Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/luJvv47VqYB6e8GQZEskCmAXl1Q.roa
File: luJvv47VqYB6e8GQZEskCmAXl1Q.roa (raw, json)
Hash identifier: B1VhDDNShPE48+xGBcpdp0+QjiD6+03yq+12QB6ZEcU=
Subject key identifier: 96:E2:6F:BF:8E:D5:A9:80:7A:7B:C1:90:64:4B:24:0A:60:17:97:54
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E19272B59B225D435448E8E342A6DABAD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/luJvv47VqYB6e8GQZEskCmAXl1Q.roa
Signing time: Thu 07 Mar 2024 13:43:01 +0000
ROA not before: Thu 07 Mar 2024 13:43:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 192.124.170.0/24 maxlen: 24
212.192.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 04:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:27:2b:59:b2:25:d4:35:44:8e:8e:34:2a:6d:ab:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 7 13:43:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96e26fbf8ed5a9807a7bc190644b240a60179754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:38:16:69:8a:c8:1c:1c:86:4e:f8:cb:b7:b6:
66:26:3d:60:bd:15:46:a4:39:d8:15:f6:d1:24:f7:
8a:47:1a:81:c6:2e:37:54:3c:a4:ef:fb:c3:70:2d:
81:a2:fb:d5:db:85:a2:26:81:7e:d0:51:a3:e7:92:
4f:ce:32:51:4d:0d:e8:ae:7f:8c:03:b1:85:8a:6f:
fb:7b:1f:2b:01:f9:09:6b:58:88:10:bb:f2:9c:fe:
84:e9:b3:6f:e0:fc:32:67:6d:68:80:c5:37:b8:b5:
44:0f:e1:8c:b9:73:d7:65:3c:4c:f2:77:9f:8b:af:
d4:8b:6d:12:6c:ce:3e:32:3e:d2:65:1f:44:ae:9b:
b5:91:2b:0a:aa:73:26:47:85:41:3e:5d:a9:a8:90:
90:de:6d:32:4c:b7:8f:c7:7c:2d:d9:82:e3:d7:d6:
9e:a3:35:cb:7c:96:8e:7c:e7:1c:f6:14:a0:74:df:
66:59:b7:e2:ed:8b:3d:31:8e:ad:f5:21:08:df:5b:
8a:6f:10:31:e9:99:43:c0:65:15:5d:78:9a:be:26:
5b:49:6f:74:dd:3b:92:1b:6f:8b:b3:70:4d:de:59:
fb:4d:8b:6c:cf:dc:52:f2:32:83:bc:92:fa:f7:d6:
83:d3:6e:2c:5c:a7:94:a0:30:25:4d:71:12:15:3c:
f9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E2:6F:BF:8E:D5:A9:80:7A:7B:C1:90:64:4B:24:0A:60:17:97:54
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/luJvv47VqYB6e8GQZEskCmAXl1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.170.0/24
212.192.253.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:38:b0:b3:e3:7b:22:d2:e3:c2:b1:67:8c:27:a2:08:ed:f4:
b4:de:9c:b7:b5:55:f6:2b:29:63:28:01:e9:6e:19:2f:fa:fd:
80:9f:0e:34:d5:b4:23:57:fe:f5:ac:e4:bd:59:83:fc:68:ae:
90:2d:ab:2b:8c:29:a5:19:c3:12:27:79:0b:93:93:e3:53:30:
92:4e:07:9c:1a:7c:2d:7f:9c:69:78:99:8b:37:56:2d:ce:d1:
43:69:69:4a:f6:86:90:cd:b5:53:f9:4f:fb:b3:0e:0e:0b:76:
c7:32:28:9c:1c:49:53:a7:5e:c6:71:55:75:8c:2a:2b:03:27:
1a:85:39:e0:3a:ca:56:5a:94:02:0f:e8:63:d4:71:29:5f:bb:
74:9e:16:6c:75:a2:96:96:a8:c6:66:e0:92:0f:03:36:df:0d:
fd:15:9b:b1:70:70:11:66:cd:53:9a:24:8d:48:32:1d:37:d8:
ed:88:70:63:99:35:d5:30:e7:23:4a:1d:ec:cf:24:84:8e:68:
6e:04:8b:db:93:7f:cc:3f:2c:12:bd:4e:4d:86:49:c8:75:85:
fd:49:d6:f9:c5:67:01:37:18:a2:7e:4d:12:d3:7c:81:17:92:
55:00:ed:a0:d9:26:30:e7:11:a7:cb:fe:26:d8:ab:64:fd:e1:
25:00:01:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4ZJytZsiXUNUSOjjQqbautMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzA3MTM0MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmUyNmZiZjhlZDVhOTgwN2E3YmMxOTA2NDRiMjQwYTYwMTc5NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzgWaYrIHByGTvjLt7ZmJj1gvRVG
pDnYFfbRJPeKRxqBxi43VDyk7/vDcC2BovvV24WiJoF+0FGj55JPzjJRTQ3orn+M
A7GFim/7ex8rAfkJa1iIELvynP6E6bNv4PwyZ21ogMU3uLVED+GMuXPXZTxM8nef
i6/Ui20SbM4+Mj7SZR9Erpu1kSsKqnMmR4VBPl2pqJCQ3m0yTLePx3wt2YLj19ae
ozXLfJaOfOcc9hSgdN9mWbfi7Ys9MY6t9SEI31uKbxAx6ZlDwGUVXXiaviZbSW90
3TuSG2+Ls3BN3ln7TYtsz9xS8jKDvJL699aD024sXKeUoDAlTXESFTz5KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJbib7+O1amAenvBkGRLJApgF5dUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbHVKdnY0N1ZxWUI2ZThHUVpFc2tDbUFYbDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHyqAwQA
1MD9MA0GCSqGSIb3DQEBCwUAA4IBAQAaOLCz43si0uPCsWeMJ6II7fS03py3tVX2
KyljKAHpbhkv+v2Anw401bQjV/71rOS9WYP8aK6QLasrjCmlGcMSJ3kLk5PjUzCS
TgecGnwtf5xpeJmLN1YtztFDaWlK9oaQzbVT+U/7sw4OC3bHMiicHElTp17GcVV1
jCorAycahTngOspWWpQCD+hj1HEpX7t0nhZsdaKWlqjGZuCSDwM23w39FZuxcHAR
Zs1TmiSNSDIdN9jtiHBjmTXVMOcjSh3szySEjmhuBIvbk3/MPywSvU5NhknIdYX9
Sdb5xWcBNxiifk0S03yBF5JVAO2g2SYw5xGny/4m2Ktk/eElAAFD
-----END CERTIFICATE-----
Generated at Fri Nov 15 07:09:48 2024 by rpki-client on console-fra.rpki-client.org