Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nH4Uflr7AueteATQbuRqE0BVgVc.roa
File: nH4Uflr7AueteATQbuRqE0BVgVc.roa (raw, json)
Hash identifier: ukd79ONAeo8vLUtJnB+SVucH6Uw7dXAzlZoMXb4PesA=
Subject key identifier: 9C:7E:14:7E:5A:FB:02:E7:AD:78:04:D0:6E:E4:6A:13:40:55:81:57
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AE14CC8619B5683F55699FA1F63C8E56D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nH4Uflr7AueteATQbuRqE0BVgVc.roa
Signing time: Fri 29 Sep 2023 14:17:00 +0000
ROA not before: Fri 29 Sep 2023 14:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 192.124.170.0/24 maxlen: 24
192.124.172.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:4c:c8:61:9b:56:83:f5:56:99:fa:1f:63:c8:e5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 29 14:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c7e147e5afb02e7ad7804d06ee46a1340558157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:05:6b:1b:c1:b4:42:62:67:9c:b4:7b:ab:14:
67:77:b5:9a:f7:09:28:24:c6:2c:21:4f:48:33:8e:
21:c7:55:61:b2:37:19:32:9e:50:63:c6:0d:59:5c:
8b:66:6a:6c:1b:13:b1:68:a4:e2:b1:73:7b:05:97:
3e:5e:84:60:6e:6f:85:33:b0:07:c2:13:e6:a1:52:
49:dd:61:96:7c:7a:df:c2:67:44:d2:a1:81:97:c0:
75:c9:a5:68:88:7f:d3:fd:4c:86:e6:3a:c3:cd:25:
9c:3f:88:12:ad:f4:d5:bd:02:fd:72:6a:3b:09:21:
3d:42:d3:71:16:9e:e1:f6:63:46:b7:ab:5a:ca:59:
e9:d0:98:af:fb:fc:49:6b:8f:24:90:5a:93:c8:c0:
52:7f:56:e7:ca:74:2b:d6:fb:57:8f:e4:b1:0f:f5:
64:09:76:e1:34:31:f4:a4:cf:cc:97:fe:37:e1:7a:
a4:77:dd:98:29:07:30:2f:a8:d9:d8:d2:d9:a6:65:
38:87:10:05:3b:d5:3b:94:61:5c:87:d1:aa:6a:95:
af:ea:8a:fb:7c:98:36:9c:d8:d0:33:c8:7b:19:b4:
04:3c:9e:c5:a5:de:0b:69:48:7a:e6:80:99:5b:2c:
08:7c:f2:d7:05:95:64:fd:43:52:e5:0d:d3:0d:d4:
0f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:7E:14:7E:5A:FB:02:E7:AD:78:04:D0:6E:E4:6A:13:40:55:81:57
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nH4Uflr7AueteATQbuRqE0BVgVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.170.0/24
192.124.172.0/24
192.124.183.0/24
Signature Algorithm: sha256WithRSAEncryption
77:84:63:aa:7e:ed:8b:af:f4:57:9c:e0:a8:75:a5:f7:e1:c0:
69:36:c9:61:dd:51:c7:d3:11:fd:3e:59:ee:14:a9:aa:e3:a1:
a4:eb:e9:01:2d:3d:c1:5b:3d:e1:0b:d4:08:98:45:f7:f1:4c:
7c:ec:ea:80:d4:ee:cc:ec:2d:f0:e4:05:76:80:7a:5b:fd:59:
48:f0:18:00:66:03:67:87:b7:9e:27:13:87:99:7f:eb:1a:36:
e0:e7:41:05:cc:f7:f8:b0:96:65:d0:e0:47:83:3c:29:4c:d9:
58:0e:ab:11:f7:33:1c:c5:86:3c:53:d7:3e:25:5c:2f:ca:65:
9c:25:61:81:5e:01:4f:d4:93:2c:a6:08:00:7c:8b:58:97:d6:
7c:29:41:16:90:62:ad:45:74:5c:c5:6b:ab:46:3e:0e:8c:10:
d4:73:d6:7a:b7:c3:ed:51:0d:82:8e:11:1b:52:09:f3:3b:93:
b4:55:36:c9:bd:2e:a6:18:60:cb:0b:eb:94:8d:21:ea:12:b3:
f8:1f:21:a1:57:b5:46:76:fe:7c:d7:4e:3d:1e:02:37:bf:2e:
f2:04:9f:e4:d0:2f:d1:02:a3:2f:4f:ed:a1:e6:ea:be:79:36:
99:94:2e:a8:50:07:47:f5:9a:0e:e0:8c:a0:60:c3:b5:13:06:
ca:8b:19:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrhTMhhm1aD9VaZ+h9jyOVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTI5MTQxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzdlMTQ3ZTVhZmIwMmU3YWQ3ODA0ZDA2ZWU0NmExMzQwNTU4MTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAVrG8G0QmJnnLR7qxRnd7Wa9wko
JMYsIU9IM44hx1VhsjcZMp5QY8YNWVyLZmpsGxOxaKTisXN7BZc+XoRgbm+FM7AH
whPmoVJJ3WGWfHrfwmdE0qGBl8B1yaVoiH/T/UyG5jrDzSWcP4gSrfTVvQL9cmo7
CSE9QtNxFp7h9mNGt6taylnp0Jiv+/xJa48kkFqTyMBSf1bnynQr1vtXj+SxD/Vk
CXbhNDH0pM/Ml/434Xqkd92YKQcwL6jZ2NLZpmU4hxAFO9U7lGFch9GqapWv6or7
fJg2nNjQM8h7GbQEPJ7Fpd4LaUh65oCZWywIfPLXBZVk/UNS5Q3TDdQP7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJx+FH5a+wLnrXgE0G7kahNAVYFXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbkg0VWZscjdBdWV0ZUFUUWJ1UnFFMEJWZ1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHyqAwQA
wHysAwQAwHy3MA0GCSqGSIb3DQEBCwUAA4IBAQB3hGOqfu2Lr/RXnOCodaX34cBp
Nslh3VHH0xH9PlnuFKmq46Gk6+kBLT3BWz3hC9QImEX38Ux87OqA1O7M7C3w5AV2
gHpb/VlI8BgAZgNnh7eeJxOHmX/rGjbg50EFzPf4sJZl0OBHgzwpTNlYDqsR9zMc
xYY8U9c+JVwvymWcJWGBXgFP1JMspggAfItYl9Z8KUEWkGKtRXRcxWurRj4OjBDU
c9Z6t8PtUQ2CjhEbUgnzO5O0VTbJvS6mGGDLC+uUjSHqErP4HyGhV7VGdv581049
HgI3vy7yBJ/k0C/RAqMvT+2h5uq+eTaZlC6oUAdH9ZoO4IygYMO1EwbKixkF
-----END CERTIFICATE-----
Generated at Wed Nov 29 12:03:17 2023 by rpki-client on console-fra.rpki-client.org