Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/RcgrvTOWPd1pGIqb0DoqAPUJaaY.roa
File: RcgrvTOWPd1pGIqb0DoqAPUJaaY.roa (raw, json)
Hash identifier: EQDCDjMEJHNBuO1g3JF/DW+Al//KXr+Q7efPSCkiyxQ=
Subject key identifier: 45:C8:2B:BD:33:96:3D:DD:69:18:8A:9B:D0:3A:2A:00:F5:09:69:A6
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 018CC3B6A4E81ABB0BD6CEA25C0087339954
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/RcgrvTOWPd1pGIqb0DoqAPUJaaY.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 212.64.193.0/24 maxlen: 24
212.64.214.0/24 maxlen: 32
212.64.223.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sat 28 Sep 2024 15:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a4:e8:1a:bb:0b:d6:ce:a2:5c:00:87:33:99:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45c82bbd33963ddd69188a9bd03a2a00f50969a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0f:62:b5:41:16:2f:ac:b9:8e:e1:5f:31:d1:
a6:9e:f3:a0:ea:df:36:82:46:ea:a9:f4:ff:77:21:
43:54:35:6a:ab:38:8a:09:96:0d:15:a2:3d:0d:9f:
46:df:9d:bf:ab:fc:17:f8:98:63:04:42:4d:8e:45:
54:b8:46:4a:60:d5:5e:c7:87:4c:db:29:3d:22:cc:
28:bf:4c:32:2f:b8:cc:49:28:ff:36:4c:81:5f:13:
0e:f0:31:fe:f5:4d:22:91:a9:a4:a9:9a:cc:c5:b9:
59:9c:88:d9:9e:b1:75:76:65:b7:b8:a3:03:e8:c8:
c3:3a:40:f7:cb:1e:0e:ba:dd:ce:e6:5e:00:4d:6e:
b4:cf:c6:26:99:4b:1d:c4:cf:cb:bf:81:ee:a2:db:
8d:60:15:5a:5e:ae:6e:ad:c6:93:4f:94:6e:1e:d3:
d8:bf:72:5d:f3:cf:99:36:bf:30:b6:87:9b:63:7c:
7d:c9:67:c8:ae:b3:2d:73:65:4c:30:ae:89:9b:56:
d4:b5:72:e1:b4:2a:8b:2f:d7:76:bd:a5:d2:0e:75:
22:c4:b8:8a:f2:ea:1b:58:19:32:2d:96:78:59:b0:
34:c9:8b:ff:14:3c:e4:24:93:1c:a6:70:70:e3:7a:
cf:e8:ba:86:31:68:a0:b7:43:bc:ac:9e:ea:ce:73:
7b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C8:2B:BD:33:96:3D:DD:69:18:8A:9B:D0:3A:2A:00:F5:09:69:A6
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/RcgrvTOWPd1pGIqb0DoqAPUJaaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.193.0/24
212.64.214.0/24
212.64.223.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a0:b3:b5:c2:25:3c:dd:2d:b8:f1:65:be:ce:7e:7f:99:5c:
2f:23:5f:27:db:16:01:63:fc:c0:37:9a:d9:1c:5e:ed:2e:f3:
ae:43:80:a7:50:e1:30:f7:73:b4:c4:2c:58:7c:c9:3a:42:e7:
93:0d:9a:f7:94:f4:31:a1:a1:ba:2d:69:24:62:72:f8:b9:da:
fa:3e:ed:15:f7:eb:ae:a6:dc:a0:9e:b5:69:75:e5:13:ad:1c:
9f:67:15:42:42:f3:c7:cf:62:c4:70:80:c7:e9:bf:ac:e9:00:
eb:2c:75:e1:1b:c7:41:f8:f6:b0:0e:00:3f:19:75:a2:aa:5b:
43:33:1e:00:88:df:64:64:16:c7:35:c0:11:41:52:fa:e1:3f:
04:3d:ee:81:10:50:c8:fc:63:7d:af:13:d0:72:cd:d3:b1:d5:
62:09:c8:8d:d6:e4:e5:20:8b:89:53:26:26:c7:5d:7a:02:0f:
3d:6f:a5:8e:f8:cf:1c:a4:27:ed:ed:fb:e0:ff:a4:6b:c8:3b:
40:7d:01:32:70:56:93:c9:69:7a:87:55:61:d4:da:0a:89:a7:
a7:58:cc:0a:31:f8:0d:ac:d1:56:66:77:f7:fb:be:6e:fe:5f:
68:7c:96:04:74:e2:23:8d:e2:4e:e1:ce:ae:1f:78:6b:31:21:
45:b2:18:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtqToGrsL1s6iXACHM5lUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWM4MmJiZDMzOTYzZGRkNjkxODhhOWJkMDNhMmEwMGY1MDk2OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ9itUEWL6y5juFfMdGmnvOg6t82
gkbqqfT/dyFDVDVqqziKCZYNFaI9DZ9G352/q/wX+JhjBEJNjkVUuEZKYNVex4dM
2yk9Iswov0wyL7jMSSj/NkyBXxMO8DH+9U0ikamkqZrMxblZnIjZnrF1dmW3uKMD
6MjDOkD3yx4Out3O5l4ATW60z8YmmUsdxM/Lv4HuotuNYBVaXq5urcaTT5RuHtPY
v3Jd88+ZNr8wtoebY3x9yWfIrrMtc2VMMK6Jm1bUtXLhtCqLL9d2vaXSDnUixLiK
8uobWBkyLZZ4WbA0yYv/FDzkJJMcpnBw43rP6LqGMWigt0O8rJ7qznN7ZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEXIK70zlj3daRiKm9A6KgD1CWmmMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvUmNncnZUT1dQZDFwR0lxYjBEb3FBUFVKYWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1EDBAwQA
1EDWAwQA1EDfMA0GCSqGSIb3DQEBCwUAA4IBAQB7oLO1wiU83S248WW+zn5/mVwv
I18n2xYBY/zAN5rZHF7tLvOuQ4CnUOEw93O0xCxYfMk6QueTDZr3lPQxoaG6LWkk
YnL4udr6Pu0V9+uuptygnrVpdeUTrRyfZxVCQvPHz2LEcIDH6b+s6QDrLHXhG8dB
+PawDgA/GXWiqltDMx4AiN9kZBbHNcARQVL64T8EPe6BEFDI/GN9rxPQcs3TsdVi
CciN1uTlIIuJUyYmx116Ag89b6WO+M8cpCft7fvg/6RryDtAfQEycFaTyWl6h1Vh
1NoKiaenWMwKMfgNrNFWZnf3+75u/l9ofJYEdOIjjeJO4c6uH3hrMSFFshil
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:35:53 2024 by rpki-client on console-fra.rpki-client.org