Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Glqp7-khA0R6m-4Tf0NwhJC35Kg.roa
File: Glqp7-khA0R6m-4Tf0NwhJC35Kg.roa (raw, json)
Hash identifier: mSqxm33Mc8KSunVOSZLxIbpLntdXpyGNlZ7Wn2zINDs=
Subject key identifier: 1A:5A:A9:EF:E9:21:03:44:7A:9B:EE:13:7F:43:70:84:90:B7:E4:A8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189DA7616B79E6764FFAFE023BB8CA2DB7E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Glqp7-khA0R6m-4Tf0NwhJC35Kg.roa
Signing time: Wed 09 Aug 2023 13:21:59 +0000
ROA not before: Wed 09 Aug 2023 13:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 192.124.191.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:76:16:b7:9e:67:64:ff:af:e0:23:bb:8c:a2:db:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 9 13:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a5aa9efe92103447a9bee137f43708490b7e4a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:cb:79:d3:88:03:bf:9a:25:40:a4:eb:e6:
97:5d:ff:25:96:3c:06:85:13:ce:f5:2e:ec:68:ad:
e6:81:42:02:be:a2:94:d8:36:38:a5:90:39:cf:57:
c3:cb:47:68:d5:49:13:73:29:79:cd:0f:e1:89:41:
f6:ee:1b:50:30:30:8e:29:bb:db:3a:9c:59:8f:d0:
75:3d:da:ba:a0:59:a6:40:25:3e:19:fd:2a:23:91:
f3:90:b0:22:f4:e6:cd:a7:26:db:40:62:9a:b4:7a:
d9:36:d0:74:de:e1:88:c2:01:35:e5:8e:d5:36:cd:
f8:4a:b8:2d:69:93:9b:8a:d3:df:a6:80:ca:c5:0b:
12:d8:52:17:b0:41:f2:3f:82:3c:5c:b0:6c:3d:c3:
80:18:59:89:05:b9:5c:83:3e:24:af:49:90:3c:72:
c7:fe:6f:72:b0:de:cf:ba:b1:27:76:ce:61:c7:c3:
fd:a0:2b:a8:d6:c1:ec:9a:f1:cc:93:da:4f:55:e8:
a1:4c:83:d4:08:02:88:3c:8e:87:b0:ce:6b:1f:81:
cf:29:70:49:62:e1:a1:20:95:a8:a4:6a:e8:40:68:
26:19:20:5a:f9:25:1c:b8:97:a4:9d:84:fe:48:68:
b6:6c:1a:05:06:3b:d6:29:9e:aa:27:83:28:a1:ee:
aa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5A:A9:EF:E9:21:03:44:7A:9B:EE:13:7F:43:70:84:90:B7:E4:A8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Glqp7-khA0R6m-4Tf0NwhJC35Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
194.58.67.0/24
Signature Algorithm: sha256WithRSAEncryption
39:0b:e5:86:b2:63:03:3c:4f:72:bd:ba:97:03:30:6b:6a:93:
9c:9b:54:22:b5:95:60:6e:f6:0a:5f:a6:0d:db:84:51:10:49:
5d:d3:b4:0a:8a:e3:60:0f:69:7b:ea:f7:5b:36:e3:f4:b4:a6:
83:df:6f:cf:ae:ed:e9:14:ce:15:a0:1a:40:b5:a4:6c:38:6e:
e2:5a:d4:a4:67:b1:aa:8f:8a:84:41:2c:11:10:ed:d7:20:e1:
97:67:14:04:72:42:a7:ce:af:16:c4:62:45:fe:9e:45:3c:0a:
c8:90:c8:e6:47:a6:7f:f2:ec:9d:c1:e3:01:3c:69:06:07:6d:
42:68:44:6f:a5:1c:7a:c7:c5:cd:c0:19:5d:db:b3:af:39:10:
ef:e8:6f:39:83:bb:23:d7:1b:ec:76:74:93:55:7d:7c:2a:a3:
9a:51:f5:ce:e1:7a:e4:84:db:98:f4:9c:9f:8d:ba:4b:0c:cd:
99:0a:a1:b4:fd:4d:97:69:6e:33:72:80:58:8e:a3:82:88:52:
59:28:fa:58:45:c9:48:db:4c:85:92:b8:54:97:fe:e2:f4:8a:
4d:99:86:29:4f:b0:0b:f1:d4:49:9d:70:d5:57:48:be:ba:0d:
4a:7d:d3:04:87:0e:e6:54:69:52:a0:e4:35:1a:02:81:39:65:
20:00:33:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnadha3nmdk/6/gI7uMott+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA5MTMyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTVhYTllZmU5MjEwMzQ0N2E5YmVlMTM3ZjQzNzA4NDkwYjdlNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/vLedOIA7+aJUCk6+aXXf8lljwG
hRPO9S7saK3mgUICvqKU2DY4pZA5z1fDy0do1UkTcyl5zQ/hiUH27htQMDCOKbvb
OpxZj9B1Pdq6oFmmQCU+Gf0qI5HzkLAi9ObNpybbQGKatHrZNtB03uGIwgE15Y7V
Ns34SrgtaZObitPfpoDKxQsS2FIXsEHyP4I8XLBsPcOAGFmJBblcgz4kr0mQPHLH
/m9ysN7PurEnds5hx8P9oCuo1sHsmvHMk9pPVeihTIPUCAKIPI6HsM5rH4HPKXBJ
YuGhIJWopGroQGgmGSBa+SUcuJeknYT+SGi2bBoFBjvWKZ6qJ4Mooe6qUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpaqe/pIQNEepvuE39DcISQt+SoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR2xxcDcta2hBMFI2bS00VGYwTndoSkMzNUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHy/AwQA
wjpDMA0GCSqGSIb3DQEBCwUAA4IBAQA5C+WGsmMDPE9yvbqXAzBrapOcm1QitZVg
bvYKX6YN24RREEld07QKiuNgD2l76vdbNuP0tKaD32/Pru3pFM4VoBpAtaRsOG7i
WtSkZ7Gqj4qEQSwREO3XIOGXZxQEckKnzq8WxGJF/p5FPArIkMjmR6Z/8uydweMB
PGkGB21CaERvpRx6x8XNwBld27OvORDv6G85g7sj1xvsdnSTVX18KqOaUfXO4Xrk
hNuY9JyfjbpLDM2ZCqG0/U2XaW4zcoBYjqOCiFJZKPpYRclI20yFkrhUl/7i9IpN
mYYpT7AL8dRJnXDVV0i+ug1KfdMEhw7mVGlSoOQ1GgKBOWUgADNA
-----END CERTIFICATE-----
Generated at Fri Aug 11 11:45:36 2023 by rpki-client on console-fra.rpki-client.org