Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mwzzKrfBjzj1eQjP1e4Si7A6rI0.roa
File: mwzzKrfBjzj1eQjP1e4Si7A6rI0.roa (raw, json)
Hash identifier: a8l8cRZ2OHhCWRDRIDfz8k7zkKljGN3SAO5MAUyoJB0=
Subject key identifier: 9B:0C:F3:2A:B7:C1:8F:38:F5:79:08:CF:D5:EE:12:8B:B0:3A:AC:8D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01910993C5E3370CDA794A2510A211FAC186
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mwzzKrfBjzj1eQjP1e4Si7A6rI0.roa
Signing time: Wed 31 Jul 2024 16:16:04 +0000
ROA not before: Wed 31 Jul 2024 16:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 192.124.209.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 20:21:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:93:c5:e3:37:0c:da:79:4a:25:10:a2:11:fa:c1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 31 16:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b0cf32ab7c18f38f57908cfd5ee128bb03aac8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:35:da:f6:72:2b:4b:12:b5:ae:61:2a:57:d4:
a3:d2:73:6f:b6:56:b0:32:88:88:8f:3b:a5:91:8b:
1d:5b:cd:f1:74:82:e8:e4:c0:5a:e5:ad:29:1c:f1:
bc:2e:46:47:41:60:ec:76:3e:ac:46:52:ac:3a:6f:
39:b6:28:f5:65:ab:49:ab:55:06:c7:79:c7:3a:2f:
36:0d:65:17:09:f8:73:28:b2:1f:be:c6:f2:e3:ca:
09:ee:93:54:66:21:1c:ce:02:65:d6:cd:c9:84:2b:
a4:4d:0b:7e:b8:7c:bd:47:13:54:45:6f:2f:da:22:
68:21:ec:47:c7:e0:92:ce:36:4b:c8:a3:19:fd:b2:
5e:b2:28:fe:6d:0b:6b:65:44:7d:05:36:69:40:d0:
7b:da:68:1a:38:21:9b:b9:f8:b6:d4:3f:c4:d0:40:
f4:d0:42:cd:a6:f5:1f:27:32:68:d0:7e:7e:d6:05:
7e:df:0d:80:1e:77:d6:53:da:56:bf:64:96:cf:e6:
63:ee:f1:f5:5a:bd:67:ef:11:61:a2:42:cf:af:0d:
46:b7:b6:3a:9f:3f:84:19:2b:f2:df:e3:a0:74:15:
5a:70:0e:1e:72:c1:ad:31:eb:ef:38:a0:98:09:d5:
f9:e9:e7:7c:66:f6:3b:31:a0:44:28:62:ed:6a:34:
58:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0C:F3:2A:B7:C1:8F:38:F5:79:08:CF:D5:EE:12:8B:B0:3A:AC:8D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mwzzKrfBjzj1eQjP1e4Si7A6rI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.209.0/24
212.192.4.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b4:c1:b5:79:12:d6:0f:64:b0:c7:70:8b:92:fe:54:8c:16:
85:68:82:0a:4d:ed:47:6c:ce:2a:4a:db:ad:e5:9a:4c:92:b8:
0e:cd:57:e7:cd:5b:c5:1a:df:60:1f:19:cb:b1:b1:ae:db:4f:
19:61:24:91:a7:e6:cb:f4:91:76:64:e4:01:a8:60:b7:79:4c:
f7:cd:1b:49:da:5d:64:cc:c9:92:1a:22:ae:67:9d:db:61:86:
66:18:05:90:73:ee:40:3e:22:77:3b:f9:63:8d:2b:29:ee:23:
f8:00:16:cf:9f:0e:a0:b6:1a:87:db:e5:ae:c6:7b:16:46:2c:
12:95:39:d0:bb:d2:fc:3b:94:6f:a1:a1:7f:a5:44:7b:f0:e2:
9a:71:7a:c5:9f:83:eb:38:d8:d0:47:b9:86:3f:47:23:95:f9:
bc:9f:0f:89:a5:cf:b0:57:11:a8:b1:87:fd:18:64:6c:bd:15:
1f:20:d4:7f:41:2b:9c:a2:7f:30:37:2c:14:1e:12:eb:e6:17:
d5:de:86:db:98:e8:5d:96:e8:4a:5d:1c:97:04:7b:c9:54:db:
81:37:19:cb:f6:47:bb:f2:67:19:6b:1c:78:c5:8f:e2:2e:de:
b2:b9:6c:f3:69:78:2d:a7:26:f4:d9:31:02:9a:1d:31:b3:86:
ea:d3:11:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEJk8XjNwzaeUolEKIR+sGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzMxMTYxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjBjZjMyYWI3YzE4ZjM4ZjU3OTA4Y2ZkNWVlMTI4YmIwM2FhYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzXa9nIrSxK1rmEqV9Sj0nNvtlaw
MoiIjzulkYsdW83xdILo5MBa5a0pHPG8LkZHQWDsdj6sRlKsOm85tij1ZatJq1UG
x3nHOi82DWUXCfhzKLIfvsby48oJ7pNUZiEczgJl1s3JhCukTQt+uHy9RxNURW8v
2iJoIexHx+CSzjZLyKMZ/bJesij+bQtrZUR9BTZpQNB72mgaOCGbufi21D/E0ED0
0ELNpvUfJzJo0H5+1gV+3w2AHnfWU9pWv2SWz+Zj7vH1Wr1n7xFhokLPrw1Gt7Y6
nz+EGSvy3+OgdBVacA4ecsGtMevvOKCYCdX56ed8ZvY7MaBEKGLtajRYrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJsM8yq3wY849XkIz9XuEouwOqyNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbXd6ektyZkJqemoxZVFqUDFlNFNpN0E2ckkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHzRAwQA
1MAEAwQA1MDWMA0GCSqGSIb3DQEBCwUAA4IBAQAKtMG1eRLWD2Swx3CLkv5UjBaF
aIIKTe1HbM4qStut5ZpMkrgOzVfnzVvFGt9gHxnLsbGu208ZYSSRp+bL9JF2ZOQB
qGC3eUz3zRtJ2l1kzMmSGiKuZ53bYYZmGAWQc+5APiJ3O/ljjSsp7iP4ABbPnw6g
thqH2+WuxnsWRiwSlTnQu9L8O5RvoaF/pUR78OKacXrFn4PrONjQR7mGP0cjlfm8
nw+Jpc+wVxGosYf9GGRsvRUfINR/QSucon8wNywUHhLr5hfV3obbmOhdluhKXRyX
BHvJVNuBNxnL9ke78mcZaxx4xY/iLt6yuWzzaXgtpyb02TECmh0xs4bq0xHD
-----END CERTIFICATE-----
Generated at Fri Aug 16 22:48:14 2024 by rpki-client on console-ams.rpki-client.org