Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/no3_d-oWaSROOVHal_C_-IHiLN0.roa
File: no3_d-oWaSROOVHal_C_-IHiLN0.roa (raw, json)
Hash identifier: VrqXSc0E4GpkQddRlgPzUkfsPn2mQyo3Gd90mYyaCAQ=
Subject key identifier: 9E:8D:FF:77:EA:16:69:24:4E:39:51:DA:97:F0:BF:F8:81:E2:2C:DD
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 01856B80F64B8823B6C6925EF8BEA4F180DF
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/no3_d-oWaSROOVHal_C_-IHiLN0.roa
Signing time: Sun 01 Jan 2023 04:04:51 +0000
ROA not before: Sun 01 Jan 2023 04:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3741
IP address blocks: 192.109.144.0/24 maxlen: 24
2a07:8146::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:f6:4b:88:23:b6:c6:92:5e:f8:be:a4:f1:80:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 04:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e8dff77ea1669244e3951da97f0bff881e22cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:60:1f:ea:52:bb:b9:a1:52:cc:18:f7:31:
72:cf:3b:56:85:fb:b4:3f:fd:0e:9a:47:6c:87:27:
35:c6:95:4a:13:63:0f:16:40:90:d6:28:2f:93:ca:
ad:ef:57:4a:b0:48:aa:84:18:87:27:af:cd:46:08:
5a:7c:3d:a3:11:20:4a:57:95:a4:b6:a1:08:c0:26:
59:7c:11:96:68:cd:76:72:4c:18:2a:33:b6:8c:e7:
f9:35:cd:bb:b0:78:38:fa:2d:a5:a5:cb:00:10:74:
f6:8e:36:28:5b:ed:ee:7d:4e:f7:5e:8b:57:7e:43:
b6:3b:45:e6:92:a5:aa:52:85:d4:ae:c9:0a:65:33:
92:1e:d4:74:3f:a8:34:e1:6d:ea:69:bb:ea:44:23:
a8:a9:e1:d2:97:62:1c:6f:76:af:f5:25:e3:9e:fd:
58:77:8a:e3:07:2a:24:63:10:64:8a:c1:cd:cf:8c:
ea:23:6a:52:91:2a:6e:68:1f:50:ee:9b:b5:26:41:
6b:a9:63:d5:88:0a:bb:cd:ef:9c:c4:62:88:72:45:
77:47:36:8f:f2:6a:b1:88:18:92:00:0e:a8:e9:cf:
22:45:b1:13:c6:2a:bf:a9:16:89:87:98:64:ee:61:
d9:f0:0a:a3:ba:d0:8c:37:a8:b8:05:03:a8:81:99:
10:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8D:FF:77:EA:16:69:24:4E:39:51:DA:97:F0:BF:F8:81:E2:2C:DD
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/no3_d-oWaSROOVHal_C_-IHiLN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.144.0/24
IPv6:
2a07:8146::/36
Signature Algorithm: sha256WithRSAEncryption
2b:d9:c5:5a:c6:8b:da:14:f5:ad:7c:e1:80:ff:61:cf:47:92:
75:0a:1c:5f:96:40:af:85:c0:b9:6e:da:d3:b8:80:0c:84:90:
b4:2d:61:dd:f1:51:c6:1d:fe:8f:df:24:db:1d:4b:f5:95:f3:
e1:9a:64:da:5c:f2:4d:9f:00:81:2d:bf:e5:74:19:14:66:80:
0b:1b:ea:37:ce:32:99:b4:1d:e7:6a:cf:7f:e5:17:db:dd:fc:
52:75:6e:3d:6c:80:d2:20:d2:b6:d7:ab:1b:f8:a3:b4:7b:67:
1a:2b:1d:d2:f7:ec:85:31:31:8e:e0:be:21:42:9d:93:95:a1:
1e:d1:dd:f9:d7:c3:4d:32:61:a4:0a:02:2e:ee:b3:5e:62:94:
e2:f3:ef:b5:64:d5:50:46:06:cd:57:95:88:ce:aa:08:e2:49:
a3:5c:a3:af:e4:cf:90:a3:f6:b9:6c:9a:e7:ce:07:cf:58:1e:
20:41:1b:0e:7a:c3:d5:e1:a4:73:55:d3:53:a6:7c:a2:d3:b3:
f0:81:39:66:c3:3b:f4:fe:cb:76:47:3b:7a:91:38:8e:cd:39:
80:76:d0:00:db:96:aa:b3:ed:17:f3:02:83:36:10:9e:c6:dc:
b1:45:d3:55:d1:87:ce:a1:d6:36:23:6b:49:b1:f4:2f:a0:f7:
82:82:20:75
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVrgPZLiCO2xpJe+L6k8YDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjMwMTAxMDQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZThkZmY3N2VhMTY2OTI0NGUzOTUxZGE5N2YwYmZmODgxZTIyY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNpgH+pSu7mhUswY9zFyzztWhfu0
P/0Omkdshyc1xpVKE2MPFkCQ1igvk8qt71dKsEiqhBiHJ6/NRghafD2jESBKV5Wk
tqEIwCZZfBGWaM12ckwYKjO2jOf5Nc27sHg4+i2lpcsAEHT2jjYoW+3ufU73XotX
fkO2O0XmkqWqUoXUrskKZTOSHtR0P6g04W3qabvqRCOoqeHSl2Icb3av9SXjnv1Y
d4rjByokYxBkisHNz4zqI2pSkSpuaB9Q7pu1JkFrqWPViAq7ze+cxGKIckV3RzaP
8mqxiBiSAA6o6c8iRbETxiq/qRaJh5hk7mHZ8AqjutCMN6i4BQOogZkQ5wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJ6N/3fqFmkkTjlR2pfwv/iB4izdMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvbm8zX2Qtb1dhU1JPT1ZIYWxfQ18tSUhpTE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwG2QMA4E
AgACMAgDBgQqB4FGADANBgkqhkiG9w0BAQsFAAOCAQEAK9nFWsaL2hT1rXzhgP9h
z0eSdQocX5ZAr4XAuW7a07iADISQtC1h3fFRxh3+j98k2x1L9ZXz4Zpk2lzyTZ8A
gS2/5XQZFGaACxvqN84ymbQd52rPf+UX2938UnVuPWyA0iDStterG/ijtHtnGisd
0vfshTExjuC+IUKdk5WhHtHd+dfDTTJhpAoCLu6zXmKU4vPvtWTVUEYGzVeViM6q
COJJo1yjr+TPkKP2uWya584Hz1geIEEbDnrD1eGkc1XTU6Z8otOz8IE5ZsM79P7L
dkc7epE4js05gHbQANuWqrPtF/MCgzYQnsbcsUXTVdGHzqHWNiNrSbH0L6D3goIg
dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:56 2024 by rpki-client on console-ams.rpki-client.org