Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/r3ZqDG9crbXi5w2J-h8sTfUo5Rw.roa
File: r3ZqDG9crbXi5w2J-h8sTfUo5Rw.roa (raw, json)
Hash identifier: iSf0mJkdl89j9CBHUyadsxc9LCQ8Itk6dqyxAzHMhhY=
Subject key identifier: AF:76:6A:0C:6F:5C:AD:B5:E2:E7:0D:89:FA:1F:2C:4D:F5:28:E5:1C
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 018B0177B3F71CF5B8AFF0ACCB6217989EBA
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/r3ZqDG9crbXi5w2J-h8sTfUo5Rw.roa
Signing time: Thu 05 Oct 2023 20:11:43 +0000
ROA not before: Thu 05 Oct 2023 20:11:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197644
IP address blocks: 212.64.199.0/24 maxlen: 24
212.64.201.0/24 maxlen: 24
212.64.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 20:55:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:77:b3:f7:1c:f5:b8:af:f0:ac:cb:62:17:98:9e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Oct 5 20:11:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af766a0c6f5cadb5e2e70d89fa1f2c4df528e51c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:50:e5:e6:0c:4b:cb:d3:8f:43:91:32:aa:d6:
42:96:36:c3:20:ee:ee:25:81:6b:dc:5e:fd:79:ee:
27:bc:44:60:61:10:63:18:b4:52:c4:0e:b2:9c:a7:
34:3b:2d:9e:9b:67:d9:09:28:16:36:bb:63:89:78:
93:e9:51:44:93:38:a8:74:e0:88:42:f5:df:8b:33:
82:e2:c1:79:42:73:07:98:9f:f1:43:00:83:e9:2f:
0e:d3:d7:c6:fd:3c:df:42:91:37:d8:f9:74:d2:57:
de:9e:e4:b3:2c:17:6a:41:7a:14:90:55:44:a3:18:
57:37:12:23:cd:25:63:b8:84:e9:25:15:cb:e7:2c:
35:4e:f9:82:73:34:7e:24:87:6e:d6:f3:7e:2a:e8:
0a:d7:16:5e:38:53:ec:7a:5d:1f:2a:09:a4:ad:a5:
0d:e9:c7:27:ed:4d:db:06:93:0e:f8:ac:53:a1:10:
af:b3:ea:11:47:65:d1:fe:5c:4a:33:75:78:a9:a7:
6c:31:bc:04:16:79:78:cd:ec:55:e1:f6:69:3d:3e:
47:86:9e:ae:5e:9a:0c:d2:f5:b6:05:64:70:9b:35:
5c:8a:42:14:ae:08:ab:df:9b:e4:f5:4a:43:a8:12:
d9:ce:30:24:7d:26:d7:74:8a:17:bb:c6:76:d6:b6:
42:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:76:6A:0C:6F:5C:AD:B5:E2:E7:0D:89:FA:1F:2C:4D:F5:28:E5:1C
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/r3ZqDG9crbXi5w2J-h8sTfUo5Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.199.0/24
212.64.201.0-212.64.202.255
Signature Algorithm: sha256WithRSAEncryption
49:64:dd:a3:81:12:c3:7b:6b:19:63:87:e5:4e:7b:f9:3c:ca:
12:4a:30:e7:92:e6:02:7c:1f:5b:d5:2b:ec:54:27:c3:05:e2:
fb:f3:dd:fd:a7:ba:64:8b:11:37:4c:8e:00:13:16:93:82:f2:
36:18:d6:de:03:80:9f:c1:80:ec:9d:1f:29:14:0c:41:0e:d8:
71:ef:48:dc:82:cd:76:bc:91:9e:26:d4:90:5f:6a:37:bc:c4:
02:46:00:e6:20:e5:f1:25:c8:e1:87:e7:d1:89:18:72:6c:d0:
6c:65:25:a7:ca:86:d8:95:52:bd:f2:f6:c1:44:80:18:15:fd:
7c:af:f3:d0:f2:d7:ec:9c:49:25:66:35:1d:a9:e2:06:48:7c:
35:da:00:76:87:e6:9f:68:ca:d0:24:2c:93:5d:86:2b:9a:68:
b1:3f:a9:ba:5d:15:0d:44:29:84:5f:fa:fd:e9:d5:ac:55:cd:
46:2e:ca:e0:28:59:88:d6:1b:d9:94:7e:b8:fc:07:ec:81:e1:
42:5d:65:75:9c:ad:9a:f4:44:e9:8f:aa:48:d2:e1:34:ba:fb:
7a:06:60:a6:af:a6:1a:49:9e:14:04:8d:6a:42:72:b8:bc:7f:
c7:f9:4e:46:99:9c:51:6d:4f:dc:ed:2e:ef:c6:4e:ef:d4:9c:
0f:4e:da:b1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYsBd7P3HPW4r/Csy2IXmJ66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjMxMDA1MjAxMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc2NmEwYzZmNWNhZGI1ZTJlNzBkODlmYTFmMmM0ZGY1MjhlNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1Dl5gxLy9OPQ5EyqtZCljbDIO7u
JYFr3F79ee4nvERgYRBjGLRSxA6ynKc0Oy2em2fZCSgWNrtjiXiT6VFEkziodOCI
QvXfizOC4sF5QnMHmJ/xQwCD6S8O09fG/TzfQpE32Pl00lfenuSzLBdqQXoUkFVE
oxhXNxIjzSVjuITpJRXL5yw1TvmCczR+JIdu1vN+KugK1xZeOFPsel0fKgmkraUN
6ccn7U3bBpMO+KxToRCvs+oRR2XR/lxKM3V4qadsMbwEFnl4zexV4fZpPT5Hhp6u
XpoM0vW2BWRwmzVcikIUrgir35vk9UpDqBLZzjAkfSbXdIoXu8Z21rZC7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK92agxvXK214ucNifofLE31KOUcMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvcjNacURHOWNyYlhpNXcySi1oOHNUZlVvNVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1EDHMAwD
BADUQMkDBADUQMowDQYJKoZIhvcNAQELBQADggEBAElk3aOBEsN7axljh+VOe/k8
yhJKMOeS5gJ8H1vVK+xUJ8MF4vvz3f2numSLETdMjgATFpOC8jYY1t4DgJ/BgOyd
HykUDEEO2HHvSNyCzXa8kZ4m1JBfaje8xAJGAOYg5fElyOGH59GJGHJs0GxlJafK
htiVUr3y9sFEgBgV/Xyv89Dy1+ycSSVmNR2p4gZIfDXaAHaH5p9oytAkLJNdhiua
aLE/qbpdFQ1EKYRf+v3p1axVzUYuyuAoWYjWG9mUfrj8B+yB4UJdZXWcrZr0ROmP
qkjS4TS6+3oGYKavphpJnhQEjWpCcri8f8f5TkaZnFFtT9ztLu/GTu/UnA9O2rE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:48 2024 by rpki-client on console-fra.rpki-client.org