Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/ghFrLt7E9G4fMRz8B49kg3qeRbg.roa
File: ghFrLt7E9G4fMRz8B49kg3qeRbg.roa (raw, json)
Hash identifier: MbtEC2YPy9Iq1o5TGoEopejfAAWO/HggYO86greXUgQ=
Subject key identifier: 82:11:6B:2E:DE:C4:F4:6E:1F:31:1C:FC:07:8F:64:83:7A:9E:45:B8
Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Certificate serial: 018F3109AB0199BF1B588CFD7A5DC02B95D1
Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/ghFrLt7E9G4fMRz8B49kg3qeRbg.roa
Signing time: Tue 30 Apr 2024 22:04:28 +0000
ROA not before: Tue 30 Apr 2024 22:04:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12840
IP address blocks: 212.109.96.0/20 maxlen: 20
212.109.96.0/24 maxlen: 24
212.109.107.0/24 maxlen: 24
212.109.112.0/22 maxlen: 22
212.109.112.0/24 maxlen: 24
212.109.113.0/24 maxlen: 24
212.109.114.0/24 maxlen: 24
212.109.115.0/24 maxlen: 24
212.109.120.0/23 maxlen: 23
212.109.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 20:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:09:ab:01:99:bf:1b:58:8c:fd:7a:5d:c0:2b:95:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e
Validity
Not Before: Apr 30 22:04:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82116b2edec4f46e1f311cfc078f64837a9e45b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:1c:5a:47:e0:0d:31:af:72:07:37:5d:be:
66:a8:b0:6d:04:e8:c7:6b:9a:69:f8:36:a0:fe:a1:
41:de:b9:05:60:35:78:79:90:9e:45:bd:b3:0a:05:
27:64:6d:aa:46:ca:a0:59:4e:e8:1b:54:d7:77:91:
7e:18:f1:3a:e7:ee:e2:1c:4a:52:ae:38:75:a9:e4:
0d:6a:cd:b8:b6:42:e2:c9:e0:ca:07:3d:71:6e:ad:
08:67:b0:f2:24:13:5c:43:fb:59:dc:e0:86:20:e9:
3e:e3:69:d2:18:1d:94:56:31:99:65:5d:e8:23:e1:
e4:45:55:54:1b:5d:b0:a8:43:52:e7:17:69:3a:3f:
16:7c:88:f0:cc:20:0b:f7:be:28:ed:b6:be:3a:3a:
5e:d5:a1:a3:ad:8c:d7:04:6b:73:12:5f:dc:e4:3f:
46:d2:2f:76:c2:e6:98:c3:8e:a4:f0:1b:db:39:dc:
7c:d2:39:b1:c2:50:93:4a:39:7a:b0:31:96:ca:8e:
f9:2c:cc:fb:e4:d3:73:e8:95:82:e2:dc:c4:66:47:
d5:23:95:c4:bf:d8:a6:b4:fc:9a:c3:af:80:ff:34:
cc:b5:85:c4:b7:30:26:de:f3:3e:5e:91:ea:e5:b1:
28:3d:65:9f:48:c3:f0:a8:df:22:03:ca:ec:58:2c:
88:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:11:6B:2E:DE:C4:F4:6E:1F:31:1C:FC:07:8F:64:83:7A:9E:45:B8
X509v3 Authority Key Identifier:
keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/ghFrLt7E9G4fMRz8B49kg3qeRbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.96.0-212.109.115.255
212.109.120.0/23
212.109.123.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:0d:aa:e3:c0:1a:16:bd:91:ac:c2:ce:11:53:7a:f1:e2:31:
f2:e8:a7:e1:bd:03:61:56:72:f1:bd:01:22:95:75:ac:47:4f:
97:b7:46:e0:96:21:55:84:da:54:35:10:d2:c6:da:53:c2:b0:
b2:06:9d:44:19:c4:5a:43:3a:3f:79:b3:cb:a9:a6:50:64:11:
ef:a9:ad:bb:d9:8d:5d:43:65:90:23:f5:34:36:26:e8:2b:56:
64:6b:fc:cd:49:e8:40:4a:5d:cb:ae:be:5c:bb:89:e7:63:63:
4a:b9:24:e2:90:d6:65:64:07:a9:ad:d3:ee:3b:62:02:15:0f:
d4:e9:32:4b:4c:f0:e2:58:f7:2c:9f:db:6e:15:36:f7:c6:cc:
00:c8:fb:05:b7:c2:9a:22:ea:6e:78:b2:de:49:20:9c:b0:71:
25:28:c9:0a:f0:14:70:c8:35:2b:8c:e3:61:03:ae:64:ea:25:
a1:12:22:12:24:7d:b5:a4:73:b6:95:06:13:b4:f2:73:e1:96:
23:a8:ea:ca:88:4d:fc:ac:9f:e5:b4:57:56:40:86:6f:08:af:
03:a0:6a:eb:c5:1e:88:df:0e:93:57:3f:83:7f:2a:c8:f9:85:
fc:ac:2b:d0:b2:b5:4a:4a:93:90:55:11:12:71:ab:ce:1e:df:
fe:eb:aa:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8xCasBmb8bWIz9el3AK5XRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm
ZTliNGUwHhcNMjQwNDMwMjIwNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjExNmIyZWRlYzRmNDZlMWYzMTFjZmMwNzhmNjQ4MzdhOWU0NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3gcWkfgDTGvcgc3Xb5mqLBtBOjH
a5pp+Dag/qFB3rkFYDV4eZCeRb2zCgUnZG2qRsqgWU7oG1TXd5F+GPE65+7iHEpS
rjh1qeQNas24tkLiyeDKBz1xbq0IZ7DyJBNcQ/tZ3OCGIOk+42nSGB2UVjGZZV3o
I+HkRVVUG12wqENS5xdpOj8WfIjwzCAL974o7ba+Ojpe1aGjrYzXBGtzEl/c5D9G
0i92wuaYw46k8BvbOdx80jmxwlCTSjl6sDGWyo75LMz75NNz6JWC4tzEZkfVI5XE
v9imtPyaw6+A/zTMtYXEtzAm3vM+XpHq5bEoPWWfSMPwqN8iA8rsWCyInwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIIRay7exPRuHzEc/AePZIN6nkW4MB8GA1UdIwQY
MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt
ODljMmY2NjZlOTA1LzEvZ2hGckx0N0U5RzRmTVJ6OEI0OWtnM3FlUmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1
LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAXUbWAD
BALUbXADBAHUbXgDBADUbXswDQYJKoZIhvcNAQELBQADggEBAG0NquPAGha9kazC
zhFTevHiMfLop+G9A2FWcvG9ASKVdaxHT5e3RuCWIVWE2lQ1ENLG2lPCsLIGnUQZ
xFpDOj95s8upplBkEe+prbvZjV1DZZAj9TQ2JugrVmRr/M1J6EBKXcuuvly7iedj
Y0q5JOKQ1mVkB6mt0+47YgIVD9TpMktM8OJY9yyf224VNvfGzADI+wW3wpoi6m54
st5JIJywcSUoyQrwFHDINSuM42EDrmTqJaESIhIkfbWkc7aVBhO08nPhliOo6sqI
Tfysn+W0V1ZAhm8IrwOgauvFHojfDpNXP4N/Ksj5hfysK9CytUpKk5BVERJxq84e
3/7rqlk=
-----END CERTIFICATE-----
Generated at Sun May 12 00:32:59 2024 by rpki-client on console.sobornost.net