Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EfFa6tWaDwQnZ2XFvZaW2hPZ9wk.roa
File: EfFa6tWaDwQnZ2XFvZaW2hPZ9wk.roa (raw, json)
Hash identifier: bXaO4wAIiPy3zc4l8NXini7L6ELCjfpkQNnIuwF6bYk=
Subject key identifier: 11:F1:5A:EA:D5:9A:0F:04:27:67:65:C5:BD:96:96:DA:13:D9:F7:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D3C402027DB48AC360C66E4E2A5F91971
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EfFa6tWaDwQnZ2XFvZaW2hPZ9wk.roa
Signing time: Wed 24 Jan 2024 16:14:11 +0000
ROA not before: Wed 24 Jan 2024 16:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 192.124.180.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 17:44:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:40:20:27:db:48:ac:36:0c:66:e4:e2:a5:f9:19:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 24 16:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11f15aead59a0f04276765c5bd9696da13d9f709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a8:67:32:c2:a9:86:7c:a5:c6:d5:f9:60:51:
01:4f:f4:b9:3a:17:23:fb:14:58:39:d4:bf:35:d5:
9d:e9:55:71:4c:14:e8:ad:64:78:aa:30:69:40:9b:
1a:2e:27:64:e0:e1:9f:27:cf:09:07:19:b8:7d:1d:
48:49:67:64:1f:62:9b:94:bf:c0:f3:73:ef:16:70:
f4:18:73:f1:aa:d6:d5:6e:cb:22:59:cf:c1:07:66:
27:ed:fb:b8:76:d8:de:2c:d8:eb:2e:1d:52:78:32:
de:de:36:eb:0f:4c:91:bf:36:f3:2f:27:d3:72:0c:
b9:c3:ce:33:8f:1b:c6:a9:e4:a0:ee:6f:b6:da:d9:
b3:85:62:8b:04:d0:9c:3d:cb:be:43:2f:c7:29:d4:
b6:76:a5:b3:93:fa:9d:c9:b7:39:3e:84:5f:25:71:
b7:f9:c1:66:52:b0:cc:de:cb:4e:13:3e:d9:56:a5:
cd:2d:75:65:7a:3a:62:62:6f:c6:23:b6:2c:bb:97:
fc:15:06:b1:44:50:50:40:29:55:ef:c6:93:f1:ad:
d0:b8:d2:5f:d1:a4:27:b8:a3:43:e7:cf:40:41:9c:
7f:b5:11:50:c4:75:84:81:14:4c:60:1e:52:af:fe:
e4:5a:34:02:4c:8f:68:53:2f:f5:bc:09:79:be:c1:
69:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F1:5A:EA:D5:9A:0F:04:27:67:65:C5:BD:96:96:DA:13:D9:F7:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EfFa6tWaDwQnZ2XFvZaW2hPZ9wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
192.124.182.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:79:36:59:f3:fc:d1:0f:db:55:88:1c:65:57:be:da:23:74:
88:d6:47:b8:63:60:39:65:97:39:df:a7:23:be:5b:c8:03:f2:
83:af:d2:18:b8:2d:2c:61:d2:3f:c3:54:2f:36:5d:7b:c8:c7:
aa:cd:0d:98:8f:20:9d:7a:fb:b1:5f:4b:32:6c:cd:db:c2:a4:
24:91:8f:c4:5a:01:20:ef:2c:10:53:70:21:e3:e8:c4:73:79:
2f:84:b3:53:e7:de:cc:15:12:16:d2:87:90:fa:7d:63:14:b5:
a4:a2:85:a1:47:9d:1f:5e:31:99:48:3e:37:7d:b8:dc:ae:55:
ca:e5:24:d8:61:66:87:eb:d3:93:4b:f0:8e:f0:fd:02:35:eb:
8b:0a:52:81:ad:f9:cb:6d:bd:65:9c:8a:4a:34:0a:1d:9b:66:
9d:2f:47:3e:bc:11:45:c6:74:f4:bf:89:a9:b3:58:52:aa:07:
07:a2:8f:87:94:a1:89:c7:d0:c6:0f:aa:f9:d2:99:4f:ff:1d:
7f:cf:cf:25:3c:ef:9a:a5:68:92:8a:05:26:2d:d8:a3:fa:d7:
f9:e7:3d:ec:45:45:65:58:4b:21:db:11:ce:40:2a:34:50:61:
0c:e7:e2:ba:50:30:52:90:2b:ab:4d:1f:00:3c:2c:0b:8c:ff:
bc:89:83:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY08QCAn20isNgxm5OKl+RlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTI0MTYxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWYxNWFlYWQ1OWEwZjA0Mjc2NzY1YzViZDk2OTZkYTEzZDlmNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKhnMsKphnylxtX5YFEBT/S5Ohcj
+xRYOdS/NdWd6VVxTBTorWR4qjBpQJsaLidk4OGfJ88JBxm4fR1ISWdkH2KblL/A
83PvFnD0GHPxqtbVbssiWc/BB2Yn7fu4dtjeLNjrLh1SeDLe3jbrD0yRvzbzLyfT
cgy5w84zjxvGqeSg7m+22tmzhWKLBNCcPcu+Qy/HKdS2dqWzk/qdybc5PoRfJXG3
+cFmUrDM3stOEz7ZVqXNLXVlejpiYm/GI7Ysu5f8FQaxRFBQQClV78aT8a3QuNJf
0aQnuKND589AQZx/tRFQxHWEgRRMYB5Sr/7kWjQCTI9oUy/1vAl5vsFpqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBHxWurVmg8EJ2dlxb2WltoT2fcJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRWZGYTZ0V2FEd1FuWjJYRnZaYVcyaFBaOXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHy0AwQA
wHy2AwQA1MDdMA0GCSqGSIb3DQEBCwUAA4IBAQBLeTZZ8/zRD9tViBxlV77aI3SI
1ke4Y2A5ZZc536cjvlvIA/KDr9IYuC0sYdI/w1QvNl17yMeqzQ2YjyCdevuxX0sy
bM3bwqQkkY/EWgEg7ywQU3Ah4+jEc3kvhLNT597MFRIW0oeQ+n1jFLWkooWhR50f
XjGZSD43fbjcrlXK5STYYWaH69OTS/CO8P0CNeuLClKBrfnLbb1lnIpKNAodm2ad
L0c+vBFFxnT0v4mps1hSqgcHoo+HlKGJx9DGD6r50plP/x1/z88lPO+apWiSigUm
Ldij+tf55z3sRUVlWEsh2xHOQCo0UGEM5+K6UDBSkCurTR8APCwLjP+8iYPC
-----END CERTIFICATE-----
Generated at Mon Jan 29 22:26:41 2024 by rpki-client on console-fra.rpki-client.org