Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1-iM3GB9gw_rAhmBlgmNqkTuLCX4.roa
File: 1-iM3GB9gw_rAhmBlgmNqkTuLCX4.roa (raw, json)
Hash identifier: upjNemcSlYe/ifrh4Umd0u2UfrbdBZreZmy26G8iEfM=
Subject key identifier: FA:23:37:18:1F:60:C3:FA:C0:86:60:65:82:63:6A:91:3B:8B:09:7E
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082AC9387808D8F0542C41C9EC9B953
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1-iM3GB9gw_rAhmBlgmNqkTuLCX4.roa
Signing time: Mon 02 Jan 2023 03:24:50 +0000
ROA not before: Mon 02 Jan 2023 03:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57910
IP address blocks: 212.95.210.0/24 maxlen: 24
62.81.173.0/24 maxlen: 24
213.201.70.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:ac:93:87:80:8d:8f:05:42:c4:1c:9e:c9:b9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa2337181f60c3fac086606582636a913b8b097e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:d3:90:d1:e9:08:92:d2:92:0f:de:20:7b:8e:
61:eb:e8:9e:03:00:f0:bf:a1:7b:73:2a:c9:86:c8:
77:e4:a5:30:af:23:c5:cc:37:44:92:f9:8f:4f:1d:
43:a9:d7:fd:af:6d:7e:e1:c0:71:00:41:92:5c:52:
b1:5a:c8:f3:9a:b3:ea:70:f9:0c:6f:f3:0e:60:cb:
8c:98:87:07:78:19:f6:2d:7e:c0:20:a4:1b:3d:32:
24:f2:8d:59:f5:47:50:bf:ea:5e:e3:0c:65:5c:57:
95:db:e7:64:b2:a1:bb:b9:c4:0f:e4:b1:5c:54:1d:
e4:f3:51:31:a0:b2:41:76:7a:b4:8a:d5:a3:4d:74:
36:c8:4b:10:99:85:86:d4:d8:dd:0a:56:37:4f:17:
8d:e8:19:e8:b4:5b:8a:d5:af:c8:46:34:db:b5:dd:
3c:e8:a2:d6:b7:c4:cd:0f:18:5f:08:7a:07:e3:8d:
10:36:05:b3:3d:79:b3:ba:2c:61:ac:c2:94:28:e4:
a6:69:af:b1:16:fc:1a:8b:01:f6:f9:a2:e8:16:4b:
09:a2:eb:e4:48:42:e8:c7:74:fe:72:98:c0:6f:a0:
fe:df:22:6d:bc:f2:da:2b:23:03:dc:d3:90:fa:41:
c8:73:5a:22:5f:f5:80:4c:fa:f3:7a:a1:ed:13:06:
61:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:23:37:18:1F:60:C3:FA:C0:86:60:65:82:63:6A:91:3B:8B:09:7E
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1-iM3GB9gw_rAhmBlgmNqkTuLCX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.81.173.0/24
212.95.210.0/24
213.201.70.0/24
Signature Algorithm: sha256WithRSAEncryption
88:8c:05:5f:19:cf:5b:e6:5b:b0:78:ea:1f:70:53:d5:28:ba:
f4:96:95:f6:a7:f7:cc:e5:a6:b1:ff:89:f1:50:29:09:37:ad:
52:c8:f7:43:5d:d6:b3:f5:a5:b8:57:d6:0b:b3:fc:41:f1:fb:
e9:9a:d0:89:a4:e5:92:b1:50:a9:c1:c9:c2:1c:95:32:ac:37:
2e:7c:a0:9d:be:0f:09:0b:4a:b6:b8:e0:e8:f4:41:64:ee:20:
28:40:13:13:5d:e8:79:64:48:7f:f5:d6:b5:54:14:57:2e:09:
b6:53:53:3a:9c:bd:4f:80:d0:e9:35:d3:fa:d2:50:20:48:b2:
9d:33:51:1d:e9:1f:26:08:a7:63:45:b8:ca:d2:0c:45:4c:dc:
27:91:ee:71:3b:ad:36:b8:73:02:3b:4b:7b:ba:cb:8f:91:7c:
ce:64:93:4a:7a:d3:b1:ac:14:b9:be:cc:d0:42:66:06:1e:4c:
e5:ed:5a:74:29:e3:08:59:f8:19:09:23:a6:c8:e5:e5:0f:57:
05:7c:0d:93:c7:48:8e:dc:95:36:e8:f5:73:2a:14:d5:6e:19:
ee:3c:a1:f5:84:1c:05:51:ae:cd:54:de:d7:55:8f:dd:33:a8:
8c:9a:05:bd:e5:59:e9:1b:dc:9a:68:9c:1d:47:12:fd:66:79:
a7:1a:58:04
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVwgqyTh4CNjwVCxByeyblTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTIzMzcxODFmNjBjM2ZhYzA4NjYwNjU4MjYzNmE5MTNiOGIwOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9OQ0ekIktKSD94ge45h6+ieAwDw
v6F7cyrJhsh35KUwryPFzDdEkvmPTx1Dqdf9r21+4cBxAEGSXFKxWsjzmrPqcPkM
b/MOYMuMmIcHeBn2LX7AIKQbPTIk8o1Z9UdQv+pe4wxlXFeV2+dksqG7ucQP5LFc
VB3k81ExoLJBdnq0itWjTXQ2yEsQmYWG1NjdClY3TxeN6BnotFuK1a/IRjTbtd08
6KLWt8TNDxhfCHoH440QNgWzPXmzuixhrMKUKOSmaa+xFvwaiwH2+aLoFksJouvk
SELox3T+cpjAb6D+3yJtvPLaKyMD3NOQ+kHIc1oiX/WATPrzeqHtEwZhwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPojNxgfYMP6wIZgZYJjapE7iwl+MB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvMS1pTTNHQjlnd19yQWhtQmxnbU5xa1R1TENYNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYz
OC8xLzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAD5RrQME
ANRf0gMEANXJRjANBgkqhkiG9w0BAQsFAAOCAQEAiIwFXxnPW+ZbsHjqH3BT1Si6
9JaV9qf3zOWmsf+J8VApCTetUsj3Q13Ws/WluFfWC7P8QfH76ZrQiaTlkrFQqcHJ
whyVMqw3Lnygnb4PCQtKtrjg6PRBZO4gKEATE13oeWRIf/XWtVQUVy4JtlNTOpy9
T4DQ6TXT+tJQIEiynTNRHekfJginY0W4ytIMRUzcJ5HucTutNrhzAjtLe7rLj5F8
zmSTSnrTsawUub7M0EJmBh5M5e1adCnjCFn4GQkjpsjl5Q9XBXwNk8dIjtyVNuj1
cyoU1W4Z7jyh9YQcBVGuzVTe11WP3TOojJoFveVZ6RvcmmicHUcS/WZ5pxpYBA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:15 2024 by rpki-client on console-ams.rpki-client.org