Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3sdHxiMHDh2STbkoA8hfxA0ODt0.roa
File: 3sdHxiMHDh2STbkoA8hfxA0ODt0.roa (raw, json)
Hash identifier: wpY51G2AojCAt1n3wyYDxkzmUai1yiGzAu3MQRSYr+U=
Subject key identifier: DE:C7:47:C6:23:07:0E:1D:92:4D:B9:28:03:C8:5F:C4:0D:0E:0E:DD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D2CCA4D04252BC428539BFB4C266BA276
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3sdHxiMHDh2STbkoA8hfxA0ODt0.roa
Signing time: Sun 21 Jan 2024 16:11:11 +0000
ROA not before: Sun 21 Jan 2024 16:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 16:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2c:ca:4d:04:25:2b:c4:28:53:9b:fb:4c:26:6b:a2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 21 16:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dec747c623070e1d924db92803c85fc40d0e0edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ef:8a:70:33:50:39:8c:ed:9f:c6:24:40:39:
53:37:d4:87:98:45:43:dc:43:44:da:69:d3:f0:fe:
30:9b:6c:bc:a1:42:d5:9b:5a:b3:74:85:de:e0:43:
a3:8b:25:d3:7b:4c:bf:c4:03:9c:5e:e0:0b:dc:9e:
24:0d:1b:f8:8e:26:ee:d6:ce:51:7b:45:fb:51:83:
99:3c:1c:e9:e1:68:f3:a1:1d:71:81:41:17:79:75:
86:ad:4d:98:b6:69:e5:21:ed:64:20:24:d9:8a:e8:
83:17:3e:ce:9f:96:bc:65:6b:12:9c:78:b5:71:00:
e3:47:61:90:9f:4a:0e:61:ac:e2:3f:96:63:c1:80:
4b:0d:0d:e8:b2:54:c5:83:f2:db:a3:ca:96:4f:0c:
bd:56:00:bc:5e:f8:1a:a3:0c:88:6d:be:69:0d:d0:
07:3f:2e:c9:ff:b0:4b:39:38:3f:6b:a4:45:fd:9d:
2d:58:0c:46:0f:b2:e6:c9:c9:b8:c9:bd:b4:8c:1b:
c8:4a:5f:4e:b8:88:7d:ac:4f:ef:7a:6e:74:26:f3:
58:18:71:14:af:56:56:bb:69:25:11:29:a3:fa:74:
76:a8:dc:53:a2:2b:95:bd:72:90:fe:d4:25:bd:aa:
f7:96:86:f8:80:db:e4:76:ae:9d:fd:9d:8c:09:9c:
75:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C7:47:C6:23:07:0E:1D:92:4D:B9:28:03:C8:5F:C4:0D:0E:0E:DD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3sdHxiMHDh2STbkoA8hfxA0ODt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0-192.124.182.255
192.124.190.0/24
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a9:fc:72:c5:02:0a:14:1d:17:c0:16:01:c2:a9:df:84:cd:
91:b2:df:c8:e0:12:f1:f5:bc:c8:35:c2:6e:60:dc:8b:26:21:
28:7a:63:bc:a0:ec:f8:5b:da:21:e4:cd:55:37:77:29:43:96:
cf:5d:08:fc:fe:2d:e5:54:47:ef:2e:66:9a:7b:21:01:88:8f:
28:f6:fd:6d:07:b5:49:77:19:99:30:3c:dd:e7:69:c0:5e:31:
c9:ab:b7:7d:87:3b:8f:3e:6c:e5:80:04:25:5b:31:67:96:82:
33:a4:ac:c2:5c:f3:ce:f1:1b:86:d6:fc:98:54:dc:89:ab:89:
6c:9c:0c:35:d6:8d:58:7d:0a:88:b3:14:ab:b2:34:71:07:70:
86:b2:73:98:54:a6:db:ef:98:72:02:7c:f0:0a:c2:ce:a1:87:
d6:e1:ee:00:a9:7a:c1:b9:83:a0:8e:7b:a9:4a:e0:5a:31:cf:
42:2a:38:12:49:3c:c6:c3:8e:9c:e5:ef:ac:90:9d:a6:e1:2a:
49:f3:6b:55:1a:22:63:cb:4c:39:b3:0f:53:b7:fa:8d:cd:2b:
d3:69:fb:48:b3:5a:f9:7f:fb:8f:42:b9:d4:1e:d4:e3:5c:a9:
13:bc:2f:90:20:9b:24:d4:63:f7:71:45:d1:2e:b6:ec:65:b2:
e4:08:25:a0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY0syk0EJSvEKFOb+0wma6J2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIxMTYxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWM3NDdjNjIzMDcwZTFkOTI0ZGI5MjgwM2M4NWZjNDBkMGUwZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e+KcDNQOYztn8YkQDlTN9SHmEVD
3ENE2mnT8P4wm2y8oULVm1qzdIXe4EOjiyXTe0y/xAOcXuAL3J4kDRv4jibu1s5R
e0X7UYOZPBzp4WjzoR1xgUEXeXWGrU2YtmnlIe1kICTZiuiDFz7On5a8ZWsSnHi1
cQDjR2GQn0oOYaziP5ZjwYBLDQ3oslTFg/Lbo8qWTwy9VgC8XvgaowyIbb5pDdAH
Py7J/7BLOTg/a6RF/Z0tWAxGD7Lmycm4yb20jBvISl9OuIh9rE/vem50JvNYGHEU
r1ZWu2klESmj+nR2qNxToiuVvXKQ/tQlvar3lob4gNvkdq6d/Z2MCZx1VwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN7HR8YjBw4dkk25KAPIX8QNDg7dMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM3NkSHhpTUhEaDJTVGJrb0E4aGZ4QTBPRHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBALAfLQD
BADAfLYDBADAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEBAF6p/HLF
AgoUHRfAFgHCqd+EzZGy38jgEvH1vMg1wm5g3IsmISh6Y7yg7Phb2iHkzVU3dylD
ls9dCPz+LeVUR+8uZpp7IQGIjyj2/W0HtUl3GZkwPN3nacBeMcmrt32HO48+bOWA
BCVbMWeWgjOkrMJc887xG4bW/JhU3ImriWycDDXWjVh9CoizFKuyNHEHcIayc5hU
ptvvmHICfPAKws6hh9bh7gCpesG5g6COe6lK4Foxz0IqOBJJPMbDjpzl76yQnabh
Kknza1UaImPLTDmzD1O3+o3NK9Np+0izWvl/+49CudQe1ONcqRO8L5AgmyTUY/dx
RdEutuxlsuQIJaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:05 2024 by rpki-client on console-fra.rpki-client.org