Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iqO-1Owskllp-fi0JN0OLveMNU4.roa
File: iqO-1Owskllp-fi0JN0OLveMNU4.roa (raw, json)
Hash identifier: nLjLc6+HKzpITsseTYTSlEtUdEfuafODEplqV3isYz8=
Subject key identifier: 8A:A3:BE:D4:EC:2C:92:59:69:F9:F8:B4:24:DD:0E:2E:F7:8C:35:4E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DA0DDBAE14CAD899C53EB7D5C64D409DD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iqO-1Owskllp-fi0JN0OLveMNU4.roa
Signing time: Tue 13 Feb 2024 05:08:22 +0000
ROA not before: Tue 13 Feb 2024 05:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36113
IP address blocks: 193.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 09:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a0:dd:ba:e1:4c:ad:89:9c:53:eb:7d:5c:64:d4:09:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 13 05:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aa3bed4ec2c925969f9f8b424dd0e2ef78c354e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:23:29:8d:15:87:4c:29:b7:96:18:28:67:
b7:2d:d8:10:3a:11:ad:92:41:55:01:cd:85:6f:4a:
67:8d:2a:08:1c:21:ba:d3:8f:cd:4d:65:66:0a:ea:
7f:10:67:d4:ff:56:c6:50:b9:6a:a1:d6:cb:a6:84:
75:d0:e4:17:bb:b9:71:4d:65:80:20:51:b0:85:ac:
24:a4:7a:ee:fc:37:24:f7:ee:a2:1f:d4:35:a2:8d:
b6:29:b2:37:98:a9:e6:f7:e4:f6:2d:2a:bf:05:57:
eb:d5:b3:76:8e:ec:5a:db:08:31:66:49:01:d9:88:
3f:02:55:f2:7e:0f:1a:53:19:96:5e:30:d4:cf:3c:
7f:bf:f7:66:06:59:c2:41:9e:2b:db:2d:56:da:ae:
ac:aa:d2:65:31:f4:dc:ce:56:29:4f:16:42:92:54:
f3:15:18:8d:da:da:66:63:aa:7b:8c:ad:82:30:1f:
d2:8d:c9:c4:8b:37:b6:0d:d7:66:08:e9:d1:15:2b:
f2:b2:5e:7a:b8:94:76:12:59:80:b1:1b:56:d5:aa:
bf:48:54:ce:93:5a:73:0b:5d:63:45:b1:21:9f:d8:
bb:09:0c:92:30:11:e6:da:4c:30:fa:11:4c:53:70:
a9:b2:61:1f:b1:6b:40:25:c4:f5:c2:53:b1:26:e9:
d5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A3:BE:D4:EC:2C:92:59:69:F9:F8:B4:24:DD:0E:2E:F7:8C:35:4E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iqO-1Owskllp-fi0JN0OLveMNU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.207.0/24
Signature Algorithm: sha256WithRSAEncryption
65:22:77:f3:12:cd:dd:7b:38:5c:43:41:7c:eb:7b:9b:a5:c0:
53:c8:98:e0:64:6f:1f:6a:77:06:01:bf:ef:1e:e2:ec:e5:bb:
71:6d:3f:a5:de:72:6d:a9:5a:4a:35:cb:fa:18:e3:b2:5c:c4:
3f:3d:a9:ce:d0:ce:aa:5e:f2:97:81:1b:f6:6f:83:bd:d6:02:
a1:4f:bf:ed:83:2d:b7:86:a6:b5:4e:b5:0d:a9:6d:a5:2c:3c:
c8:4f:83:0b:5e:67:80:de:0e:26:31:ec:ca:ea:e8:e3:e8:dd:
e3:66:b9:e7:55:c5:ad:f1:28:5e:eb:52:32:0f:c4:71:e5:3d:
94:2d:e2:5e:83:79:eb:8a:15:fe:42:91:ab:a7:b4:df:a4:13:
b2:9a:c6:0a:2d:0e:ef:95:5c:ea:73:40:5b:92:47:1d:dd:d9:
6e:94:1a:f6:6a:21:e3:f6:50:83:6b:1a:15:7c:29:bb:ce:ab:
a7:86:35:4e:3c:08:51:fe:2c:8f:61:37:64:f6:1f:bd:98:a4:
05:3c:88:3a:b8:b1:3b:e8:ba:80:5e:f9:ba:33:f3:0b:e7:97:
97:09:03:b6:d3:d9:e4:5c:f9:fb:9a:51:a5:4a:84:4a:4f:6f:
52:12:85:fb:9e:c9:e5:95:a9:3a:cc:04:9a:b8:b1:a0:20:63:
1e:f1:b3:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2g3brhTK2JnFPrfVxk1AndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjEzMDUwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWEzYmVkNGVjMmM5MjU5NjlmOWY4YjQyNGRkMGUyZWY3OGMzNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGsjKY0Vh0wpt5YYKGe3LdgQOhGt
kkFVAc2Fb0pnjSoIHCG604/NTWVmCup/EGfU/1bGULlqodbLpoR10OQXu7lxTWWA
IFGwhawkpHru/Dck9+6iH9Q1oo22KbI3mKnm9+T2LSq/BVfr1bN2juxa2wgxZkkB
2Yg/AlXyfg8aUxmWXjDUzzx/v/dmBlnCQZ4r2y1W2q6sqtJlMfTczlYpTxZCklTz
FRiN2tpmY6p7jK2CMB/SjcnEize2DddmCOnRFSvysl56uJR2ElmAsRtW1aq/SFTO
k1pzC11jRbEhn9i7CQySMBHm2kww+hFMU3CpsmEfsWtAJcT1wlOxJunVCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqjvtTsLJJZafn4tCTdDi73jDVOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaXFPLTFPd3NrbGxwLWZpMEpOME9MdmVNTlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXzPMA0G
CSqGSIb3DQEBCwUAA4IBAQBlInfzEs3dezhcQ0F863ubpcBTyJjgZG8fancGAb/v
HuLs5btxbT+l3nJtqVpKNcv6GOOyXMQ/PanO0M6qXvKXgRv2b4O91gKhT7/tgy23
hqa1TrUNqW2lLDzIT4MLXmeA3g4mMezK6ujj6N3jZrnnVcWt8She61IyD8Rx5T2U
LeJeg3nrihX+QpGrp7TfpBOymsYKLQ7vlVzqc0Bbkkcd3dlulBr2aiHj9lCDaxoV
fCm7zqunhjVOPAhR/iyPYTdk9h+9mKQFPIg6uLE76LqAXvm6M/ML55eXCQO209nk
XPn7mlGlSoRKT29SEoX7nsnllak6zASauLGgIGMe8bPi
-----END CERTIFICATE-----
Generated at Fri Feb 16 12:45:17 2024 by rpki-client on console-ams.rpki-client.org