Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iJtohGdAli0aWiIhn6FosP1w0Pc.roa
File: iJtohGdAli0aWiIhn6FosP1w0Pc.roa (raw, json)
Hash identifier: UhUK/5K/GUSG4Gd2uzmOAMoBX/1J/OEMJUA3Wq8FdFU=
Subject key identifier: 88:9B:68:84:67:40:96:2D:1A:5A:22:21:9F:A1:68:B0:FD:70:D0:F7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C2A29583BEE6558C84E84182EF0CF2033
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iJtohGdAli0aWiIhn6FosP1w0Pc.roa
Signing time: Sat 02 Dec 2023 10:53:21 +0000
ROA not before: Sat 02 Dec 2023 10:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 192.124.177.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
212.193.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:29:58:3b:ee:65:58:c8:4e:84:18:2e:f0:cf:20:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 2 10:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=889b68846740962d1a5a22219fa168b0fd70d0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:e9:36:e4:b5:86:a4:0a:5d:56:7f:ee:79:
49:02:8a:ca:f5:db:ac:74:8f:85:90:c5:2c:1e:8b:
14:04:6c:b8:f2:54:05:b3:f8:2a:e4:97:12:af:86:
e5:82:64:1c:65:1e:8e:fb:96:70:04:08:17:e6:17:
2b:c0:8c:50:e0:c7:1e:7e:90:fe:37:bf:9c:e5:73:
68:c6:56:19:1c:a1:10:92:4a:20:9c:a7:cf:f1:79:
10:50:17:2f:64:03:fa:19:d6:d9:0e:40:ac:44:ce:
c4:a8:85:8f:6d:31:7c:3a:d9:35:b3:a3:dd:64:fa:
bc:83:d1:24:73:1c:a8:9e:7a:70:44:7f:c5:5b:2b:
65:01:4b:7e:11:a9:af:0c:64:13:d5:65:d0:f5:f8:
63:26:df:3f:e8:a0:14:1d:0f:2f:29:ad:70:3e:96:
fb:ec:80:f3:8b:12:97:42:6c:8c:ba:09:ec:c4:0f:
83:98:e8:12:04:5d:51:28:e5:50:da:b5:17:c3:78:
5a:cf:65:02:ba:bf:0d:21:6f:55:c7:6c:e8:91:e0:
38:c0:de:6c:1e:b3:35:da:aa:5f:fb:48:74:99:6f:
a6:7c:6c:a7:3c:52:df:f3:9b:a0:c0:98:a3:14:d2:
2c:f5:5e:3b:75:ee:b0:e8:ec:f2:0b:05:ee:a9:16:
21:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9B:68:84:67:40:96:2D:1A:5A:22:21:9F:A1:68:B0:FD:70:D0:F7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iJtohGdAli0aWiIhn6FosP1w0Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.177.0/24
194.87.64.0/24
212.193.7.0/24
Signature Algorithm: sha256WithRSAEncryption
25:7d:58:f8:8b:b0:11:c0:70:92:6d:d0:8e:cd:1e:1e:56:a2:
5e:1c:65:d6:23:76:e7:af:a7:59:2b:b2:1d:49:60:37:2e:1f:
9e:18:fe:93:23:7b:dd:e0:c2:71:d3:75:f6:55:07:09:08:bc:
ff:c4:84:10:08:f9:9b:8b:ed:ef:c1:97:fe:54:84:ec:cc:8a:
f5:4b:34:3d:14:8f:ed:59:ea:af:2a:f8:8a:c1:52:2b:79:75:
57:79:00:3b:40:8c:24:08:69:e3:1d:58:58:66:74:9a:15:9b:
e0:e3:47:b5:a3:b4:20:72:b7:ad:20:20:ee:92:f4:9e:c5:a9:
91:f3:16:cf:97:b1:b4:92:17:13:41:d8:73:5b:22:6c:e6:e4:
c4:d5:25:e1:72:3d:14:a4:69:15:96:59:a6:bb:72:57:5f:b3:
42:56:77:69:42:44:4b:27:b6:ed:73:c9:6b:32:b4:a8:cf:fc:
a1:51:b7:a9:bf:49:47:2b:fa:74:79:1d:28:18:13:9e:3d:e9:
39:b7:4a:f3:2b:79:8f:2a:dd:a9:ff:08:b8:03:81:b8:8f:c4:
86:9b:df:b4:8b:73:4d:7b:06:f2:af:e8:ca:8f:45:dc:51:16:
2d:da:ee:b9:90:2d:e9:24:7c:e4:91:01:ee:b1:9e:d6:e4:a1:
99:bd:91:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwqKVg77mVYyE6EGC7wzyAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMjAyMTA1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODliNjg4NDY3NDA5NjJkMWE1YTIyMjE5ZmExNjhiMGZkNzBkMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+fpNuS1hqQKXVZ/7nlJAorK9dus
dI+FkMUsHosUBGy48lQFs/gq5JcSr4blgmQcZR6O+5ZwBAgX5hcrwIxQ4McefpD+
N7+c5XNoxlYZHKEQkkognKfP8XkQUBcvZAP6GdbZDkCsRM7EqIWPbTF8Otk1s6Pd
ZPq8g9EkcxyonnpwRH/FWytlAUt+EamvDGQT1WXQ9fhjJt8/6KAUHQ8vKa1wPpb7
7IDzixKXQmyMugnsxA+DmOgSBF1RKOVQ2rUXw3haz2UCur8NIW9Vx2zokeA4wN5s
HrM12qpf+0h0mW+mfGynPFLf85ugwJijFNIs9V47de6w6OzyCwXuqRYhRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIibaIRnQJYtGloiIZ+haLD9cND3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaUp0b2hHZEFsaTBhV2lJaG42Rm9zUDF3MFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHyxAwQA
wldAAwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQAlfVj4i7ARwHCSbdCOzR4eVqJe
HGXWI3bnr6dZK7IdSWA3Lh+eGP6TI3vd4MJx03X2VQcJCLz/xIQQCPmbi+3vwZf+
VITszIr1SzQ9FI/tWeqvKviKwVIreXVXeQA7QIwkCGnjHVhYZnSaFZvg40e1o7Qg
cretICDukvSexamR8xbPl7G0khcTQdhzWyJs5uTE1SXhcj0UpGkVllmmu3JXX7NC
VndpQkRLJ7btc8lrMrSoz/yhUbepv0lHK/p0eR0oGBOePek5t0rzK3mPKt2p/wi4
A4G4j8SGm9+0i3NNewbyr+jKj0XcURYt2u65kC3pJHzkkQHusZ7W5KGZvZHu
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:19 2024 by rpki-client on console-ams.rpki-client.org