Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/5MhwkbCiwVEvwuapQ1F8dRIezd4.roa
File: 5MhwkbCiwVEvwuapQ1F8dRIezd4.roa (raw, json)
Hash identifier: FYT2GflMssY9CU1fzEwc+VYgOp2lml8kwF8Q6Chu7GU=
Subject key identifier: E4:C8:70:91:B0:A2:C1:51:2F:C2:E6:A9:43:51:7C:75:12:1E:CD:DE
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 018CC3B6A3280801D4FC23018C2E2C0B43E4
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/5MhwkbCiwVEvwuapQ1F8dRIezd4.roa
Signing time: Mon 01 Jan 2024 06:29:35 +0000
ROA not before: Mon 01 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 212.64.202.0/24 maxlen: 24
212.64.211.0/24 maxlen: 32
212.64.210.0/24 maxlen: 32
212.64.214.0/24 maxlen: 32
212.64.216.0/24 maxlen: 32
212.64.215.0/24 maxlen: 32
212.64.217.0/24 maxlen: 32
212.64.223.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jan 2024 13:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a3:28:08:01:d4:fc:23:01:8c:2e:2c:0b:43:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 1 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4c87091b0a2c1512fc2e6a943517c75121ecdde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:96:b5:b0:e3:98:a0:00:9b:9f:51:1a:92:
7e:16:b4:6c:1e:6e:2a:95:ec:ac:d3:6a:dd:41:bc:
d0:c1:c3:2d:d6:1a:3c:04:86:be:a2:d7:9d:88:8f:
31:88:2e:2d:b7:88:bd:16:47:c2:7a:d9:28:48:82:
ed:00:65:85:d2:3a:21:d0:6f:03:b0:38:c0:cb:09:
cf:03:56:22:b9:59:98:bc:33:ab:0f:fe:2b:e8:5d:
26:1e:55:ad:14:4a:ef:c3:5a:88:4c:b4:39:17:16:
be:2b:cc:86:39:54:75:59:d0:1c:84:7b:20:df:65:
c5:0d:9c:22:68:5f:1c:fd:69:0c:c2:35:56:0d:44:
fa:4a:b1:32:a9:cd:bf:32:f3:38:7a:05:62:e5:9b:
4d:01:0d:bb:89:34:39:20:8e:ae:44:92:f0:41:54:
f4:2f:bb:ae:b8:74:4e:c5:8c:dc:26:b7:4b:3b:18:
37:96:17:60:37:d1:85:c6:8e:f5:94:07:98:3c:8b:
2b:66:bd:bf:0c:d8:d7:db:0c:d0:d9:80:8c:8f:a3:
dd:40:f6:bc:c0:a6:9f:06:5c:b2:9c:d2:d1:54:be:
f3:15:bf:a1:dc:6a:f7:b1:89:15:c3:58:b8:f6:50:
8b:23:e3:1c:4b:91:0f:3a:4e:72:27:2a:ab:d5:41:
e8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C8:70:91:B0:A2:C1:51:2F:C2:E6:A9:43:51:7C:75:12:1E:CD:DE
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/5MhwkbCiwVEvwuapQ1F8dRIezd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.202.0/24
212.64.210.0/23
212.64.214.0-212.64.217.255
212.64.223.0/24
Signature Algorithm: sha256WithRSAEncryption
87:59:4a:4e:6e:ff:09:dc:83:69:5c:68:35:b2:38:e5:21:a8:
63:5a:b7:b7:4f:94:c1:0f:d5:d0:40:e8:67:2c:9d:54:bd:63:
2a:b6:56:5e:f6:f0:1d:52:e6:c8:95:b0:c7:2c:15:17:e5:df:
e7:9f:8c:0e:09:e7:92:0a:4f:2e:82:bb:b7:1c:0c:f3:f8:cf:
9f:a4:bc:5b:1d:75:1c:4e:eb:7b:94:9b:da:e9:ff:2f:71:57:
ee:1b:a6:22:1d:04:3e:e1:a7:7d:79:50:89:84:9b:50:c6:12:
d3:d5:e3:c6:32:2a:92:6c:d4:cb:e0:dd:63:d4:ed:b1:86:2b:
14:06:a2:ac:20:6b:8d:f9:1e:a3:33:57:a0:b2:12:4a:5c:11:
43:9a:36:c3:26:81:84:a2:1c:03:ac:bb:a9:11:eb:01:f0:bd:
da:0f:72:5b:2f:fa:37:9b:fa:85:d1:1e:c1:aa:c6:d1:1f:4f:
5a:69:72:99:44:78:50:b0:31:35:54:9a:52:ce:c3:90:95:1a:
f1:7f:7d:92:00:5b:41:97:b3:7d:93:23:5a:ad:bc:58:16:ee:
cd:18:9a:57:80:ad:9c:29:46:4e:a0:f5:0c:27:d0:30:48:ce:
48:1e:3c:ff:57:68:8d:a7:34:9d:a1:9e:5a:36:e8:55:c0:65:
24:fc:5e:98
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDtqMoCAHU/CMBjC4sC0PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjQwMTAxMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGM4NzA5MWIwYTJjMTUxMmZjMmU2YTk0MzUxN2M3NTEyMWVjZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLGWtbDjmKAAm59RGpJ+FrRsHm4q
leys02rdQbzQwcMt1ho8BIa+otediI8xiC4tt4i9FkfCetkoSILtAGWF0joh0G8D
sDjAywnPA1YiuVmYvDOrD/4r6F0mHlWtFErvw1qITLQ5Fxa+K8yGOVR1WdAchHsg
32XFDZwiaF8c/WkMwjVWDUT6SrEyqc2/MvM4egVi5ZtNAQ27iTQ5II6uRJLwQVT0
L7uuuHROxYzcJrdLOxg3lhdgN9GFxo71lAeYPIsrZr2/DNjX2wzQ2YCMj6PdQPa8
wKafBlyynNLRVL7zFb+h3Gr3sYkVw1i49lCLI+McS5EPOk5yJyqr1UHoGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOTIcJGwosFRL8LmqUNRfHUSHs3eMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvNU1od2tiQ2l3VkV2d3VhcFExRjhkUkllemQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1EDKAwQB
1EDSMAwDBAHUQNYDBAHUQNgDBADUQN8wDQYJKoZIhvcNAQELBQADggEBAIdZSk5u
/wncg2lcaDWyOOUhqGNat7dPlMEP1dBA6GcsnVS9Yyq2Vl728B1S5siVsMcsFRfl
3+efjA4J55IKTy6Cu7ccDPP4z5+kvFsddRxO63uUm9rp/y9xV+4bpiIdBD7hp315
UImEm1DGEtPV48YyKpJs1Mvg3WPU7bGGKxQGoqwga435HqMzV6CyEkpcEUOaNsMm
gYSiHAOsu6kR6wHwvdoPclsv+jeb+oXRHsGqxtEfT1ppcplEeFCwMTVUmlLOw5CV
GvF/fZIAW0GXs32TI1qtvFgW7s0YmleArZwpRk6g9Qwn0DBIzkgePP9XaI2nNJ2h
nlo26FXAZST8Xpg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:48 2024 by rpki-client on console-fra.rpki-client.org