Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/vVfGpvXe6VcoH-Pg4-An20H7lT4.roa
File: vVfGpvXe6VcoH-Pg4-An20H7lT4.roa (raw, json)
Hash identifier: ZcczrnlbKxCINPXpoVK/obxgG15lEApnULA1+eRBvtU=
Subject key identifier: BD:57:C6:A6:F5:DE:E9:57:28:1F:E3:E0:E3:E0:27:DB:41:FB:95:3E
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 01908D87167C21E08BAE10E6AA9EF336BFBE
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/vVfGpvXe6VcoH-Pg4-An20H7lT4.roa
Signing time: Sun 07 Jul 2024 14:09:18 +0000
ROA not before: Sun 07 Jul 2024 14:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 212.60.8.0/24 maxlen: 24
212.60.9.0/24 maxlen: 24
212.60.10.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
2a09:800:2000::/35 maxlen: 35
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8d:87:16:7c:21:e0:8b:ae:10:e6:aa:9e:f3:36:bf:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Jul 7 14:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd57c6a6f5dee957281fe3e0e3e027db41fb953e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8d:2e:9d:9f:89:0e:f5:f4:53:96:d3:62:f8:
15:d5:a3:da:11:0f:f4:18:c5:38:41:06:5a:6f:2d:
05:3b:73:16:43:8a:a6:f0:be:62:ca:56:27:05:51:
fd:70:e6:83:32:a8:25:d2:f5:6d:49:fc:5a:59:e4:
06:ed:40:e8:4f:1a:c7:01:4d:4c:5c:ba:88:b3:23:
29:75:6b:23:86:d0:2b:a8:92:75:9a:1d:7d:4d:a3:
00:e1:fc:88:ba:5c:78:e7:cf:83:57:1c:91:d6:a8:
d0:f9:d4:36:91:74:a6:0a:e5:b3:30:31:fe:69:53:
b6:57:2a:c0:63:5d:22:2c:e5:9f:fa:74:8e:b2:fa:
e4:7b:06:e4:34:38:7e:00:15:37:f6:c3:dc:5b:ba:
81:21:d9:67:b0:5c:d1:36:95:cc:99:75:0e:c2:9b:
13:52:4e:e2:30:b9:40:1e:f0:02:ce:27:ac:c7:aa:
a0:35:91:be:1d:e2:4e:1c:60:12:72:85:bf:a9:79:
4a:65:32:53:c9:37:d3:1e:57:e1:ee:85:9d:36:04:
48:1f:af:85:eb:31:01:ce:4a:c1:11:72:db:95:07:
c4:a7:54:99:5e:ec:68:78:82:74:2a:0d:fd:3f:6b:
cc:3f:3a:8d:d1:fc:1a:20:6d:d8:f2:eb:63:ea:22:
a7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:57:C6:A6:F5:DE:E9:57:28:1F:E3:E0:E3:E0:27:DB:41:FB:95:3E
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/vVfGpvXe6VcoH-Pg4-An20H7lT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.8.0/22
IPv6:
2a09:800:2000::/35
Signature Algorithm: sha256WithRSAEncryption
8a:a1:9c:36:2d:bc:e3:3d:88:d8:d0:d5:22:8a:0e:55:5f:a0:
79:3b:e7:ec:87:c4:96:99:60:a8:9e:fa:c4:9f:e8:58:ee:85:
80:30:b7:63:f0:fd:54:c2:4c:e5:95:37:6a:ef:50:01:02:95:
32:52:78:dc:9a:8d:44:39:98:29:80:29:48:af:ba:ee:13:cf:
23:65:3a:75:29:d2:fa:0a:61:16:8b:2c:99:b4:7b:84:18:61:
da:b6:94:a5:17:0d:9c:f1:38:59:5e:cb:00:ad:d1:6f:70:79:
6b:70:dc:92:66:0c:2f:de:71:e0:da:4f:9d:c4:ef:61:72:f5:
5a:48:3f:65:43:f9:7b:dd:1e:0e:c2:35:43:98:fd:cf:93:4e:
dd:0d:c7:ad:17:6c:f6:2c:f1:31:6c:78:89:95:4c:12:ec:01:
a0:da:5a:f5:60:3d:48:59:e0:ea:d9:4e:e3:93:fa:40:5d:ee:
f9:c2:c9:2d:08:61:16:d7:fc:53:70:ec:b1:eb:92:a9:a1:68:
39:38:fd:d3:19:b5:5f:2d:6c:07:14:8c:de:43:83:1d:53:be:
92:59:80:ae:35:b2:6e:b5:1e:c9:cd:56:db:45:fd:87:ac:48:
38:9b:43:59:1b:45:cc:67:7f:93:cb:92:76:a5:3e:5c:08:40:
d6:de:db:10
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZCNhxZ8IeCLrhDmqp7zNr++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjQwNzA3MTQwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDU3YzZhNmY1ZGVlOTU3MjgxZmUzZTBlM2UwMjdkYjQxZmI5NTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo40unZ+JDvX0U5bTYvgV1aPaEQ/0
GMU4QQZaby0FO3MWQ4qm8L5iylYnBVH9cOaDMqgl0vVtSfxaWeQG7UDoTxrHAU1M
XLqIsyMpdWsjhtArqJJ1mh19TaMA4fyIulx458+DVxyR1qjQ+dQ2kXSmCuWzMDH+
aVO2VyrAY10iLOWf+nSOsvrkewbkNDh+ABU39sPcW7qBIdlnsFzRNpXMmXUOwpsT
Uk7iMLlAHvACziesx6qgNZG+HeJOHGAScoW/qXlKZTJTyTfTHlfh7oWdNgRIH6+F
6zEBzkrBEXLblQfEp1SZXuxoeIJ0Kg39P2vMPzqN0fwaIG3Y8utj6iKnxQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFL1Xxqb13ulXKB/j4OPgJ9tB+5U+MB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvdlZmR3B2WGU2VmNvSC1QZzQtQW4yMEg3bFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQC1DwIMA4E
AgACMAgDBgUqCQgAIDANBgkqhkiG9w0BAQsFAAOCAQEAiqGcNi284z2I2NDVIooO
VV+geTvn7IfElplgqJ76xJ/oWO6FgDC3Y/D9VMJM5ZU3au9QAQKVMlJ43JqNRDmY
KYApSK+67hPPI2U6dSnS+gphFossmbR7hBhh2raUpRcNnPE4WV7LAK3Rb3B5a3Dc
kmYML95x4NpPncTvYXL1Wkg/ZUP5e90eDsI1Q5j9z5NO3Q3HrRds9izxMWx4iZVM
EuwBoNpa9WA9SFng6tlO45P6QF3u+cLJLQhhFtf8U3DsseuSqaFoOTj90xm1Xy1s
BxSM3kODHVO+klmArjWybrUeyc1W20X9h6xIOJtDWRtFzGd/k8uSdqU+XAhA1t7b
EA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:35 2025 by rpki-client