Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_UkX6KhyCft7DiGXhQYpO6duTTY.roa
File: _UkX6KhyCft7DiGXhQYpO6duTTY.roa (raw, json)
Hash identifier: UWWBS4307K2xt/JSxY1rgowQAeVKKR6M9HepwrlUu1w=
Subject key identifier: FD:49:17:E8:A8:72:09:FB:7B:0E:21:97:85:06:29:3B:A7:6E:4D:36
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187A4CEB0DBACEEB55A4D2232D749C29E20
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_UkX6KhyCft7DiGXhQYpO6duTTY.roa
Signing time: Fri 21 Apr 2023 17:13:41 +0000
ROA not before: Fri 21 Apr 2023 17:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 192.124.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 10:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:ce:b0:db:ac:ee:b5:5a:4d:22:32:d7:49:c2:9e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 21 17:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd4917e8a87209fb7b0e21978506293ba76e4d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3e:6e:fb:16:ce:21:12:b8:a7:00:bd:c1:2f:
47:ce:ef:2f:ed:41:2b:83:0b:34:08:45:a9:de:23:
99:a9:b1:b3:98:87:06:72:40:39:b5:fd:84:fd:28:
70:c6:74:36:21:10:bf:47:e6:94:de:c5:80:b2:aa:
24:95:01:af:64:f8:26:b4:a2:25:e8:e5:90:42:fd:
eb:1f:d0:a6:36:d6:7a:4e:eb:0a:e7:a3:a3:ce:27:
82:5d:dd:2b:33:3c:69:c2:9c:33:f4:33:09:93:43:
7a:95:42:aa:6d:62:cf:41:aa:06:c1:54:33:55:d2:
d1:88:51:f0:bb:c0:b1:75:de:1c:e8:a2:3f:89:64:
f6:86:a6:3b:7b:04:6f:a2:5a:90:eb:26:41:1d:6b:
25:c4:d8:15:9c:08:1e:8f:31:a8:86:c1:c8:7b:34:
42:dc:9e:f2:26:2c:31:49:6b:fc:29:cd:b0:cd:d0:
3d:29:44:35:31:87:9d:64:4c:9f:7d:b9:66:e9:b7:
ba:35:63:46:61:97:87:d7:64:26:57:91:d9:0b:86:
86:7c:6d:d2:c1:df:12:c3:aa:63:fb:d9:ce:58:5c:
95:e5:09:74:ec:97:ce:87:a5:73:91:0b:64:92:15:
10:4b:3f:f1:d3:4d:26:c3:61:bc:02:82:95:30:71:
9a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:49:17:E8:A8:72:09:FB:7B:0E:21:97:85:06:29:3B:A7:6E:4D:36
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_UkX6KhyCft7DiGXhQYpO6duTTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
Signature Algorithm: sha256WithRSAEncryption
66:e3:12:11:81:b9:6f:cc:18:b9:2d:eb:0e:3b:7d:8a:cc:71:
59:d3:a7:48:cd:53:61:a9:00:2d:ef:9a:63:62:11:21:1a:be:
6a:a0:dc:51:55:8b:c4:e0:0a:4a:5c:b8:38:4b:04:45:a5:9a:
5a:0b:43:eb:b9:e3:99:77:10:c5:26:38:cc:1a:1b:2c:9d:5d:
bb:c3:f2:e9:70:85:f3:a3:2d:7b:87:ce:a1:be:79:01:f4:da:
69:51:94:2f:03:7f:6f:f0:c6:8c:89:c9:3b:f7:ce:ac:26:c6:
75:bd:40:70:d9:ad:f6:2f:a0:49:9a:2e:a2:79:1a:0d:9e:64:
d2:59:4e:99:31:0e:a1:5e:3b:44:bd:c2:24:21:b2:17:f1:f6:
70:fd:49:de:ba:80:fd:c1:38:9e:f3:27:be:40:7c:43:18:b7:
b1:35:34:4b:a4:82:d5:23:34:a9:c1:d7:24:10:a5:f1:bf:1d:
51:65:dc:52:6b:1f:54:da:d0:bb:8e:04:b9:0a:ce:7c:f4:fe:
b8:a1:8e:16:6f:1e:83:78:77:30:96:ca:ff:84:32:53:1d:45:
27:f3:92:ef:ae:6f:21:fb:a2:5e:eb:d1:e2:a9:e4:41:20:92:
85:2b:ed:7d:93:04:5b:85:43:d3:f4:79:6b:bd:77:73:ad:4a:
cd:8c:9d:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYekzrDbrO61Wk0iMtdJwp4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDIxMTcxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ5MTdlOGE4NzIwOWZiN2IwZTIxOTc4NTA2MjkzYmE3NmU0ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD5u+xbOIRK4pwC9wS9Hzu8v7UEr
gws0CEWp3iOZqbGzmIcGckA5tf2E/ShwxnQ2IRC/R+aU3sWAsqoklQGvZPgmtKIl
6OWQQv3rH9CmNtZ6TusK56OjzieCXd0rMzxpwpwz9DMJk0N6lUKqbWLPQaoGwVQz
VdLRiFHwu8Cxdd4c6KI/iWT2hqY7ewRvolqQ6yZBHWslxNgVnAgejzGohsHIezRC
3J7yJiwxSWv8Kc2wzdA9KUQ1MYedZEyffblm6be6NWNGYZeH12QmV5HZC4aGfG3S
wd8Sw6pj+9nOWFyV5Ql07JfOh6VzkQtkkhUQSz/x000mw2G8AoKVMHGaHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1JF+iocgn7ew4hl4UGKTunbk02MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX1VrWDZLaHlDZnQ3RGlHWGhRWXBPNmR1VFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHy2MA0G
CSqGSIb3DQEBCwUAA4IBAQBm4xIRgblvzBi5LesOO32KzHFZ06dIzVNhqQAt75pj
YhEhGr5qoNxRVYvE4ApKXLg4SwRFpZpaC0PrueOZdxDFJjjMGhssnV27w/LpcIXz
oy17h86hvnkB9NppUZQvA39v8MaMick7986sJsZ1vUBw2a32L6BJmi6ieRoNnmTS
WU6ZMQ6hXjtEvcIkIbIX8fZw/UneuoD9wTie8ye+QHxDGLexNTRLpILVIzSpwdck
EKXxvx1RZdxSax9U2tC7jgS5Cs589P64oY4Wbx6DeHcwlsr/hDJTHUUn85Lvrm8h
+6Je69HiqeRBIJKFK+19kwRbhUPT9HlrvXdzrUrNjJ3S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org