Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fDd_QblNLKXbBoNMlmd4MGpE5Tk.roa
File: fDd_QblNLKXbBoNMlmd4MGpE5Tk.roa (raw, json)
Hash identifier: /t+Uw8gzh6zwhXWyZNIkDKcNCsZwju+rXgieomHraIQ=
Subject key identifier: 7C:37:7F:41:B9:4D:2C:A5:DB:06:83:4C:96:67:78:30:6A:44:E5:39
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D2CB9D19F3ACE376CAB183B3037E7F98E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fDd_QblNLKXbBoNMlmd4MGpE5Tk.roa
Signing time: Sun 21 Jan 2024 15:53:11 +0000
ROA not before: Sun 21 Jan 2024 15:53:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 16:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2c:b9:d1:9f:3a:ce:37:6c:ab:18:3b:30:37:e7:f9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 21 15:53:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c377f41b94d2ca5db06834c966778306a44e539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:13:fd:c5:9f:18:a8:41:9f:37:b6:2e:2b:
01:cb:37:20:a9:fc:4d:6e:9a:6e:df:0f:84:f2:72:
d3:cd:6e:ff:6f:26:4a:f7:ca:f6:ce:f9:35:2c:6d:
bc:d2:7c:f3:51:00:ba:0d:b9:95:c8:5e:b6:5a:35:
d9:c1:c4:85:cf:96:40:4d:3a:e4:22:9a:cb:33:6f:
a6:2a:5d:3f:1f:55:ca:b8:b7:43:57:d1:b5:b3:cf:
59:57:bf:53:12:42:2f:24:02:e4:1c:33:89:0b:ab:
b2:d9:48:9e:4c:6c:43:5b:fe:f7:2f:8e:29:75:38:
98:cd:42:ff:79:8c:be:9d:aa:c0:cc:71:c8:c7:0d:
f8:f5:7b:76:1f:32:e4:31:a0:09:87:72:a5:78:c9:
4d:eb:a7:7c:04:db:60:8a:03:f5:00:82:bc:29:07:
7c:b4:94:92:71:58:08:92:7d:70:36:1b:53:70:b8:
61:ae:1a:72:7c:83:25:83:63:05:b4:c0:06:4c:9f:
44:c2:68:ab:9a:27:cf:8d:71:02:ee:d2:bf:c3:46:
6f:4a:e2:5f:79:b5:b2:0f:7c:85:7a:e6:f6:9a:2a:
8a:8e:7a:ed:29:66:e3:7b:ba:f6:68:c0:98:e5:1d:
25:1f:4a:c2:86:b5:7c:69:1d:9e:1a:4a:3d:5e:17:
9c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:37:7F:41:B9:4D:2C:A5:DB:06:83:4C:96:67:78:30:6A:44:E5:39
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fDd_QblNLKXbBoNMlmd4MGpE5Tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0-192.124.182.255
192.124.188.0/24
192.124.190.0/24
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bc:c6:5d:b9:0a:7e:71:07:2f:88:53:cd:e7:c2:ad:f0:34:
17:f5:0f:f7:66:bb:bb:65:85:c5:0d:2a:d8:57:ee:77:12:27:
14:25:b2:bc:45:8c:a9:c3:fa:73:08:ec:33:f0:ed:16:bd:b6:
4f:b0:03:b1:8a:ec:5e:a9:b3:22:62:c2:4b:18:9e:1c:54:61:
9a:bb:14:f0:59:a6:a1:03:ec:34:1b:ae:99:37:f2:96:e9:9e:
12:a4:21:e3:a8:7d:55:8a:db:af:d9:7d:02:db:96:d2:7f:ed:
8a:9a:f0:9c:16:26:29:34:9a:fd:74:07:76:b3:b3:3b:6b:9f:
ed:a8:3d:e0:60:b6:2f:2d:d7:23:ba:40:63:e1:9c:24:5b:99:
c3:9a:01:b7:14:04:c0:17:d3:78:14:35:cf:be:36:01:8d:19:
7b:60:86:e8:59:e5:80:ad:80:10:5c:b2:d3:fd:3d:68:ec:44:
05:dc:0e:10:42:88:14:40:5b:dc:36:11:7b:94:ee:fa:9e:81:
7a:4a:81:38:5d:dc:c2:6f:cb:24:4d:f4:5c:28:47:6c:57:76:
a0:71:f2:dd:fb:9f:ed:26:c8:49:93:a0:97:d0:37:e0:48:99:
84:3f:e8:0f:81:8c:4c:0e:c9:c3:9b:98:77:6a:5f:e5:a9:b3:
fb:1d:ed:50
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0sudGfOs43bKsYOzA35/mOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIxMTU1MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM3N2Y0MWI5NGQyY2E1ZGIwNjgzNGM5NjY3NzgzMDZhNDRlNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvsT/cWfGKhBnze2LisByzcgqfxN
bppu3w+E8nLTzW7/byZK98r2zvk1LG280nzzUQC6DbmVyF62WjXZwcSFz5ZATTrk
IprLM2+mKl0/H1XKuLdDV9G1s89ZV79TEkIvJALkHDOJC6uy2UieTGxDW/73L44p
dTiYzUL/eYy+narAzHHIxw349Xt2HzLkMaAJh3KleMlN66d8BNtgigP1AIK8KQd8
tJSScVgIkn1wNhtTcLhhrhpyfIMlg2MFtMAGTJ9EwmirmifPjXEC7tK/w0ZvSuJf
ebWyD3yFeub2miqKjnrtKWbje7r2aMCY5R0lH0rChrV8aR2eGko9XhecKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHw3f0G5TSyl2waDTJZneDBqROU5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZkRkX1FibE5MS1hiQm9OTWxtZDRNR3BFNVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBALAfLQD
BADAfLYDBADAfLwDBADAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEB
AA68xl25Cn5xBy+IU83nwq3wNBf1D/dmu7tlhcUNKthX7ncSJxQlsrxFjKnD+nMI
7DPw7Ra9tk+wA7GK7F6psyJiwksYnhxUYZq7FPBZpqED7DQbrpk38pbpnhKkIeOo
fVWK26/ZfQLbltJ/7Yqa8JwWJik0mv10B3azsztrn+2oPeBgti8t1yO6QGPhnCRb
mcOaAbcUBMAX03gUNc++NgGNGXtghuhZ5YCtgBBcstP9PWjsRAXcDhBCiBRAW9w2
EXuU7vqegXpKgThd3MJvyyRN9FwoR2xXdqBx8t37n+0myEmToJfQN+BImYQ/6A+B
jEwOycObmHdqX+Wps/sd7VA=
-----END CERTIFICATE-----
Generated at Sun Jan 21 17:35:50 2024 by rpki-client on console-ams.rpki-client.org