKffQJCNnSpBIYHzFph7Aq4UeLk.roa
File: nKffQJCNnSpBIYHzFph7Aq4UeLk.roa (raw, json)
Hash identifier: Lh2osM16CoQLgJtDhTSUpkB3YOxDGZ7eAd3ZWEqcIqk=
Subject key identifier: 9C:A7:DF:40:90:8D:9D:2A:41:21:81:F3:16:98:7B:02:AE:14:78:B9
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 018CC8DCCF470EAD6F24985F988E27903A46
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/nKffQJCNnSpBIYHzFph7Aq4UeLk.roa
Signing time: Tue 02 Jan 2024 06:29:23 +0000
ROA not before: Tue 02 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28917
IP address blocks: 212.233.68.0/22 maxlen: 24
2a13:6d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:cf:47:0e:ad:6f:24:98:5f:98:8e:27:90:3a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Jan 2 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca7df40908d9d2a412181f316987b02ae1478b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:bf:24:a6:59:05:df:37:20:c4:e8:8b:dc:ea:
99:aa:5c:86:d7:f6:a0:ec:f5:f4:99:4a:76:70:18:
bf:c1:a8:ea:fd:9d:7a:a7:4b:31:b2:aa:cf:46:c7:
aa:83:31:0c:7c:02:6a:de:b9:6e:f9:29:ac:63:6e:
ae:cb:93:f2:30:6e:90:61:a3:fd:ea:d9:57:aa:af:
35:c1:ff:38:1a:2a:bf:c9:89:6e:51:98:89:dc:41:
c2:a2:c3:56:38:07:e5:8b:76:5a:78:6a:2d:2b:1a:
6a:42:b1:18:60:31:c1:7e:bd:ba:73:00:d5:a2:38:
7b:d4:f7:55:d6:62:72:8a:f3:c3:2c:3e:c1:f9:19:
3a:17:3c:bf:9b:56:d2:3c:d0:44:37:66:a4:b7:64:
09:ac:9b:a0:e5:a0:57:15:aa:e9:d4:6a:5a:e4:f7:
37:10:9c:1f:fb:d9:6c:0c:cd:f7:ed:ff:49:d7:44:
2e:6b:b5:72:de:bc:43:ea:55:a2:50:09:84:ca:3b:
54:19:0c:1b:f1:cb:19:53:01:75:3f:56:cf:41:c4:
43:83:7f:25:f1:7a:87:2c:06:df:e9:a3:58:46:bb:
1a:0e:a0:b3:ba:3e:21:5c:ab:c3:a2:52:00:f1:8e:
c5:79:1c:8c:94:9c:74:0d:98:10:32:b5:b4:fc:8c:
ef:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:DF:40:90:8D:9D:2A:41:21:81:F3:16:98:7B:02:AE:14:78:B9
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/nKffQJCNnSpBIYHzFph7Aq4UeLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.233.68.0/22
IPv6:
2a13:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
62:0f:cc:b0:97:af:c7:fc:90:b6:27:9a:dc:bd:b2:ca:97:d0:
c5:31:32:3d:47:ef:04:40:e7:d2:96:0c:7d:b7:99:7a:d7:ba:
f6:f1:d7:9b:53:8f:d4:c4:41:17:50:36:f8:65:44:5b:1b:e2:
56:c4:be:1c:7a:6f:48:9f:e3:24:0a:26:fa:48:d8:21:69:3b:
3d:17:35:d2:10:61:20:21:7f:1f:8c:92:5a:41:2d:37:39:53:
f9:6a:d4:6c:37:64:47:de:e6:de:69:a1:8a:df:ba:38:b8:82:
3d:21:53:90:d8:61:f7:5c:54:f5:da:31:1a:df:d0:e7:04:40:
1f:b2:25:70:c6:df:8d:fc:55:b6:66:65:39:ef:c6:26:3b:6d:
98:30:7e:ba:f4:38:22:c8:8f:e6:6a:3b:85:2e:63:ff:df:b7:
07:48:41:15:ae:6f:6d:8a:76:ff:6b:c7:34:2a:5e:ed:d5:3a:
8b:07:88:46:1f:16:1a:72:02:1a:11:5a:fa:f7:36:97:2e:4f:
29:32:d8:cc:8e:2c:c7:43:8b:b3:db:9a:e0:8c:b1:7c:a0:04:
02:bf:8c:bd:52:02:ce:30:84:d2:98:cc:57:6e:5d:ec:a2:cb:
c4:c8:f3:a4:4f:a6:bd:f1:15:7a:a6:17:0b:fc:5c:67:ab:05:
aa:d0:37:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3M9HDq1vJJhfmI4nkDpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E3ZGY0MDkwOGQ5ZDJhNDEyMTgxZjMxNjk4N2IwMmFlMTQ3OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8r8kplkF3zcgxOiL3OqZqlyG1/ag
7PX0mUp2cBi/wajq/Z16p0sxsqrPRseqgzEMfAJq3rlu+SmsY26uy5PyMG6QYaP9
6tlXqq81wf84Giq/yYluUZiJ3EHCosNWOAfli3ZaeGotKxpqQrEYYDHBfr26cwDV
ojh71PdV1mJyivPDLD7B+Rk6Fzy/m1bSPNBEN2akt2QJrJug5aBXFarp1Gpa5Pc3
EJwf+9lsDM337f9J10Qua7Vy3rxD6lWiUAmEyjtUGQwb8csZUwF1P1bPQcRDg38l
8XqHLAbf6aNYRrsaDqCzuj4hXKvDolIA8Y7FeRyMlJx0DZgQMrW0/IzvaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJyn30CQjZ0qQSGB8xaYewKuFHi5MB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvbktmZlFKQ05uU3BCSVlIekZwaDdBcTRVZUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1OlEMA0E
AgACMAcDBQMqE21AMA0GCSqGSIb3DQEBCwUAA4IBAQBiD8ywl6/H/JC2J5rcvbLK
l9DFMTI9R+8EQOfSlgx9t5l617r28debU4/UxEEXUDb4ZURbG+JWxL4cem9In+Mk
Cib6SNghaTs9FzXSEGEgIX8fjJJaQS03OVP5atRsN2RH3ubeaaGK37o4uII9IVOQ
2GH3XFT12jEa39DnBEAfsiVwxt+N/FW2ZmU578YmO22YMH669DgiyI/majuFLmP/
37cHSEEVrm9tinb/a8c0Kl7t1TqLB4hGHxYacgIaEVr69zaXLk8pMtjMjizHQ4uz
25rgjLF8oAQCv4y9UgLOMITSmMxXbl3sosvEyPOkT6a98RV6phcL/FxnqwWq0DfB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:25 2025 by rpki-client