Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/HFKEWRcYV0bzuV0OqWwIxVxm7vw.roa
File: HFKEWRcYV0bzuV0OqWwIxVxm7vw.roa (raw, json)
Hash identifier: hoK923Qq6M8nSvINfZR7FEn+ziolGoIWPQEG0M1InnQ=
Subject key identifier: 1C:52:84:59:17:18:57:46:F3:B9:5D:0E:A9:6C:08:C5:5C:66:EE:FC
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 01856CAF0CAF1508C5C01A43B5CBBF302437
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/HFKEWRcYV0bzuV0OqWwIxVxm7vw.roa
Signing time: Sun 01 Jan 2023 09:34:49 +0000
ROA not before: Sun 01 Jan 2023 09:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 212.64.193.0/24 maxlen: 24
212.64.214.0/24 maxlen: 32
212.64.223.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0c:af:15:08:c5:c0:1a:43:b5:cb:bf:30:24:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 1 09:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c52845917185746f3b95d0ea96c08c55c66eefc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:f9:5a:43:04:cf:37:3c:74:1b:6d:11:5b:
f6:51:88:1d:c8:cc:60:6c:bc:90:ca:f9:30:ae:54:
ed:49:64:2d:4b:09:21:fe:4d:cd:fa:01:b1:de:9b:
cd:a5:53:98:db:00:61:85:12:2d:4a:88:f4:f1:de:
05:82:35:9d:fd:bf:6b:bf:3a:17:0f:86:e5:d5:0a:
26:f4:32:1e:4a:44:d9:ef:77:a9:93:89:76:a7:f4:
76:ea:eb:51:7d:e5:6c:50:68:c4:92:13:c3:48:f2:
6e:7b:dc:1f:88:83:e6:50:5a:aa:7d:af:03:84:13:
88:5b:f9:49:f8:f2:ba:43:76:90:f0:53:25:03:5e:
7c:6a:02:f0:ce:80:5b:21:9a:9c:d0:fa:61:73:60:
84:1a:0e:7a:e9:15:f7:a8:8e:dd:27:77:29:20:a9:
98:44:69:e7:73:33:5c:b0:e0:4d:c7:e6:81:33:ca:
b8:b6:0d:39:0b:10:98:4e:32:ec:55:3a:e4:dc:12:
aa:3e:45:3e:ea:ef:44:8a:61:a1:57:99:46:cc:0b:
6f:70:b4:53:29:a2:63:ef:53:fd:8e:73:4e:41:56:
6e:a2:2c:54:0c:56:7d:96:69:0d:be:4a:8b:21:47:
3f:2e:2e:3d:0e:69:20:36:1d:a0:30:a7:fe:a3:47:
d9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:52:84:59:17:18:57:46:F3:B9:5D:0E:A9:6C:08:C5:5C:66:EE:FC
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/HFKEWRcYV0bzuV0OqWwIxVxm7vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.193.0/24
212.64.214.0/24
212.64.223.0/24
Signature Algorithm: sha256WithRSAEncryption
57:ae:e2:bc:9b:6e:7b:81:27:2a:d1:37:4f:4d:ba:7c:7c:d5:
54:f2:58:38:af:49:df:7e:bb:36:56:ea:b1:cc:9d:0f:b3:07:
58:eb:2d:ec:c0:a9:a6:89:d2:0a:9c:7e:7d:57:c4:a6:0a:d8:
a8:bc:8a:93:a7:56:e9:35:ce:ae:8b:0b:42:62:25:5a:c2:20:
1e:25:f1:2c:f1:a7:03:44:71:e0:c2:2e:cf:d4:2a:f9:56:a0:
d3:fc:ad:5f:95:7d:ba:42:e9:72:5c:31:8f:3c:a3:d4:94:45:
f3:ae:e5:ea:3c:5b:f5:b4:6c:0d:1b:1c:c3:e6:07:ed:98:43:
7e:8e:11:3a:e3:ea:93:08:2e:a4:5d:29:55:7e:23:b8:78:84:
31:a6:8f:02:16:51:24:f6:5e:29:ee:51:71:23:02:30:ad:36:
60:bb:df:33:5e:c4:31:46:da:10:61:53:ac:be:65:64:0a:df:
eb:ad:7e:ac:df:f0:f1:71:c3:01:a2:f3:e9:d6:e6:84:6b:b2:
74:1b:34:7d:66:71:e9:c0:96:6f:24:7d:da:1a:ab:f0:1e:35:
ae:23:28:ee:59:70:f1:bf:09:27:bc:78:2f:0b:d9:3a:09:a2:
5f:ae:ca:3d:43:aa:19:33:32:fa:26:25:4b:08:70:e0:6a:37:
56:4d:f5:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsrwyvFQjFwBpDtcu/MCQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjMwMTAxMDkzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUyODQ1OTE3MTg1NzQ2ZjNiOTVkMGVhOTZjMDhjNTVjNjZlZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn235WkMEzzc8dBttEVv2UYgdyMxg
bLyQyvkwrlTtSWQtSwkh/k3N+gGx3pvNpVOY2wBhhRItSoj08d4FgjWd/b9rvzoX
D4bl1Qom9DIeSkTZ73epk4l2p/R26utRfeVsUGjEkhPDSPJue9wfiIPmUFqqfa8D
hBOIW/lJ+PK6Q3aQ8FMlA158agLwzoBbIZqc0Pphc2CEGg566RX3qI7dJ3cpIKmY
RGnnczNcsOBNx+aBM8q4tg05CxCYTjLsVTrk3BKqPkU+6u9EimGhV5lGzAtvcLRT
KaJj71P9jnNOQVZuoixUDFZ9lmkNvkqLIUc/Li49DmkgNh2gMKf+o0fZpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBxShFkXGFdG87ldDqlsCMVcZu78MB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvSEZLRVdSY1lWMGJ6dVYwT3FXd0l4VnhtN3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1EDBAwQA
1EDWAwQA1EDfMA0GCSqGSIb3DQEBCwUAA4IBAQBXruK8m257gScq0TdPTbp8fNVU
8lg4r0nffrs2VuqxzJ0PswdY6y3swKmmidIKnH59V8SmCtiovIqTp1bpNc6uiwtC
YiVawiAeJfEs8acDRHHgwi7P1Cr5VqDT/K1flX26QulyXDGPPKPUlEXzruXqPFv1
tGwNGxzD5gftmEN+jhE64+qTCC6kXSlVfiO4eIQxpo8CFlEk9l4p7lFxIwIwrTZg
u98zXsQxRtoQYVOsvmVkCt/rrX6s3/DxccMBovPp1uaEa7J0GzR9ZnHpwJZvJH3a
GqvwHjWuIyjuWXDxvwknvHgvC9k6CaJfrso9Q6oZMzL6JiVLCHDgajdWTfVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:14 2024 by rpki-client on console-ams.rpki-client.org