Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-cGOQ2eHs-6idvC8lchWuJBB3dQ.roa
File: 1-cGOQ2eHs-6idvC8lchWuJBB3dQ.roa (raw, json)
Hash identifier: a1rT2IEZG0QTMa3ia3WBnviU2iftzwo7y97vhSn4Q9g=
Subject key identifier: F9:C1:8E:43:67:87:B3:EE:A2:76:F0:BC:95:C8:56:B8:90:41:DD:D4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019137BA0AE7B89525C9CDD36A44CB109ED3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-cGOQ2eHs-6idvC8lchWuJBB3dQ.roa
Signing time: Fri 09 Aug 2024 15:20:24 +0000
ROA not before: Fri 09 Aug 2024 15:20:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198037
IP address blocks: 192.124.189.0/24 maxlen: 24
193.124.89.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 14:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:ba:0a:e7:b8:95:25:c9:cd:d3:6a:44:cb:10:9e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 9 15:20:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9c18e436787b3eea276f0bc95c856b89041ddd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6f:93:e6:63:bd:e3:3a:b7:36:0a:19:7e:2c:
da:94:b7:ad:1e:54:f7:bc:79:67:f8:80:46:9b:f4:
d2:0e:61:69:5d:52:35:c4:d7:cc:41:9e:8c:e5:72:
3c:b7:7a:9c:3d:95:91:c7:84:9c:10:c1:32:1e:94:
75:f5:1a:25:60:b5:38:5b:4f:01:94:fb:93:4b:c6:
10:7d:43:cb:7f:60:bf:61:e7:3c:d1:a0:26:c5:8c:
12:fb:89:af:f8:24:89:60:a6:5c:f3:67:ec:40:c2:
c3:5e:91:af:c2:ea:f8:3a:ba:b9:66:0b:c5:6f:b1:
a5:08:b8:86:74:c4:38:9f:4f:64:f6:cd:c8:0d:b2:
cb:1e:b5:ac:9c:ff:44:f6:1f:de:31:7e:ba:31:23:
9a:86:85:5e:67:f9:9e:25:90:80:71:5f:b3:5a:15:
35:17:03:51:9b:5b:01:6a:83:82:41:62:7c:50:42:
5c:96:3e:53:68:1c:be:3c:8b:b3:0c:79:6f:15:40:
b4:33:b8:bb:65:67:0a:3e:30:08:3a:d2:eb:a0:0b:
ce:0a:49:ae:c3:f7:30:78:3f:8d:93:01:5b:76:ce:
b9:ec:9a:83:a4:ec:49:fa:2c:dd:a7:91:fe:63:eb:
9c:0e:dd:a0:2e:ce:bf:ea:91:5d:ad:a7:08:ed:d1:
3b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C1:8E:43:67:87:B3:EE:A2:76:F0:BC:95:C8:56:B8:90:41:DD:D4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-cGOQ2eHs-6idvC8lchWuJBB3dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
193.124.89.0/24
194.58.41.0/24
194.87.25.0/24
194.87.73.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ac:17:49:80:6f:78:8d:51:5b:09:fb:b5:2f:04:b8:f4:18:
5c:2f:86:72:69:06:8e:ed:82:b7:ad:04:b6:31:3c:c9:20:4b:
6b:32:77:af:48:f8:fe:aa:55:19:35:a4:7b:b6:6c:cb:40:50:
c5:3a:68:cd:c6:90:23:3e:36:8a:fc:dd:96:b5:05:14:fc:d1:
04:db:33:6a:5b:2c:78:c7:61:e4:ca:87:92:e8:75:e3:92:dd:
57:11:0a:ee:3e:d7:2a:aa:5e:12:a4:ae:bc:08:39:ff:9a:d2:
76:45:b7:eb:e9:e8:f7:63:3b:b3:91:3e:3b:6f:b1:6d:9c:28:
e8:d2:1d:76:e3:08:eb:76:86:e6:74:f6:f2:a7:3c:f8:2f:2a:
3e:07:da:0e:83:d0:0a:12:1f:9c:3b:c3:9e:4e:34:22:e2:0a:
6d:ab:2d:27:13:64:71:d6:86:88:cf:23:50:07:ca:f3:0e:cb:
2a:33:98:8c:61:b3:20:66:f1:9d:95:48:4d:98:b6:03:41:e4:
07:04:59:3e:da:33:83:cb:6b:9a:3e:ae:9b:68:be:e1:4e:57:
e3:80:60:a8:03:a9:84:3b:15:50:3a:c8:9d:6d:ab:d7:ed:50:
8b:9f:3f:a1:23:88:0e:e8:fa:91:bc:c1:60:04:ef:93:06:5c:
a7:fa:98:4b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZE3ugrnuJUlyc3TakTLEJ7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODA5MTUyMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWMxOGU0MzY3ODdiM2VlYTI3NmYwYmM5NWM4NTZiODkwNDFkZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW+T5mO94zq3NgoZfizalLetHlT3
vHln+IBGm/TSDmFpXVI1xNfMQZ6M5XI8t3qcPZWRx4ScEMEyHpR19RolYLU4W08B
lPuTS8YQfUPLf2C/Yec80aAmxYwS+4mv+CSJYKZc82fsQMLDXpGvwur4Orq5ZgvF
b7GlCLiGdMQ4n09k9s3IDbLLHrWsnP9E9h/eMX66MSOahoVeZ/meJZCAcV+zWhU1
FwNRm1sBaoOCQWJ8UEJclj5TaBy+PIuzDHlvFUC0M7i7ZWcKPjAIOtLroAvOCkmu
w/cweD+NkwFbds657JqDpOxJ+izdp5H+Y+ucDt2gLs6/6pFdracI7dE72wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPnBjkNnh7PuonbwvJXIVriQQd3UMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1jR09RMmVIcy02aWR2QzhsY2hXdUpCQjNkUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAMB8vQME
AMF8WQMEAMI6KQMEAMJXGQMEAMJXSQMEAMOFVDANBgkqhkiG9w0BAQsFAAOCAQEA
SKwXSYBveI1RWwn7tS8EuPQYXC+GcmkGju2Ct60EtjE8ySBLazJ3r0j4/qpVGTWk
e7Zsy0BQxTpozcaQIz42ivzdlrUFFPzRBNszalsseMdh5MqHkuh145LdVxEK7j7X
KqpeEqSuvAg5/5rSdkW36+no92M7s5E+O2+xbZwo6NIdduMI63aG5nT28qc8+C8q
PgfaDoPQChIfnDvDnk40IuIKbastJxNkcdaGiM8jUAfK8w7LKjOYjGGzIGbxnZVI
TZi2A0HkBwRZPtozg8trmj6um2i+4U5X44BgqAOphDsVUDrInW2r1+1Qi58/oSOI
Duj6kbzBYATvkwZcp/qYSw==
-----END CERTIFICATE-----
Generated at Fri Nov 8 19:11:58 2024 by rpki-client on console-ams.rpki-client.org