Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3oow4XmYCD1ZbVhLUlT2FABp4IY.roa
File: 3oow4XmYCD1ZbVhLUlT2FABp4IY.roa (raw, json)
Hash identifier: 2er8j5Vio340gIyxMV959DV9u+Q2tFf1RHbCa73oo4Y=
Subject key identifier: DE:8A:30:E1:79:98:08:3D:59:6D:58:4B:52:54:F6:14:00:69:E0:86
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F67094D2D5B0CC96D898D48B3FD373B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3oow4XmYCD1ZbVhLUlT2FABp4IY.roa
Signing time: Sun 01 Jan 2023 22:15:01 +0000
ROA not before: Sun 01 Jan 2023 22:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 192.124.177.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:09:4d:2d:5b:0c:c9:6d:89:8d:48:b3:fd:37:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de8a30e17998083d596d584b5254f6140069e086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:40:6e:e2:ca:63:23:cd:05:eb:6c:53:c7:
0c:55:36:50:c5:cc:55:1a:d2:82:16:9d:43:4b:f1:
d5:a6:cb:50:12:4a:24:16:0b:58:0f:51:ec:d8:ed:
2a:5e:84:17:ad:0c:fc:e5:9d:0d:cb:81:49:6f:75:
21:c7:ed:e0:b0:c2:5d:b5:09:a6:b3:e4:06:eb:2c:
8d:03:20:c7:62:50:68:62:c3:8c:c6:f5:0b:87:5d:
8b:43:e1:e4:72:5e:16:b5:f0:61:00:5a:c4:38:ff:
b3:9b:10:4f:92:df:9e:f5:81:e4:26:70:a7:26:82:
af:02:ea:fa:5e:70:c9:b4:9b:20:f1:80:ef:3d:99:
c3:1d:0e:c2:52:da:5c:a1:77:8f:30:05:27:fd:f9:
89:47:5a:a9:60:3a:7c:ec:ec:74:d8:dd:72:93:dd:
01:6d:7e:d4:e0:cf:e9:06:4e:e0:05:db:0a:e4:2b:
f7:38:5e:a3:53:87:32:a1:fc:3b:79:fa:4d:19:e8:
cc:bc:56:d6:33:fd:8a:88:d7:c9:4d:e0:a3:f1:31:
7a:ab:3b:8f:e8:b8:a9:55:6e:b3:bb:0e:17:4c:df:
af:5c:5c:68:13:47:7c:3c:72:8b:f2:14:55:6a:ed:
7c:36:de:c3:8b:69:9e:2b:e4:00:32:24:82:d8:cf:
f4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8A:30:E1:79:98:08:3D:59:6D:58:4B:52:54:F6:14:00:69:E0:86
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3oow4XmYCD1ZbVhLUlT2FABp4IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.177.0/24
Signature Algorithm: sha256WithRSAEncryption
93:b8:80:32:44:fd:a6:f9:13:ee:a8:7d:ca:9a:b9:6a:33:de:
f5:6d:6c:9d:e4:7b:ba:7c:dc:b4:16:84:13:44:4d:aa:bb:f5:
81:5f:38:78:07:d0:eb:1b:6c:fb:f6:23:cc:a4:18:f2:7c:da:
15:75:a4:12:c1:04:81:38:7b:86:51:f1:a8:03:9c:23:e6:42:
92:72:81:ac:ff:74:96:e3:0a:fe:35:6d:ee:c9:79:8a:80:fe:
b4:ca:dc:26:fe:83:bd:24:8c:f8:98:39:07:ea:8c:9b:e6:76:
b1:81:99:2a:04:41:7a:7b:e6:e9:5b:39:19:ab:53:71:71:29:
a3:14:29:19:c2:53:49:a0:04:98:ce:71:80:f2:cc:88:66:cb:
a6:09:7b:93:e9:cc:5f:ee:50:2b:e1:49:c6:43:04:60:f7:32:
05:80:eb:27:91:aa:5c:6f:09:4e:56:e1:b8:11:1a:75:a1:fa:
a7:d2:35:71:b2:d7:dc:d7:ce:74:89:06:5b:5e:95:4a:6e:b5:
e8:c6:35:f3:8e:92:ee:e6:2a:20:77:68:2b:3a:df:1a:63:11:
15:fe:bf:f0:b7:44:4e:60:2e:e8:d1:9a:28:b6:46:73:a0:7a:
4d:03:8f:3d:d9:56:e2:51:0c:bd:de:a6:97:e6:c8:c5:22:1e:
65:98:6c:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZwlNLVsMyW2JjUiz/Tc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThhMzBlMTc5OTgwODNkNTk2ZDU4NGI1MjU0ZjYxNDAwNjllMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6tAbuLKYyPNBetsU8cMVTZQxcxV
GtKCFp1DS/HVpstQEkokFgtYD1Hs2O0qXoQXrQz85Z0Ny4FJb3Uhx+3gsMJdtQmm
s+QG6yyNAyDHYlBoYsOMxvULh12LQ+Hkcl4WtfBhAFrEOP+zmxBPkt+e9YHkJnCn
JoKvAur6XnDJtJsg8YDvPZnDHQ7CUtpcoXePMAUn/fmJR1qpYDp87Ox02N1yk90B
bX7U4M/pBk7gBdsK5Cv3OF6jU4cyofw7efpNGejMvFbWM/2KiNfJTeCj8TF6qzuP
6LipVW6zuw4XTN+vXFxoE0d8PHKL8hRVau18Nt7Di2meK+QAMiSC2M/02wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6KMOF5mAg9WW1YS1JU9hQAaeCGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM29vdzRYbVlDRDFaYlZoTFVsVDJGQUJwNElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHyxMA0G
CSqGSIb3DQEBCwUAA4IBAQCTuIAyRP2m+RPuqH3KmrlqM971bWyd5Hu6fNy0FoQT
RE2qu/WBXzh4B9DrG2z79iPMpBjyfNoVdaQSwQSBOHuGUfGoA5wj5kKScoGs/3SW
4wr+NW3uyXmKgP60ytwm/oO9JIz4mDkH6oyb5naxgZkqBEF6e+bpWzkZq1NxcSmj
FCkZwlNJoASYznGA8syIZsumCXuT6cxf7lAr4UnGQwRg9zIFgOsnkapcbwlOVuG4
ERp1ofqn0jVxstfc1850iQZbXpVKbrXoxjXzjpLu5iogd2grOt8aYxEV/r/wt0RO
YC7o0ZootkZzoHpNA4892VbiUQy93qaX5sjFIh5lmGxd
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:20 2024 by rpki-client on console-fra.rpki-client.org