Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Yl3YHGtIjdLZenjaKtodF6rFw7o.roa
File: Yl3YHGtIjdLZenjaKtodF6rFw7o.roa (raw, json)
Hash identifier: 5/uRFnlYc/RzmQUSjKkGl6vLDVuk+690fZLfTH7lke8=
Subject key identifier: 62:5D:D8:1C:6B:48:8D:D2:D9:7A:78:DA:2A:DA:1D:17:AA:C5:C3:BA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018ADA48EE641553CC9324AA2BFE68DFA8E5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Yl3YHGtIjdLZenjaKtodF6rFw7o.roa
Signing time: Thu 28 Sep 2023 05:35:27 +0000
ROA not before: Thu 28 Sep 2023 05:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 192.124.170.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:48:ee:64:15:53:cc:93:24:aa:2b:fe:68:df:a8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 28 05:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=625dd81c6b488dd2d97a78da2ada1d17aac5c3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:a6:fc:8a:62:45:5e:4b:c5:f8:7a:55:28:
ae:40:40:8a:ba:26:b1:37:25:02:df:4b:a9:f3:8d:
0d:7f:5a:33:de:28:52:36:f1:9b:60:87:87:18:b4:
a9:e7:c8:69:2d:7e:03:34:37:9f:d3:fe:28:eb:a8:
ed:f4:c6:01:3e:b9:ad:9a:6a:b4:ed:b5:79:01:b6:
af:e9:47:a3:a0:61:7b:cc:77:c9:a9:26:1c:54:e1:
bd:0b:18:50:f5:80:03:80:af:96:7a:19:85:ec:29:
b2:d1:b9:43:0d:01:78:5b:13:53:9e:44:cd:fc:8f:
58:e0:6a:48:88:97:cb:d6:09:6c:8c:ed:54:7a:41:
d8:8a:f6:5f:9b:81:16:c7:12:cf:3e:53:6f:b8:ed:
4b:ec:6c:b0:57:64:57:4c:d6:1b:dd:44:ef:ee:a7:
f5:aa:fb:43:01:e5:e5:2b:96:99:36:2d:85:77:b6:
bf:99:c0:f8:85:2d:ff:e0:eb:32:19:ab:10:4e:b7:
6e:dd:66:80:3d:92:8a:45:5e:59:07:c6:7c:59:65:
cc:81:54:f2:e5:9a:47:7b:54:c6:b4:1a:84:f4:f3:
f2:f2:2f:86:93:c9:09:8e:73:7f:fa:d5:cd:2b:fa:
10:0e:89:ad:38:c9:77:b8:3f:d3:f1:56:dc:67:78:
b7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5D:D8:1C:6B:48:8D:D2:D9:7A:78:DA:2A:DA:1D:17:AA:C5:C3:BA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Yl3YHGtIjdLZenjaKtodF6rFw7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.170.0/24
192.124.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:8c:9e:83:19:c6:aa:d4:4b:69:c6:6b:45:fd:88:a1:ab:f2:
de:04:55:13:2f:7b:1e:33:c1:8f:b1:2c:27:38:fc:2a:90:06:
c6:fc:2c:44:9f:d2:9d:a3:17:65:f7:7c:5c:76:41:cb:bb:26:
4a:4e:c4:25:7b:09:47:de:f3:4b:f8:b4:34:76:34:62:dd:cf:
c2:a6:35:ff:19:94:d0:b3:b8:a4:20:d2:98:ff:93:69:53:44:
7f:f0:42:4f:31:f5:df:b4:d4:22:1e:f4:f7:4d:f3:cf:f2:64:
c4:03:fc:4e:3b:29:5f:89:0a:b1:ed:f8:83:53:ad:32:3f:c6:
94:6a:91:b3:a3:ae:38:43:f5:3b:c7:54:ff:25:78:c0:8f:2f:
69:70:cb:f4:dd:b2:61:f9:9d:18:e7:ee:fb:63:3e:69:1e:ec:
92:a0:d7:c9:64:3e:08:3a:42:8f:84:3b:d6:cc:90:03:29:92:
a4:83:8d:1c:70:e0:1d:f7:11:9f:6b:81:42:5c:b9:f6:cd:ea:
fc:5e:a0:cd:bd:5e:9d:97:fd:94:c9:60:d3:4b:a4:3c:e5:09:
63:b4:04:c1:70:d2:c7:c3:e5:79:9d:22:c5:d3:ad:57:a1:f5:
a3:28:38:d1:b7:d6:97:44:7a:b5:69:aa:4b:21:b8:e2:c8:87:
37:4e:26:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYraSO5kFVPMkySqK/5o36jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI4MDUzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjVkZDgxYzZiNDg4ZGQyZDk3YTc4ZGEyYWRhMWQxN2FhYzVjM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYGm/IpiRV5Lxfh6VSiuQECKuiax
NyUC30up840Nf1oz3ihSNvGbYIeHGLSp58hpLX4DNDef0/4o66jt9MYBPrmtmmq0
7bV5Abav6UejoGF7zHfJqSYcVOG9CxhQ9YADgK+WehmF7Cmy0blDDQF4WxNTnkTN
/I9Y4GpIiJfL1glsjO1UekHYivZfm4EWxxLPPlNvuO1L7GywV2RXTNYb3UTv7qf1
qvtDAeXlK5aZNi2Fd7a/mcD4hS3/4OsyGasQTrdu3WaAPZKKRV5ZB8Z8WWXMgVTy
5ZpHe1TGtBqE9PPy8i+Gk8kJjnN/+tXNK/oQDomtOMl3uD/T8VbcZ3i33wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGJd2BxrSI3S2Xp42iraHReqxcO6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWWwzWUhHdElqZExaZW5qYUt0b2RGNnJGdzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHyqAwQA
wHysMA0GCSqGSIb3DQEBCwUAA4IBAQBrjJ6DGcaq1EtpxmtF/Yihq/LeBFUTL3se
M8GPsSwnOPwqkAbG/CxEn9Kdoxdl93xcdkHLuyZKTsQlewlH3vNL+LQ0djRi3c/C
pjX/GZTQs7ikINKY/5NpU0R/8EJPMfXftNQiHvT3TfPP8mTEA/xOOylfiQqx7fiD
U60yP8aUapGzo644Q/U7x1T/JXjAjy9pcMv03bJh+Z0Y5+77Yz5pHuySoNfJZD4I
OkKPhDvWzJADKZKkg40ccOAd9xGfa4FCXLn2zer8XqDNvV6dl/2UyWDTS6Q85Qlj
tATBcNLHw+V5nSLF061XofWjKDjRt9aXRHq1aapLIbjiyIc3Tiaq
-----END CERTIFICATE-----
Generated at Fri Sep 29 15:04:55 2023 by rpki-client on console-fra.rpki-client.org