Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Re6htgKNLR6JAR3xzHFDZtLRm9E.roa
File: Re6htgKNLR6JAR3xzHFDZtLRm9E.roa (raw, json)
Hash identifier: EdkP+Bc4PDVltMqr/qimyw8F+m1pKuDSEXu5dLSUKzM=
Subject key identifier: 45:EE:A1:B6:02:8D:2D:1E:89:01:1D:F1:CC:71:43:66:D2:D1:9B:D1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A7CC6A34AE39AEE1240D04ECEEFB5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Re6htgKNLR6JAR3xzHFDZtLRm9E.roa
Signing time: Tue 02 Jan 2024 12:33:51 +0000
ROA not before: Tue 02 Jan 2024 12:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 192.124.177.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
212.193.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 15:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:7c:c6:a3:4a:e3:9a:ee:12:40:d0:4e:ce:ef:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45eea1b6028d2d1e89011df1cc714366d2d19bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:44:bb:9e:b8:27:55:63:47:ee:5c:77:60:
12:4e:65:07:a7:aa:c0:12:e3:98:17:aa:44:f6:29:
28:70:94:b3:fa:14:46:a9:76:2c:e0:b6:ac:d9:39:
bf:b3:cd:d5:ce:27:f2:10:54:11:65:c3:7b:1f:3d:
20:98:7d:5a:95:af:2f:9e:2a:65:1a:9b:ea:c9:40:
1e:91:f3:3e:d5:f2:cc:e4:e1:46:86:cc:b6:47:9c:
20:d8:06:95:f0:f4:02:e0:75:b4:5c:17:fa:a3:f0:
86:05:c7:eb:5a:8a:f8:a0:aa:da:a9:a1:7e:70:10:
f7:c9:78:d3:87:17:80:8e:ec:99:44:fa:a0:bc:e3:
91:d7:c5:4d:a9:a0:d6:7d:92:d3:82:d7:80:a7:af:
ba:47:68:ff:bc:50:78:3f:6f:60:c9:b7:d0:60:0c:
5a:c3:d9:83:45:95:80:2d:ad:18:bb:a6:fd:48:bf:
61:2b:19:81:10:61:1f:f8:51:0c:6a:a8:79:f1:8a:
ea:90:2b:d6:01:02:aa:3c:4d:a5:90:9c:15:e5:62:
b8:99:69:95:5a:15:0a:a8:d7:a3:a4:6f:c3:30:82:
fe:ec:54:79:d7:e9:71:b0:44:5b:50:73:60:58:c4:
fd:db:83:75:29:df:0f:e0:37:7e:86:53:93:c8:e1:
71:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EE:A1:B6:02:8D:2D:1E:89:01:1D:F1:CC:71:43:66:D2:D1:9B:D1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Re6htgKNLR6JAR3xzHFDZtLRm9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.177.0/24
194.87.64.0/24
212.193.7.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:84:8f:22:19:75:06:28:2d:54:27:35:66:c0:14:18:c5:65:
fb:80:1d:74:78:30:35:21:13:39:fb:d8:c7:2f:af:69:2f:b8:
b4:b0:61:cd:cd:e8:5e:ed:b3:cf:41:6a:87:b3:21:14:f2:9d:
1a:fd:6b:a0:d7:01:85:ec:20:4d:c5:ff:29:33:49:13:59:41:
19:52:a2:2a:56:bb:30:e5:ac:5e:3f:32:f7:f9:4c:6b:81:18:
db:23:0b:1a:b1:33:2c:0a:e1:d9:7c:e4:b4:3d:61:be:f5:80:
31:bb:e1:1f:bf:b5:8c:fa:f0:8a:3a:df:51:8b:07:c9:fb:5f:
08:e9:53:15:3d:2e:cb:ce:fc:9e:f6:7f:8a:bb:6a:de:14:6f:
79:53:9b:c4:ac:97:ea:ba:97:50:e6:9b:48:b6:ca:c6:cb:1b:
f0:a2:8d:75:53:85:ec:79:20:ef:cb:e2:bf:76:cc:6b:7a:26:
6b:26:c8:70:fe:d5:41:bc:2f:37:8a:6c:97:4a:68:18:7e:8b:
e5:04:3b:d1:14:9f:c1:6d:13:e6:69:44:52:e9:58:63:e2:a8:
3f:e4:87:b4:57:e1:51:7d:cf:42:08:6b:8c:4a:ba:48:c0:98:
27:5a:8a:61:77:57:9c:89:04:ef:06:78:57:08:bd:b4:7d:20:
7c:f1:f2:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKnzGo0rjmu4SQNBOzu+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWVlYTFiNjAyOGQyZDFlODkwMTFkZjFjYzcxNDM2NmQyZDE5YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH9Eu564J1VjR+5cd2ASTmUHp6rA
EuOYF6pE9ikocJSz+hRGqXYs4Las2Tm/s83VzifyEFQRZcN7Hz0gmH1ala8vnipl
GpvqyUAekfM+1fLM5OFGhsy2R5wg2AaV8PQC4HW0XBf6o/CGBcfrWor4oKraqaF+
cBD3yXjThxeAjuyZRPqgvOOR18VNqaDWfZLTgteAp6+6R2j/vFB4P29gybfQYAxa
w9mDRZWALa0Yu6b9SL9hKxmBEGEf+FEMaqh58YrqkCvWAQKqPE2lkJwV5WK4mWmV
WhUKqNejpG/DMIL+7FR51+lxsERbUHNgWMT924N1Kd8P4Dd+hlOTyOFxMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEXuobYCjS0eiQEd8cxxQ2bS0ZvRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUmU2aHRnS05MUjZKQVIzeHpIRkRadExSbTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHyxAwQA
wldAAwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQAchI8iGXUGKC1UJzVmwBQYxWX7
gB10eDA1IRM5+9jHL69pL7i0sGHNzehe7bPPQWqHsyEU8p0a/Wug1wGF7CBNxf8p
M0kTWUEZUqIqVrsw5axePzL3+UxrgRjbIwsasTMsCuHZfOS0PWG+9YAxu+Efv7WM
+vCKOt9RiwfJ+18I6VMVPS7Lzvye9n+Ku2reFG95U5vErJfqupdQ5ptItsrGyxvw
oo11U4XseSDvy+K/dsxreiZrJshw/tVBvC83imyXSmgYfovlBDvRFJ/BbRPmaURS
6Vhj4qg/5Ie0V+FRfc9CCGuMSrpIwJgnWophd1eciQTvBnhXCL20fSB88fKd
-----END CERTIFICATE-----
Generated at Wed Apr 3 20:21:43 2024 by rpki-client on console-fra.rpki-client.org