Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t3sIkIZ_F3FMMmNJZH85WF05Nnw.roa
File: t3sIkIZ_F3FMMmNJZH85WF05Nnw.roa (raw, json)
Hash identifier: VgkEbhsW54gVKcgQy4Eeo6i/EZWpN0H5//1yTycGjgU=
Subject key identifier: B7:7B:08:90:86:7F:17:71:4C:32:63:49:64:7F:39:58:5D:39:36:7C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D3C401F8FFC8C5526AADB1211E872A589
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t3sIkIZ_F3FMMmNJZH85WF05Nnw.roa
Signing time: Wed 24 Jan 2024 16:14:11 +0000
ROA not before: Wed 24 Jan 2024 16:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.124.180.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 17:44:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:40:1f:8f:fc:8c:55:26:aa:db:12:11:e8:72:a5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 24 16:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b77b0890867f17714c326349647f39585d39367c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:f5:1f:32:46:77:fb:2f:52:03:2e:58:5a:
5e:41:2b:64:9e:f1:57:6e:76:c2:68:13:74:d6:43:
c0:d7:4d:9a:85:87:73:fa:30:01:4a:a8:e9:00:8e:
3f:24:fb:2c:2e:8d:eb:82:d3:5f:8d:63:fa:3d:9f:
46:bb:41:50:f9:3f:6a:73:c3:5e:de:34:4c:64:df:
63:5d:87:5a:2a:23:42:68:24:03:81:28:1f:12:8d:
a1:b5:8e:d4:e9:0d:6c:7c:1d:84:6d:0d:af:78:bb:
51:ff:e0:33:3e:c2:e2:88:f9:58:10:95:a3:1e:15:
5c:af:20:2f:02:1a:1c:4f:8c:c4:6f:ac:d9:e7:12:
39:cd:14:9b:83:31:f6:1b:b2:38:d4:b8:a2:7d:e8:
8f:e3:f8:1e:44:85:20:66:8a:6a:f3:7d:ed:b5:18:
ca:71:e9:d1:b4:93:f2:17:cf:01:49:91:0d:bc:a8:
f4:c0:ec:11:39:cd:e3:36:c9:e6:4f:fd:8d:4f:1a:
4c:da:1f:42:79:32:4a:5f:2c:07:01:68:1a:8a:53:
81:dd:eb:6b:5c:a0:47:b2:4f:6d:84:54:12:f5:51:
98:e4:a6:7b:0a:b1:69:69:98:7e:d1:4a:bd:fe:88:
b1:6e:fc:f8:a8:73:f6:f6:f2:cf:25:f8:48:34:c0:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7B:08:90:86:7F:17:71:4C:32:63:49:64:7F:39:58:5D:39:36:7C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/t3sIkIZ_F3FMMmNJZH85WF05Nnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0/24
192.124.182.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:22:da:a9:cb:11:73:19:85:8c:da:2c:dc:0b:32:5b:ad:30:
71:b3:1a:f9:ea:86:84:06:15:67:f8:86:c4:7c:b6:4a:86:97:
7d:ac:1f:a6:f7:3d:e0:b5:18:ac:92:e4:0e:2a:40:bb:4d:6c:
93:32:ac:5c:01:56:ee:08:45:51:53:93:41:88:b9:f0:96:95:
6c:22:80:10:49:ad:82:03:fd:ab:31:55:cb:35:ce:be:de:08:
c7:12:6a:54:0e:f1:63:4f:3f:d0:79:f5:02:88:e3:25:e8:a6:
f1:f7:13:b9:2e:9f:04:d2:f5:db:ba:25:6e:f8:f4:0c:18:d7:
86:48:99:cb:98:15:5f:df:d9:92:09:c1:93:55:69:10:e2:af:
82:50:e8:09:04:72:c6:7f:4f:d4:7e:01:54:63:93:72:5f:04:
b9:05:21:cf:ec:0a:2b:df:6f:4a:65:ec:ec:97:a5:e5:01:a3:
22:98:9d:22:a2:84:c5:13:68:ff:bd:ba:a3:77:04:19:ae:b5:
87:30:b9:81:1f:a9:9f:96:e5:e4:ac:d8:da:e0:0b:03:d1:06:
09:ca:ad:38:88:18:ec:1f:b0:23:a6:fb:ba:34:1f:0b:67:92:
0d:b5:b3:0f:88:8a:33:10:9f:e6:0a:7f:82:27:45:ad:b5:8f:
51:53:0f:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY08QB+P/IxVJqrbEhHocqWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTI0MTYxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdiMDg5MDg2N2YxNzcxNGMzMjYzNDk2NDdmMzk1ODVkMzkzNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpf1HzJGd/svUgMuWFpeQStknvFX
bnbCaBN01kPA102ahYdz+jABSqjpAI4/JPssLo3rgtNfjWP6PZ9Gu0FQ+T9qc8Ne
3jRMZN9jXYdaKiNCaCQDgSgfEo2htY7U6Q1sfB2EbQ2veLtR/+AzPsLiiPlYEJWj
HhVcryAvAhocT4zEb6zZ5xI5zRSbgzH2G7I41LiifeiP4/geRIUgZopq833ttRjK
cenRtJPyF88BSZENvKj0wOwROc3jNsnmT/2NTxpM2h9CeTJKXywHAWgailOB3etr
XKBHsk9thFQS9VGY5KZ7CrFpaZh+0Uq9/oixbvz4qHP29vLPJfhINMAo1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLd7CJCGfxdxTDJjSWR/OVhdOTZ8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdDNzSWtJWl9GM0ZNTW1OSlpIODVXRjA1Tm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHy0AwQA
wHy2AwQA1MDdMA0GCSqGSIb3DQEBCwUAA4IBAQAdItqpyxFzGYWM2izcCzJbrTBx
sxr56oaEBhVn+IbEfLZKhpd9rB+m9z3gtRiskuQOKkC7TWyTMqxcAVbuCEVRU5NB
iLnwlpVsIoAQSa2CA/2rMVXLNc6+3gjHEmpUDvFjTz/QefUCiOMl6Kbx9xO5Lp8E
0vXbuiVu+PQMGNeGSJnLmBVf39mSCcGTVWkQ4q+CUOgJBHLGf0/UfgFUY5NyXwS5
BSHP7Aor329KZezsl6XlAaMimJ0iooTFE2j/vbqjdwQZrrWHMLmBH6mfluXkrNja
4AsD0QYJyq04iBjsH7Ajpvu6NB8LZ5INtbMPiIozEJ/mCn+CJ0WttY9RUw8z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org