Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NGmyq4IPgL4CBPkWRbAQdyICNJA.roa
File: NGmyq4IPgL4CBPkWRbAQdyICNJA.roa (raw, json)
Hash identifier: RaTux9b1it492AsKTn0gXa6BUCviOiqZnXJ9YW6jUZo=
Subject key identifier: 34:69:B2:AB:82:0F:80:BE:02:04:F9:16:45:B0:10:77:22:02:34:90
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018EB2BB7AC105A2655FB7D6A06FDDC8D518
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NGmyq4IPgL4CBPkWRbAQdyICNJA.roa
Signing time: Sat 06 Apr 2024 09:26:54 +0000
ROA not before: Sat 06 Apr 2024 09:26:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198037
IP address blocks: 192.124.189.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 14:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b2:bb:7a:c1:05:a2:65:5f:b7:d6:a0:6f:dd:c8:d5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 09:26:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3469b2ab820f80be0204f91645b0107722023490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4d:40:89:e0:7e:57:cf:ae:06:0b:cd:34:81:
34:d4:e9:27:32:1e:7d:45:7a:16:ef:7d:82:a0:45:
d8:19:d3:89:14:1c:db:df:3d:e5:01:78:ca:68:a2:
94:48:03:6a:bc:3f:7d:f0:df:4e:7a:f3:4b:bf:eb:
c5:ba:e8:d7:60:b2:f1:9f:1a:fb:88:c8:8f:63:29:
52:7b:d5:b5:18:84:14:23:7e:4f:06:c0:71:d4:76:
a5:91:63:1f:5e:75:15:24:62:17:77:9e:fc:8d:8e:
f3:59:95:13:09:0c:3a:f2:2d:22:39:0b:42:93:49:
6f:8d:b6:4a:90:c0:52:69:f4:fd:f3:28:a8:a2:f8:
ec:97:3c:b8:0c:a5:8d:bb:d4:5f:15:60:2a:2f:9c:
d2:f9:41:da:e5:50:17:1a:5b:76:c5:0f:21:5f:32:
61:44:8f:79:59:07:da:10:89:d6:43:a2:5d:02:6e:
5c:b9:89:45:7a:53:25:f9:6c:d0:00:aa:f2:7b:04:
52:5d:53:21:51:06:15:6e:81:5f:8d:5b:21:93:0a:
05:26:c4:ee:58:4a:ee:51:5b:d3:0f:e5:55:d3:2a:
20:f6:d1:2e:84:93:84:c0:9a:b8:55:97:1a:c2:2c:
51:91:22:68:39:df:1d:21:1b:ed:70:c6:89:83:19:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:69:B2:AB:82:0F:80:BE:02:04:F9:16:45:B0:10:77:22:02:34:90
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NGmyq4IPgL4CBPkWRbAQdyICNJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
194.87.25.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:88:85:23:fb:14:b0:97:20:77:7b:6e:2c:af:93:2d:95:d1:
b6:e8:d2:eb:76:e3:3b:d6:89:ef:5f:2a:52:25:0e:67:9b:32:
4a:f9:50:29:2b:af:1c:d0:8d:81:75:53:12:64:c2:4f:0d:92:
36:90:57:43:e1:cd:3e:9b:09:b2:05:1f:24:38:df:07:d5:cb:
8b:fe:e9:38:b6:bb:34:c0:ad:1c:db:e3:4c:60:6a:36:9b:f8:
90:aa:1f:35:34:f6:1b:63:ab:13:dc:da:a3:65:41:73:93:bc:
8e:87:a5:21:2a:38:8a:45:f9:0e:35:5d:af:29:48:44:b3:ab:
85:94:af:29:ba:26:3e:24:0d:5f:69:4e:ce:fc:0d:74:79:ac:
e8:40:4e:a8:ae:f6:39:b6:76:34:a2:92:59:2f:b1:f8:ac:3b:
22:f5:34:23:db:1d:fd:b9:08:b7:56:2d:58:14:c1:74:be:ac:
0c:57:0b:02:e5:48:5a:c3:7a:15:2b:36:4f:bc:1f:03:7c:26:
21:2d:94:bd:29:24:e3:2b:f2:f8:15:c0:ab:ad:1e:6d:4b:1e:
51:31:91:1c:66:d1:e3:95:c5:90:ab:8a:76:49:66:28:0a:42:
56:53:5b:d2:fd:b1:b4:5b:1f:56:f2:04:8d:c2:b9:50:74:aa:
a3:e1:d9:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6yu3rBBaJlX7fWoG/dyNUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDA2MDkyNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY5YjJhYjgyMGY4MGJlMDIwNGY5MTY0NWIwMTA3NzIyMDIzNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk1AieB+V8+uBgvNNIE01OknMh59
RXoW732CoEXYGdOJFBzb3z3lAXjKaKKUSANqvD998N9OevNLv+vFuujXYLLxnxr7
iMiPYylSe9W1GIQUI35PBsBx1HalkWMfXnUVJGIXd578jY7zWZUTCQw68i0iOQtC
k0lvjbZKkMBSafT98yioovjslzy4DKWNu9RfFWAqL5zS+UHa5VAXGlt2xQ8hXzJh
RI95WQfaEInWQ6JdAm5cuYlFelMl+WzQAKryewRSXVMhUQYVboFfjVshkwoFJsTu
WEruUVvTD+VV0yog9tEuhJOEwJq4VZcawixRkSJoOd8dIRvtcMaJgxncfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDRpsquCD4C+AgT5FkWwEHciAjSQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTkdteXE0SVBnTDRDQlBrV1JiQVFkeUlDTkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHy9AwQA
wlcZAwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQCOiIUj+xSwlyB3e24sr5MtldG2
6NLrduM71onvXypSJQ5nmzJK+VApK68c0I2BdVMSZMJPDZI2kFdD4c0+mwmyBR8k
ON8H1cuL/uk4trs0wK0c2+NMYGo2m/iQqh81NPYbY6sT3NqjZUFzk7yOh6UhKjiK
RfkONV2vKUhEs6uFlK8puiY+JA1faU7O/A10eazoQE6orvY5tnY0opJZL7H4rDsi
9TQj2x39uQi3Vi1YFMF0vqwMVwsC5Uhaw3oVKzZPvB8DfCYhLZS9KSTjK/L4FcCr
rR5tSx5RMZEcZtHjlcWQq4p2SWYoCkJWU1vS/bG0Wx9W8gSNwrlQdKqj4dlX
-----END CERTIFICATE-----
Generated at Mon Apr 8 19:28:53 2024 by rpki-client on console-ams.rpki-client.org