Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R6PB80XeT7TSURCP9eczmkZMcFQ.roa
File: R6PB80XeT7TSURCP9eczmkZMcFQ.roa (raw, json)
Hash identifier: ifvRyMXSuUPaDlk9TKvAV/RWk1Rz0sdWEDT8Wq0KRRI=
Subject key identifier: 47:A3:C1:F3:45:DE:4F:B4:D2:51:10:8F:F5:E7:33:9A:46:4C:70:54
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D2CB9D13AC0563A0EF20C55EE10B81F49
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R6PB80XeT7TSURCP9eczmkZMcFQ.roa
Signing time: Sun 21 Jan 2024 15:53:11 +0000
ROA not before: Sun 21 Jan 2024 15:53:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 16:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2c:b9:d1:3a:c0:56:3a:0e:f2:0c:55:ee:10:b8:1f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 21 15:53:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47a3c1f345de4fb4d251108ff5e7339a464c7054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e6:87:66:fe:b8:b2:8b:87:f7:74:c6:65:67:
3c:34:ee:9c:1f:8c:b4:0d:5c:c6:8e:83:bd:76:57:
92:94:05:ca:d9:e8:36:f0:87:ef:15:29:f0:ee:af:
4d:ba:f4:12:58:13:02:73:1e:38:4a:36:51:e0:af:
9b:09:e9:c7:74:8c:76:78:3b:83:fb:a6:ca:f9:73:
76:f5:ad:e8:d6:eb:e0:35:62:38:7e:a6:95:3f:19:
23:c0:4e:22:55:b8:dc:b0:61:86:21:df:13:f5:3d:
81:38:5c:fb:40:32:cf:0b:c9:63:74:66:9d:a9:a5:
cd:b0:cd:5c:d7:95:5d:89:97:39:a4:e0:4b:cb:ca:
5a:56:11:a8:7b:95:37:4c:17:7b:ec:e0:c9:81:44:
44:18:2d:d0:3c:8f:90:cd:70:92:6e:63:29:94:e8:
9b:8a:51:9d:27:2d:33:93:4e:14:21:b3:e4:bf:2c:
75:03:17:71:b8:a7:31:02:2d:0b:92:11:43:ca:31:
c6:bf:cd:e0:cf:ba:85:47:ab:fb:2e:f1:07:a7:67:
e2:48:76:ee:24:4e:0d:b6:ff:16:64:bb:c2:0b:4a:
35:11:cd:87:4e:7b:66:f9:a5:5b:85:fa:26:19:0d:
49:2f:84:38:ab:41:11:af:4e:0b:2b:52:6c:76:57:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A3:C1:F3:45:DE:4F:B4:D2:51:10:8F:F5:E7:33:9A:46:4C:70:54
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/R6PB80XeT7TSURCP9eczmkZMcFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0-192.124.182.255
192.124.188.0/24
192.124.190.0/24
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
15:f0:6f:26:24:69:50:ef:58:62:38:de:3f:d8:23:3e:bc:31:
d1:63:18:92:1e:49:83:bf:1e:b8:42:9f:46:59:14:1b:f0:51:
15:2e:ce:64:6b:52:8d:bd:c0:ea:54:28:8e:27:bc:97:c2:e0:
d2:f0:c1:16:d5:5d:9f:dd:80:08:c1:dc:a4:c9:f7:4e:95:cc:
1e:ca:09:3c:75:0e:b3:66:35:9e:64:08:ce:b8:96:93:a5:fe:
a1:d1:0e:fa:76:9b:82:cc:e8:28:3b:e2:f1:8e:41:ba:e3:e0:
04:55:80:6b:cc:c4:08:7b:0e:73:97:96:fc:31:6a:fb:81:a8:
bd:7f:72:24:1a:08:c9:6c:c1:de:74:31:b9:21:89:db:0d:8d:
84:07:40:4c:b7:09:10:a3:4a:e8:61:3a:bf:80:b5:df:a8:8b:
ff:ce:89:42:47:74:7b:c1:68:68:ad:a4:91:ab:0a:63:e6:3a:
4c:ac:12:25:e1:be:51:12:29:86:06:bd:c8:c1:64:5d:42:84:
c9:3b:29:b2:d4:73:fd:3c:91:05:5b:f1:32:61:2c:a9:40:75:
12:87:87:7b:f6:3a:c3:62:5a:9e:98:71:c3:5e:02:5f:26:e3:
2d:bd:95:cf:71:34:15:7c:86:68:ff:41:6f:14:50:ad:ac:41:
c1:1f:8a:89
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0sudE6wFY6DvIMVe4QuB9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIxMTU1MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2EzYzFmMzQ1ZGU0ZmI0ZDI1MTEwOGZmNWU3MzM5YTQ2NGM3MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeaHZv64souH93TGZWc8NO6cH4y0
DVzGjoO9dleSlAXK2eg28IfvFSnw7q9NuvQSWBMCcx44SjZR4K+bCenHdIx2eDuD
+6bK+XN29a3o1uvgNWI4fqaVPxkjwE4iVbjcsGGGId8T9T2BOFz7QDLPC8ljdGad
qaXNsM1c15VdiZc5pOBLy8paVhGoe5U3TBd77ODJgUREGC3QPI+QzXCSbmMplOib
ilGdJy0zk04UIbPkvyx1AxdxuKcxAi0LkhFDyjHGv83gz7qFR6v7LvEHp2fiSHbu
JE4Ntv8WZLvCC0o1Ec2HTntm+aVbhfomGQ1JL4Q4q0ERr04LK1JsdlfzlwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEejwfNF3k+00lEQj/XnM5pGTHBUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUjZQQjgwWGVUN1RTVVJDUDllY3pta1pNY0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBALAfLQD
BADAfLYDBADAfLwDBADAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEB
ABXwbyYkaVDvWGI43j/YIz68MdFjGJIeSYO/HrhCn0ZZFBvwURUuzmRrUo29wOpU
KI4nvJfC4NLwwRbVXZ/dgAjB3KTJ906VzB7KCTx1DrNmNZ5kCM64lpOl/qHRDvp2
m4LM6Cg74vGOQbrj4ARVgGvMxAh7DnOXlvwxavuBqL1/ciQaCMlswd50MbkhidsN
jYQHQEy3CRCjSuhhOr+Atd+oi//OiUJHdHvBaGitpJGrCmPmOkysEiXhvlESKYYG
vcjBZF1ChMk7KbLUc/08kQVb8TJhLKlAdRKHh3v2OsNiWp6YccNeAl8m4y29lc9x
NBV8hmj/QW8UUK2sQcEfiok=
-----END CERTIFICATE-----
Generated at Sun Jan 21 17:35:50 2024 by rpki-client on console-ams.rpki-client.org