Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/PNTOpYYVcuDrJeZAGeiTaBIC-I0.roa
File: PNTOpYYVcuDrJeZAGeiTaBIC-I0.roa (raw, json)
Hash identifier: ocz5ys7PNRrxXKe2y4aAD2AtSq4FsI9fCNCnqGTL5uI=
Subject key identifier: 3C:D4:CE:A5:86:15:72:E0:EB:25:E6:40:19:E8:93:68:12:02:F8:8D
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA309FFCDA7BA0CB6F0EBAA071A10DDA8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/PNTOpYYVcuDrJeZAGeiTaBIC-I0.roa
Signing time: Wed 03 Apr 2024 08:18:45 +0000
ROA not before: Wed 03 Apr 2024 08:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8675
IP address blocks: 212.12.0.0/19 maxlen: 24
212.12.4.0/24 maxlen: 24
212.12.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 11:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:09:ff:cd:a7:ba:0c:b6:f0:eb:aa:07:1a:10:dd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 3 08:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cd4cea5861572e0eb25e64019e893681202f88d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:80:53:2c:e0:1b:cf:17:f7:41:75:88:34:24:
65:90:1f:9e:ce:28:58:f1:c4:f4:3e:ec:91:fd:23:
c1:b1:ff:74:92:d9:71:0f:df:76:d3:6f:a6:87:46:
d1:71:b0:55:8b:52:f3:c2:eb:87:b6:df:84:c3:43:
0d:35:f4:6d:ca:d3:2d:f6:22:13:18:63:8b:ab:d7:
4b:51:8b:de:44:79:0f:14:e8:5f:30:6d:6d:2b:b6:
08:55:32:67:a9:8c:a2:df:26:16:ee:9f:90:85:d4:
23:c8:24:ca:ed:2f:18:56:71:b1:51:8d:f2:17:60:
9c:04:b9:cd:15:80:fe:df:fa:3e:d5:88:db:e4:af:
dd:80:e2:55:c8:8a:d3:b1:4f:ad:d1:b5:60:72:0c:
f7:ab:a2:51:7d:c6:27:b9:93:02:f7:73:f8:16:f7:
9e:55:3c:dc:b8:bb:4f:e1:db:7b:aa:5c:39:f7:0a:
39:e7:20:d6:5f:f1:29:b7:3e:b3:ce:3c:6c:a0:fc:
fb:11:e8:85:86:ac:e3:16:3d:ac:12:42:e9:47:5a:
0f:8c:48:f4:fa:15:fb:8b:ef:ba:b4:2a:4a:c0:a6:
9d:93:ff:af:ec:8c:4b:cb:3b:df:96:f3:e1:ce:e4:
6d:18:a9:6c:6f:b7:56:eb:0f:0b:f2:a5:f4:ac:d8:
65:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D4:CE:A5:86:15:72:E0:EB:25:E6:40:19:E8:93:68:12:02:F8:8D
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/PNTOpYYVcuDrJeZAGeiTaBIC-I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.12.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:fd:c9:d2:ef:b1:13:13:f6:db:39:fc:b6:31:43:a5:ce:23:
cf:3b:30:0c:7c:31:0e:59:a1:ba:34:7f:5a:26:2b:f8:6c:31:
32:35:d7:ab:54:4c:fc:bf:bb:dd:6a:2f:4d:1a:bb:43:6e:d6:
2c:51:08:d0:26:5a:ec:b7:7b:69:f3:4d:ad:a2:86:e1:fb:17:
4c:c3:7c:f9:d6:72:55:97:bc:bb:37:f7:76:e0:7f:e1:82:ca:
fd:0a:1f:2b:84:ed:e8:40:3d:06:b0:47:88:d8:c4:43:1e:61:
c9:3e:3b:20:92:c3:21:7a:8a:3a:dc:32:a9:de:cb:8a:b3:63:
d2:07:17:45:01:bc:43:59:90:e0:1f:1f:3e:c1:20:f1:6a:9b:
5e:69:42:00:2a:3b:e4:04:a6:22:6d:83:21:fc:56:d5:68:69:
1f:71:e4:d7:64:4b:bc:c8:f4:3e:ca:0c:00:70:ff:84:89:bb:
8f:66:b5:16:ae:97:38:f5:49:0d:3a:e2:14:30:68:96:b2:ea:
8e:d3:37:6f:4b:89:df:23:b3:da:e1:bc:87:ad:0a:21:14:f1:
9d:70:ac:16:8e:c4:27:10:f3:cb:40:4a:eb:06:2a:75:f6:de:
25:3e:65:86:9c:58:a4:a4:57:cf:7d:f3:7f:62:be:4d:e4:81:
a4:95:a1:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6jCf/Np7oMtvDrqgcaEN2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAzMDgxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q0Y2VhNTg2MTU3MmUwZWIyNWU2NDAxOWU4OTM2ODEyMDJmODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4BTLOAbzxf3QXWINCRlkB+ezihY
8cT0PuyR/SPBsf90ktlxD99202+mh0bRcbBVi1LzwuuHtt+Ew0MNNfRtytMt9iIT
GGOLq9dLUYveRHkPFOhfMG1tK7YIVTJnqYyi3yYW7p+QhdQjyCTK7S8YVnGxUY3y
F2CcBLnNFYD+3/o+1Yjb5K/dgOJVyIrTsU+t0bVgcgz3q6JRfcYnuZMC93P4Fvee
VTzcuLtP4dt7qlw59wo55yDWX/Eptz6zzjxsoPz7EeiFhqzjFj2sEkLpR1oPjEj0
+hX7i++6tCpKwKadk/+v7IxLyzvflvPhzuRtGKlsb7dW6w8L8qX0rNhlWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzUzqWGFXLg6yXmQBnok2gSAviNMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUE5UT3BZWVZjdURySmVaQUdlaVRhQklDLUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1AwAMA0G
CSqGSIb3DQEBCwUAA4IBAQAv/cnS77ETE/bbOfy2MUOlziPPOzAMfDEOWaG6NH9a
Jiv4bDEyNderVEz8v7vdai9NGrtDbtYsUQjQJlrst3tp802toobh+xdMw3z51nJV
l7y7N/d24H/hgsr9Ch8rhO3oQD0GsEeI2MRDHmHJPjsgksMheoo63DKp3suKs2PS
BxdFAbxDWZDgHx8+wSDxapteaUIAKjvkBKYibYMh/FbVaGkfceTXZEu8yPQ+ygwA
cP+EibuPZrUWrpc49UkNOuIUMGiWsuqO0zdvS4nfI7Pa4byHrQohFPGdcKwWjsQn
EPPLQErrBip19t4lPmWGnFikpFfPffN/Yr5N5IGklaEN
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:12:45 2025 by rpki-client