Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xjhbmR3HB5xTdtC0jTYAQyIW7tk.roa
File: xjhbmR3HB5xTdtC0jTYAQyIW7tk.roa (raw, json)
Hash identifier: ctW9I9E/9jsTqiPr8l6yTdXif/QQOEAInZYS7Qokz70=
Subject key identifier: C6:38:5B:99:1D:C7:07:9C:53:76:D0:B4:8D:36:00:43:22:16:EE:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D2CCA4C97117651DEB98ED7EC34B0062B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xjhbmR3HB5xTdtC0jTYAQyIW7tk.roa
Signing time: Sun 21 Jan 2024 16:11:11 +0000
ROA not before: Sun 21 Jan 2024 16:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 16:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2c:ca:4c:97:11:76:51:de:b9:8e:d7:ec:34:b0:06:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 21 16:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6385b991dc7079c5376d0b48d3600432216eed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:a7:34:0c:cf:88:47:f0:b6:38:0a:c2:97:
ac:62:7b:f6:c0:25:0b:fa:2f:f5:e7:c1:99:e5:05:
70:6e:37:f7:74:60:db:1b:1d:40:b4:e8:5f:bb:6a:
39:92:09:30:e8:f9:ee:70:06:61:b3:d1:6f:3b:00:
5e:aa:60:a0:17:bd:bd:4a:98:79:d4:62:4e:b5:bd:
a5:d3:c2:cb:cb:81:2c:c2:1b:95:19:9e:c0:17:bb:
2a:63:4f:b0:b0:9b:7e:d1:80:70:d2:f1:87:94:d5:
38:59:2d:b8:ef:9c:ee:b9:cb:19:fb:b8:f1:7b:0c:
f5:b0:87:00:a3:53:94:75:2d:b3:e3:81:34:7f:5e:
10:3a:a8:4a:19:c4:ae:dc:cd:50:63:97:15:1d:76:
05:be:f3:6d:57:6f:5a:bd:5e:54:a7:49:f9:5b:b6:
1e:d2:46:40:d9:f9:34:92:c8:f4:25:ec:cc:60:d2:
49:ae:30:15:a7:7b:6d:8b:11:e5:03:f9:ca:e7:b0:
17:64:11:76:b7:ac:25:d7:ca:a6:a5:64:e8:08:de:
66:46:24:6d:87:5c:8b:74:06:40:a9:6d:4f:e2:2f:
28:25:3e:23:d2:0d:ab:e9:eb:46:77:77:0d:a2:6f:
da:8f:c2:fb:fd:a0:57:f4:6a:40:df:07:36:f6:b4:
d4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:38:5B:99:1D:C7:07:9C:53:76:D0:B4:8D:36:00:43:22:16:EE:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xjhbmR3HB5xTdtC0jTYAQyIW7tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0-192.124.182.255
192.124.190.0/24
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
97:31:32:29:58:71:b5:bb:3d:21:88:a6:6d:df:1a:a5:6b:29:
42:54:76:6f:da:0b:5b:8a:60:f6:42:fd:95:fa:b7:ea:56:2c:
4a:d0:4a:2b:9c:ff:2a:2b:0c:e6:7e:05:51:30:b6:33:89:f5:
42:4f:56:1d:ac:9a:e1:72:5a:af:fb:01:b0:11:95:b8:d8:79:
a5:3f:57:bc:65:21:67:84:b9:52:af:a0:17:df:8d:32:b9:1a:
72:ad:5c:61:ea:7f:d2:28:77:41:c3:54:74:9c:b7:cc:65:a1:
72:37:6f:4e:3c:a0:c8:d6:3e:ad:59:43:94:9c:99:8e:6b:45:
24:fa:ab:b2:33:e0:6e:1d:bd:9e:35:6a:6c:51:eb:b3:9a:ca:
92:11:e8:6c:5c:85:7f:55:1c:13:01:b9:01:5e:39:1d:7c:de:
16:34:42:80:d0:24:f1:8a:64:a6:77:e6:bc:c6:70:8d:62:89:
a4:f7:6b:72:1c:bd:57:eb:9a:a2:02:2d:a7:f5:2f:d0:f0:13:
b9:59:a0:be:4f:6d:86:69:2e:59:89:47:15:69:28:48:9e:09:
b6:f9:6c:3d:f9:48:8f:82:2a:b9:e8:a1:cb:0b:71:ff:e3:eb:
59:43:94:7d:7b:c2:27:eb:fa:80:a4:67:ec:27:c6:f3:44:fe:
38:9c:0c:82
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY0sykyXEXZR3rmO1+w0sAYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTIxMTYxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM4NWI5OTFkYzcwNzljNTM3NmQwYjQ4ZDM2MDA0MzIyMTZlZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoOnNAzPiEfwtjgKwpesYnv2wCUL
+i/158GZ5QVwbjf3dGDbGx1AtOhfu2o5kgkw6PnucAZhs9FvOwBeqmCgF729Sph5
1GJOtb2l08LLy4EswhuVGZ7AF7sqY0+wsJt+0YBw0vGHlNU4WS2475zuucsZ+7jx
ewz1sIcAo1OUdS2z44E0f14QOqhKGcSu3M1QY5cVHXYFvvNtV29avV5Up0n5W7Ye
0kZA2fk0ksj0JezMYNJJrjAVp3ttixHlA/nK57AXZBF2t6wl18qmpWToCN5mRiRt
h1yLdAZAqW1P4i8oJT4j0g2r6etGd3cNom/aj8L7/aBX9GpA3wc29rTUFQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMY4W5kdxwecU3bQtI02AEMiFu7ZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveGpoYm1SM0hCNXhUZHRDMGpUWUFReUlXN3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBALAfLQD
BADAfLYDBADAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEBAJcxMilY
cbW7PSGIpm3fGqVrKUJUdm/aC1uKYPZC/ZX6t+pWLErQSiuc/yorDOZ+BVEwtjOJ
9UJPVh2smuFyWq/7AbARlbjYeaU/V7xlIWeEuVKvoBffjTK5GnKtXGHqf9Iod0HD
VHSct8xloXI3b048oMjWPq1ZQ5ScmY5rRST6q7Iz4G4dvZ41amxR67OaypIR6Gxc
hX9VHBMBuQFeOR183hY0QoDQJPGKZKZ35rzGcI1iiaT3a3IcvVfrmqICLaf1L9Dw
E7lZoL5PbYZpLlmJRxVpKEieCbb5bD35SI+CKrnoocsLcf/j61lDlH17wifr+oCk
Z+wnxvNE/jicDII=
-----END CERTIFICATE-----
Generated at Wed Jan 24 19:37:27 2024 by rpki-client on console-ams.rpki-client.org