Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4u8b7INGF_62tkocwR_8OoldtF8.roa
File: 4u8b7INGF_62tkocwR_8OoldtF8.roa (raw, json)
Hash identifier: ZlOJXLVd5kqjMMdTYrxaqHRgd9kVDi8Twt8Hd81QHcY=
Subject key identifier: E2:EF:1B:EC:83:46:17:FE:B6:B6:4A:1C:C1:1F:FC:3A:89:5D:B4:5F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D5652BF25D6AFBBC93C51DB32FFEE0B55
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4u8b7INGF_62tkocwR_8OoldtF8.roa
Signing time: Mon 29 Jan 2024 17:44:39 +0000
ROA not before: Mon 29 Jan 2024 17:44:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.124.180.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 08:08:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:52:bf:25:d6:af:bb:c9:3c:51:db:32:ff:ee:0b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 29 17:44:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2ef1bec834617feb6b64a1cc11ffc3a895db45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bc:b3:a0:de:d3:96:5b:52:11:41:a2:a1:b9:
e4:94:dd:e6:f9:01:7a:59:44:43:1a:92:a7:5c:c3:
79:b4:9c:ae:e4:52:23:50:62:fe:0f:25:46:65:fa:
01:b2:8f:7f:90:08:72:d0:58:10:08:35:99:71:e4:
e7:f0:38:8f:bf:1c:ec:61:94:54:8d:87:a1:0e:47:
55:d1:14:20:67:1d:4a:03:6d:26:b5:b6:ec:ab:bc:
6c:8e:8c:09:57:f1:d1:73:3a:a4:ee:9d:25:c0:e1:
b4:99:5d:e7:42:d6:7a:3d:32:ab:64:4a:82:ef:36:
1a:7a:f9:f5:78:96:13:19:59:d2:ed:6c:e3:56:23:
af:2e:fe:24:88:4b:d9:a4:d0:54:99:ec:75:95:47:
28:13:0e:75:eb:26:6f:36:44:dc:09:f5:32:5c:df:
02:5f:a4:13:7e:06:2b:96:d8:98:55:62:c1:2a:d8:
91:b6:0a:7c:ed:37:1f:cd:d4:3c:ba:2d:1b:cb:c4:
73:e0:16:6f:83:d4:9b:ce:5f:11:fb:80:2a:23:5e:
49:8a:3a:3a:14:56:41:bd:0d:34:ec:f9:d4:48:ef:
53:a6:55:89:65:ba:a7:4a:ce:fe:5a:25:3f:78:89:
c7:2e:f0:37:4e:fb:50:ab:f4:ee:a8:ae:6a:9d:13:
13:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EF:1B:EC:83:46:17:FE:B6:B6:4A:1C:C1:1F:FC:3A:89:5D:B4:5F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4u8b7INGF_62tkocwR_8OoldtF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f2:d1:26:c7:a2:ca:34:4e:cb:2f:31:c7:97:b8:fe:80:d4:
b7:74:94:f5:a0:00:e7:51:4b:11:05:5e:2b:22:5e:64:94:b6:
9b:35:88:8f:75:fc:13:1f:f8:2f:28:8b:14:39:24:18:0b:ed:
d8:42:57:d6:dd:da:59:5e:b3:6d:cb:e6:a8:43:83:b6:d2:4c:
77:50:43:cd:80:1f:88:5b:18:90:51:e7:f9:12:7d:47:38:86:
81:9f:b8:be:f0:68:d8:a9:d6:ac:bb:2a:af:ad:77:29:13:1a:
66:5e:20:49:4f:09:31:3d:b7:1d:e8:3f:f3:bc:59:b7:da:c3:
ff:ad:f2:36:e2:e9:8c:40:5e:69:27:cb:a3:b8:e1:26:43:e1:
8e:1f:51:ca:52:05:eb:4e:67:46:19:0c:0d:1a:3a:a3:67:19:
2a:0d:6a:0e:73:bc:ea:6f:8a:02:a7:d8:44:76:18:ed:c4:a3:
64:8c:3a:33:ca:38:ec:1f:77:40:2b:dd:3c:62:85:37:e6:f2:
23:ae:b9:8e:ba:8d:c9:c9:a1:bf:9c:b6:a0:3d:cc:bd:80:44:
a0:0a:98:f5:41:02:1c:32:42:8f:a5:64:30:03:13:99:d8:93:
80:17:10:07:5f:e7:35:86:ac:af:83:2c:7e:87:b6:b8:8f:cd:
18:c1:44:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1WUr8l1q+7yTxR2zL/7gtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTI5MTc0NDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVmMWJlYzgzNDYxN2ZlYjZiNjRhMWNjMTFmZmMzYTg5NWRiNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbyzoN7TlltSEUGiobnklN3m+QF6
WURDGpKnXMN5tJyu5FIjUGL+DyVGZfoBso9/kAhy0FgQCDWZceTn8DiPvxzsYZRU
jYehDkdV0RQgZx1KA20mtbbsq7xsjowJV/HRczqk7p0lwOG0mV3nQtZ6PTKrZEqC
7zYaevn1eJYTGVnS7WzjViOvLv4kiEvZpNBUmex1lUcoEw516yZvNkTcCfUyXN8C
X6QTfgYrltiYVWLBKtiRtgp87TcfzdQ8ui0by8Rz4BZvg9Sbzl8R+4AqI15Jijo6
FFZBvQ007PnUSO9TplWJZbqnSs7+WiU/eInHLvA3TvtQq/TuqK5qnRMT+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOLvG+yDRhf+trZKHMEf/DqJXbRfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNHU4YjdJTkdGXzYydGtvY3dSXzhPb2xkdEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHy0AwQA
1MDdMA0GCSqGSIb3DQEBCwUAA4IBAQBy8tEmx6LKNE7LLzHHl7j+gNS3dJT1oADn
UUsRBV4rIl5klLabNYiPdfwTH/gvKIsUOSQYC+3YQlfW3dpZXrNty+aoQ4O20kx3
UEPNgB+IWxiQUef5En1HOIaBn7i+8GjYqdasuyqvrXcpExpmXiBJTwkxPbcd6D/z
vFm32sP/rfI24umMQF5pJ8ujuOEmQ+GOH1HKUgXrTmdGGQwNGjqjZxkqDWoOc7zq
b4oCp9hEdhjtxKNkjDozyjjsH3dAK908YoU35vIjrrmOuo3JyaG/nLagPcy9gESg
Cpj1QQIcMkKPpWQwAxOZ2JOAFxAHX+c1hqyvgyx+h7a4j80YwUTf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org