Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Cckc6wdSbHGVdB9khXSWMT0XWms.roa
File: Cckc6wdSbHGVdB9khXSWMT0XWms.roa (raw, json)
Hash identifier: Qkq/4mwI5RVd1RIJdFMMQulGhK0EULTvPkYuEZ5ESdw=
Subject key identifier: 09:C9:1C:EB:07:52:6C:71:95:74:1F:64:85:74:96:31:3D:17:5A:6B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185A0D08A2907815FFE60317DCD1709EC8C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Cckc6wdSbHGVdB9khXSWMT0XWms.roa
Signing time: Wed 11 Jan 2023 12:31:39 +0000
ROA not before: Wed 11 Jan 2023 12:31:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 192.124.177.0/24 maxlen: 24
192.124.175.0/24 maxlen: 24
212.193.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 09:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:d0:8a:29:07:81:5f:fe:60:31:7d:cd:17:09:ec:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 11 12:31:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09c91ceb07526c7195741f64857496313d175a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:54:7e:fb:eb:48:c6:d7:46:2e:ca:d6:8a:03:
6a:df:9f:d7:1f:03:0e:6d:a2:c3:3f:11:d0:4e:53:
cb:d7:b2:90:65:c4:d2:e3:03:1a:b5:57:88:5b:be:
89:8f:20:b6:65:21:84:da:d6:29:4e:7c:93:dd:49:
6d:8e:30:e9:2b:cb:f3:31:d5:d8:54:42:da:8e:44:
a1:96:c5:8c:37:2a:b4:8f:15:ff:e4:de:00:33:88:
e9:a9:29:89:56:12:a9:08:f9:d8:21:c6:87:92:b2:
65:38:00:61:6f:21:7b:0a:cb:ec:e8:a0:69:66:a9:
8e:50:a7:50:f1:4c:d7:54:65:71:39:05:79:5a:c2:
b6:ce:ea:b1:a2:7b:ae:b1:2a:4b:ab:dd:d3:0c:83:
f6:77:ae:61:84:14:e3:47:d3:4e:68:c6:98:fc:97:
44:13:e8:d7:d4:5c:1d:d9:0f:fd:c3:00:4a:94:25:
8b:90:be:31:0d:b6:3a:71:93:fe:9b:03:62:89:11:
1e:64:be:1d:4c:73:a6:d4:36:40:72:08:1c:da:0c:
32:d7:0c:cc:bf:14:b2:f6:c3:3b:72:fe:75:ae:59:
f3:56:a2:3a:c6:6f:c4:4a:80:19:74:2a:f0:30:59:
bd:64:e3:7d:1e:69:bf:28:fc:e7:b7:56:21:d7:7d:
37:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C9:1C:EB:07:52:6C:71:95:74:1F:64:85:74:96:31:3D:17:5A:6B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Cckc6wdSbHGVdB9khXSWMT0XWms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.175.0/24
192.124.177.0/24
212.193.7.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:17:92:51:00:8a:f8:2c:ce:0f:cd:af:1d:bc:95:e3:bf:a2:
28:e6:3b:42:01:b6:47:9e:f9:1e:1e:f4:a8:e6:4f:13:4c:22:
c3:9e:c8:4e:ee:a0:8e:7b:2d:80:cf:2c:88:4e:e2:57:fe:42:
8e:8e:0a:20:03:49:5d:cb:d3:64:de:93:77:58:0a:35:41:24:
0f:fb:fc:1e:a9:ca:76:d7:4a:a8:b9:28:53:e5:40:5b:94:f9:
a4:88:95:cc:00:8f:90:60:55:0e:9c:d5:18:d4:06:7b:3f:1a:
2d:e8:cf:93:d8:df:63:26:9e:0a:d6:08:1f:60:13:6a:d0:2d:
10:07:03:fb:9b:d5:bb:0d:11:f8:79:df:0f:51:ab:d9:9a:53:
2c:b9:38:93:9d:82:bb:78:a7:e1:0b:b4:e8:92:f9:37:73:a2:
39:70:b7:aa:c0:0e:d5:0d:ee:1c:0a:26:e4:51:99:ff:e7:b9:
db:e8:60:50:a9:35:f4:38:93:8b:40:58:fc:37:96:9c:e9:b8:
7d:ec:7d:d0:2b:fa:51:45:e9:e1:47:d1:ae:ff:2d:f1:2c:3f:
3e:3b:dd:dc:6f:9f:4a:9f:df:d8:81:cd:21:a7:74:00:06:ef:
5d:a3:07:08:7c:57:b8:43:9f:bb:30:db:ce:c0:8a:7d:23:48:
b3:62:ce:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWg0IopB4Ff/mAxfc0XCeyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTExMTIzMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWM5MWNlYjA3NTI2YzcxOTU3NDFmNjQ4NTc0OTYzMTNkMTc1YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVR+++tIxtdGLsrWigNq35/XHwMO
baLDPxHQTlPL17KQZcTS4wMatVeIW76JjyC2ZSGE2tYpTnyT3UltjjDpK8vzMdXY
VELajkShlsWMNyq0jxX/5N4AM4jpqSmJVhKpCPnYIcaHkrJlOABhbyF7Csvs6KBp
ZqmOUKdQ8UzXVGVxOQV5WsK2zuqxonuusSpLq93TDIP2d65hhBTjR9NOaMaY/JdE
E+jX1Fwd2Q/9wwBKlCWLkL4xDbY6cZP+mwNiiREeZL4dTHOm1DZAcggc2gwy1wzM
vxSy9sM7cv51rlnzVqI6xm/ESoAZdCrwMFm9ZON9Hmm/KPznt1Yh1303TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAnJHOsHUmxxlXQfZIV0ljE9F1prMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ2NrYzZ3ZFNiSEdWZEI5a2hYU1dNVDBYV21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHyvAwQA
wHyxAwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQBMF5JRAIr4LM4Pza8dvJXjv6Io
5jtCAbZHnvkeHvSo5k8TTCLDnshO7qCOey2AzyyITuJX/kKOjgogA0ldy9Nk3pN3
WAo1QSQP+/weqcp210qouShT5UBblPmkiJXMAI+QYFUOnNUY1AZ7Pxot6M+T2N9j
Jp4K1ggfYBNq0C0QBwP7m9W7DRH4ed8PUavZmlMsuTiTnYK7eKfhC7Tokvk3c6I5
cLeqwA7VDe4cCibkUZn/57nb6GBQqTX0OJOLQFj8N5ac6bh97H3QK/pRRenhR9Gu
/y3xLD8+O93cb59Kn9/Ygc0hp3QABu9dowcIfFe4Q5+7MNvOwIp9I0izYs7f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org