Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y86Y74iw8nUO3d-L35SW_Yl9hkw.roa
File: y86Y74iw8nUO3d-L35SW_Yl9hkw.roa (raw, json)
Hash identifier: rIdX0IMmG8Uzqho3IjoMjtW+ywJUpeDCmbTKR/R6wiU=
Subject key identifier: CB:CE:98:EF:88:B0:F2:75:0E:DD:DF:8B:DF:94:96:FD:89:7D:86:4C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C219991E29CBD04ED1B903EF94AC60C7B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y86Y74iw8nUO3d-L35SW_Yl9hkw.roa
Signing time: Thu 30 Nov 2023 18:59:21 +0000
ROA not before: Thu 30 Nov 2023 18:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.192.221.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 17:27:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:99:91:e2:9c:bd:04:ed:1b:90:3e:f9:4a:c6:0c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 30 18:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbce98ef88b0f2750edddf8bdf9496fd897d864c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:23:99:df:e7:f2:bb:88:3f:e6:f1:1e:61:16:
d3:16:e1:b9:5d:e9:f8:13:5e:2a:2e:7f:bb:9c:8c:
d6:15:27:21:7c:c9:8a:94:91:fc:20:63:a9:dd:5a:
50:37:0a:59:fe:69:a5:c5:f3:47:df:9b:56:20:77:
0a:59:bd:53:9c:ab:91:a8:15:4e:00:a7:c8:e6:34:
96:f9:be:0e:d4:7d:7d:1a:86:3b:0a:6e:99:53:ee:
f8:a4:5e:5b:cc:e7:e9:2b:99:ef:a9:2b:ff:20:29:
fa:31:eb:33:a5:d6:e6:d0:8d:c0:0a:9d:7c:80:a5:
00:8b:e7:b3:fa:1b:16:52:2e:b2:93:ce:48:30:06:
02:0e:20:12:cc:e5:ac:ed:bc:54:8b:35:f9:35:f5:
e0:65:59:07:5e:c3:3d:45:e8:11:9e:97:e0:67:50:
14:d6:89:10:31:e5:9d:f7:88:44:70:93:6c:45:95:
86:19:fa:a9:b6:76:fc:42:06:5e:d7:8a:a5:e2:8d:
1a:6d:b2:83:29:df:13:f4:29:6d:6c:49:88:fe:87:
4f:98:3c:a2:cb:20:ba:d5:c1:17:53:55:be:fe:d2:
c7:9c:1b:0a:37:5a:83:50:0e:2c:f6:2b:7a:e2:de:
d0:d8:96:0f:4c:11:33:65:ea:00:b0:d0:86:1a:63:
3e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CE:98:EF:88:B0:F2:75:0E:DD:DF:8B:DF:94:96:FD:89:7D:86:4C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y86Y74iw8nUO3d-L35SW_Yl9hkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0-192.124.182.255
192.124.188.0/24
192.124.190.0/23
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4a:73:f9:c4:47:5b:42:de:64:ff:6f:ff:40:db:44:ca:cb:
67:af:ac:97:5b:84:93:a8:08:7e:75:15:88:04:8b:38:8a:32:
39:25:4d:ba:47:47:52:61:68:08:6a:5f:da:1d:2f:3b:47:27:
46:8e:da:08:d6:38:cb:1d:0b:51:fc:1b:8a:a5:f0:ff:ba:bf:
37:b4:8a:99:80:09:7f:9a:5b:32:5a:0e:a1:46:f2:0c:74:41:
6f:47:5a:73:c6:1a:79:33:13:8a:25:50:09:7d:47:db:f1:81:
b6:a9:64:bc:c8:08:77:98:e6:bc:e7:9c:72:95:32:b2:2a:10:
a7:b0:70:dc:df:c7:d6:9a:0d:7e:a1:f4:d2:25:7e:be:16:65:
8a:1f:42:b0:6c:51:c3:f3:d7:56:7a:9b:7d:91:1b:54:3a:5b:
97:b1:0d:9e:13:9c:ac:91:a8:1d:25:16:56:1e:a8:bb:a4:b5:
52:ac:89:2a:15:1c:c1:43:e7:a9:a5:e6:f4:ce:43:24:e6:61:
df:0c:c0:a0:8f:e7:76:4f:ee:51:d9:82:a3:11:a3:9e:97:02:
c6:75:cc:4d:d4:a8:02:96:12:e3:61:28:73:3e:96:80:08:a5:
ca:fa:91:a0:a4:2f:5e:3a:25:6c:b1:fb:79:90:40:6e:3f:c8:
1d:72:ef:9a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYwhmZHinL0E7RuQPvlKxgx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTMwMTg1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNlOThlZjg4YjBmMjc1MGVkZGRmOGJkZjk0OTZmZDg5N2Q4NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCOZ3+fyu4g/5vEeYRbTFuG5Xen4
E14qLn+7nIzWFSchfMmKlJH8IGOp3VpQNwpZ/mmlxfNH35tWIHcKWb1TnKuRqBVO
AKfI5jSW+b4O1H19GoY7Cm6ZU+74pF5bzOfpK5nvqSv/ICn6Meszpdbm0I3ACp18
gKUAi+ez+hsWUi6yk85IMAYCDiASzOWs7bxUizX5NfXgZVkHXsM9RegRnpfgZ1AU
1okQMeWd94hEcJNsRZWGGfqptnb8QgZe14ql4o0abbKDKd8T9CltbEmI/odPmDyi
yyC61cEXU1W+/tLHnBsKN1qDUA4s9it64t7Q2JYPTBEzZeoAsNCGGmM+BwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMvOmO+IsPJ1Dt3fi9+Ulv2JfYZMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveTg2WTc0aXc4blVPM2QtTDM1U1dfWWw5aGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBADAfLUD
BADAfLYDBADAfLwDBAHAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEB
AA1Kc/nER1tC3mT/b/9A20TKy2evrJdbhJOoCH51FYgEiziKMjklTbpHR1JhaAhq
X9odLztHJ0aO2gjWOMsdC1H8G4ql8P+6vze0ipmACX+aWzJaDqFG8gx0QW9HWnPG
GnkzE4olUAl9R9vxgbapZLzICHeY5rznnHKVMrIqEKewcNzfx9aaDX6h9NIlfr4W
ZYofQrBsUcPz11Z6m32RG1Q6W5exDZ4TnKyRqB0lFlYeqLuktVKsiSoVHMFD56ml
5vTOQyTmYd8MwKCP53ZP7lHZgqMRo56XAsZ1zE3UqAKWEuNhKHM+loAIpcr6kaCk
L146JWyx+3mQQG4/yB1y75o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:51 2024 by rpki-client on console-ams.rpki-client.org