Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/uppyRskQNozxEJIIoUKY5Ywq7Gk.roa
File: uppyRskQNozxEJIIoUKY5Ywq7Gk.roa (raw, json)
Hash identifier: UjGLnLBS4OKeXt8qK4WdwpfXIzXPbtINlzB9LA+Olb4=
Subject key identifier: BA:9A:72:46:C9:10:36:8C:F1:10:92:08:A1:42:98:E5:8C:2A:EC:69
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 01856CAF0AC7B2B3BDBD406654BCE729BE19
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/uppyRskQNozxEJIIoUKY5Ywq7Gk.roa
Signing time: Sun 01 Jan 2023 09:34:48 +0000
ROA not before: Sun 01 Jan 2023 09:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 212.64.211.0/24 maxlen: 32
212.64.210.0/24 maxlen: 32
212.64.214.0/24 maxlen: 32
212.64.216.0/24 maxlen: 32
212.64.215.0/24 maxlen: 32
212.64.217.0/24 maxlen: 32
212.64.223.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 29 Dec 2023 08:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0a:c7:b2:b3:bd:bd:40:66:54:bc:e7:29:be:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 1 09:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba9a7246c910368cf1109208a14298e58c2aec69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f2:07:30:cd:af:44:86:aa:ab:f9:97:18:fd:
d6:44:a5:7e:44:83:8f:2f:37:f6:c7:6b:8a:aa:f9:
43:71:4c:0c:9f:52:ee:c9:97:73:96:cd:a4:23:db:
30:71:49:51:7b:f0:95:13:96:ed:40:8e:56:d7:4d:
32:1e:d1:23:df:ce:ee:50:8b:02:ab:66:2f:d7:4a:
b6:49:35:4b:f5:06:83:2e:c3:d8:e4:27:7f:39:14:
6e:67:64:0d:79:85:12:25:48:ee:94:d0:d1:e9:cc:
48:6f:78:3c:6a:6a:dd:49:17:86:03:c2:a6:74:04:
a3:48:48:51:b0:f4:2a:bb:3d:39:92:8b:9a:e4:20:
13:61:21:5a:1f:f1:7a:63:ec:26:25:7f:9a:fa:6d:
18:05:68:62:68:e8:0a:d0:f8:26:4f:9e:82:bc:38:
df:3f:dd:6f:8f:34:9d:34:99:79:1f:9b:5d:88:4a:
ca:cb:01:5a:a9:c6:a3:82:2a:fc:89:f7:b0:4d:a3:
cd:8f:5f:06:a4:30:4d:c5:c6:6c:75:91:dc:e7:6f:
85:8b:15:b5:72:7b:d8:c6:bf:07:4f:6f:72:a3:70:
1a:f1:f8:57:7d:39:a8:12:aa:f7:84:97:7c:e1:02:
2b:fd:60:fc:d8:54:3d:a9:16:89:64:93:bc:1f:11:
18:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9A:72:46:C9:10:36:8C:F1:10:92:08:A1:42:98:E5:8C:2A:EC:69
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/uppyRskQNozxEJIIoUKY5Ywq7Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.210.0/23
212.64.214.0-212.64.217.255
212.64.223.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e1:43:f5:b7:98:25:f3:e9:84:e7:78:35:92:16:79:42:63:
43:33:ff:1b:7d:28:b3:b2:76:80:fa:ad:aa:47:af:d0:6a:7d:
a2:5b:c0:50:24:43:8f:a0:5c:66:a5:2f:c8:95:38:4c:39:d9:
69:4a:28:cd:da:9d:12:c9:84:47:cb:ba:15:de:b4:96:09:b2:
76:c1:e1:b3:1b:bd:ae:20:05:eb:04:04:14:34:66:06:7d:92:
f5:76:29:03:2b:be:70:ff:04:b4:14:6c:c9:ab:5a:1a:2f:1b:
a9:1c:fa:29:14:7e:8f:4f:9c:5f:57:21:b4:45:4c:00:26:5f:
47:c0:4a:43:b9:1a:86:5a:b8:0e:8e:d5:3e:90:a6:8b:d3:b4:
5a:2a:65:09:65:16:61:32:f4:46:49:e9:37:09:89:07:43:15:
c3:10:9d:47:0b:69:10:19:de:64:2d:69:e2:1b:8d:8e:30:b0:
56:29:5c:96:b8:d1:fb:74:b5:ea:52:01:42:b1:5b:14:80:3c:
47:68:e8:96:99:8c:5a:e1:65:b7:00:2b:8c:d6:53:1e:67:4c:
ec:c4:85:8d:60:f3:ed:01:05:27:e7:92:70:63:82:a6:71:08:
83:c0:ae:2a:cc:7b:82:ea:5b:d4:7a:a0:8b:86:15:4a:c3:73:
2b:ea:6e:9f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVsrwrHsrO9vUBmVLznKb4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjMwMTAxMDkzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTlhNzI0NmM5MTAzNjhjZjExMDkyMDhhMTQyOThlNThjMmFlYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vIHMM2vRIaqq/mXGP3WRKV+RIOP
Lzf2x2uKqvlDcUwMn1LuyZdzls2kI9swcUlRe/CVE5btQI5W100yHtEj387uUIsC
q2Yv10q2STVL9QaDLsPY5Cd/ORRuZ2QNeYUSJUjulNDR6cxIb3g8amrdSReGA8Km
dASjSEhRsPQquz05koua5CATYSFaH/F6Y+wmJX+a+m0YBWhiaOgK0PgmT56CvDjf
P91vjzSdNJl5H5tdiErKywFaqcajgir8ifewTaPNj18GpDBNxcZsdZHc52+FixW1
cnvYxr8HT29yo3Aa8fhXfTmoEqr3hJd84QIr/WD82FQ9qRaJZJO8HxEY5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLqackbJEDaM8RCSCKFCmOWMKuxpMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvdXBweVJza1FOb3p4RUpJSW9VS1k1WXdxN0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQB1EDSMAwD
BAHUQNYDBAHUQNgDBADUQN8wDQYJKoZIhvcNAQELBQADggEBAGvhQ/W3mCXz6YTn
eDWSFnlCY0Mz/xt9KLOydoD6rapHr9BqfaJbwFAkQ4+gXGalL8iVOEw52WlKKM3a
nRLJhEfLuhXetJYJsnbB4bMbva4gBesEBBQ0ZgZ9kvV2KQMrvnD/BLQUbMmrWhov
G6kc+ikUfo9PnF9XIbRFTAAmX0fASkO5GoZauA6O1T6QpovTtFoqZQllFmEy9EZJ
6TcJiQdDFcMQnUcLaRAZ3mQtaeIbjY4wsFYpXJa40ft0tepSAUKxWxSAPEdo6JaZ
jFrhZbcAK4zWUx5nTOzEhY1g8+0BBSfnknBjgqZxCIPArirMe4LqW9R6oIuGFUrD
cyvqbp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:48 2024 by rpki-client on console-fra.rpki-client.org