Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yy4vNrZxjJ9tWzRhvTU0fh4fx_w.roa
File: yy4vNrZxjJ9tWzRhvTU0fh4fx_w.roa (raw, json)
Hash identifier: u9cJTpVyKkVF9zXUXTWimmOj+FCOAET0/FnrJqfeZ3I=
Subject key identifier: CB:2E:2F:36:B6:71:8C:9F:6D:5B:34:61:BD:35:34:7E:1E:1F:C7:FC
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A70BACAC24C5904223CF9518EB41C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yy4vNrZxjJ9tWzRhvTU0fh4fx_w.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 212.192.221.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 15:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:70:ba:ca:c2:4c:59:04:22:3c:f9:51:8e:b4:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb2e2f36b6718c9f6d5b3461bd35347e1e1fc7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:eb:93:48:55:4e:63:ca:78:16:3b:45:b0:ee:
96:a8:7b:55:4b:34:88:dd:d2:2e:65:67:4a:7f:9d:
4e:30:76:1b:0f:98:f3:1a:7f:0e:1a:54:b4:90:11:
c3:01:16:2b:8a:5f:51:15:4f:98:ea:ef:a5:34:96:
45:5f:24:5f:6b:73:2a:69:1c:4f:e5:d3:d3:9a:be:
e2:d0:80:04:94:0c:1a:fe:b3:df:ff:de:79:82:9a:
8a:63:a6:50:ef:7d:ac:cc:32:39:70:b7:5c:56:1b:
a3:35:7c:a5:d6:34:06:b6:03:27:4e:a7:42:b1:ea:
33:9c:29:37:f4:ad:0f:44:6c:cc:1a:a4:96:63:d9:
d6:8d:1b:c5:56:a3:53:70:7a:40:4d:7d:94:36:ad:
dc:6b:8c:93:2f:c0:dd:3e:ac:20:66:3d:20:03:9a:
61:2f:f3:21:d0:49:e2:7c:9a:c2:99:d7:c0:d1:59:
e8:16:2e:76:9f:b2:82:39:13:ae:b3:db:30:18:28:
20:06:ab:ac:72:06:9c:e1:a9:6e:bc:d8:f2:1b:29:
09:e4:8f:35:86:77:0d:88:c7:05:39:cc:12:86:91:
ed:23:96:07:fd:f2:33:1f:af:b6:cd:db:6d:ee:ac:
89:c5:4a:b8:52:58:94:79:16:8d:cc:65:ed:2d:9b:
34:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2E:2F:36:B6:71:8C:9F:6D:5B:34:61:BD:35:34:7E:1E:1F:C7:FC
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yy4vNrZxjJ9tWzRhvTU0fh4fx_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.180.0-192.124.182.255
192.124.188.0/24
192.124.190.0/23
192.124.209.0/24
212.192.221.0/24
Signature Algorithm: sha256WithRSAEncryption
23:13:55:17:39:81:59:64:ed:6d:e6:ea:8a:df:3e:ef:20:2d:
1c:d6:84:9c:05:49:6d:34:19:50:b7:90:95:ad:0b:9b:40:b2:
df:7b:ed:d0:69:84:53:cc:f7:25:60:af:77:c6:f3:4a:82:ce:
2b:2a:9c:82:9e:7b:3d:49:5c:8a:57:90:ee:69:e6:0e:8d:d7:
c0:53:a8:6f:a1:02:b9:03:2b:22:ba:26:23:cf:c5:4a:32:be:
c0:0c:06:86:4e:da:cc:ff:e6:3f:c1:b6:c3:84:c7:d4:e0:e7:
83:35:d1:ad:63:71:85:71:f3:99:64:16:78:ec:64:0c:4f:2d:
99:39:bc:9b:9e:35:75:3f:46:e9:66:01:47:f4:c2:c4:54:cb:
86:1a:42:a5:b1:54:a1:7a:77:4c:2d:e0:2c:08:89:16:a4:3d:
23:eb:ed:ce:b2:2d:78:14:27:2c:ab:99:df:c0:36:18:cb:39:
ad:a9:5b:08:2b:b7:c8:1f:0d:ab:7c:9c:5d:b3:d1:85:f4:62:
01:5c:db:5d:fb:4e:84:ac:b9:c7:bf:a4:15:f1:d2:9a:b4:b9:
e2:86:ec:6d:90:ec:98:64:73:4b:48:b3:f4:9c:84:82:21:e7:
eb:0e:17:e0:0e:92:ee:06:e9:2e:73:ec:73:7d:e6:e2:bd:b3:
8b:a9:5f:81
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzKKnC6ysJMWQQiPPlRjrQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjJlMmYzNmI2NzE4YzlmNmQ1YjM0NjFiZDM1MzQ3ZTFlMWZjN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOuTSFVOY8p4FjtFsO6WqHtVSzSI
3dIuZWdKf51OMHYbD5jzGn8OGlS0kBHDARYril9RFU+Y6u+lNJZFXyRfa3MqaRxP
5dPTmr7i0IAElAwa/rPf/955gpqKY6ZQ732szDI5cLdcVhujNXyl1jQGtgMnTqdC
seoznCk39K0PRGzMGqSWY9nWjRvFVqNTcHpATX2UNq3ca4yTL8DdPqwgZj0gA5ph
L/Mh0EnifJrCmdfA0VnoFi52n7KCOROus9swGCggBquscgac4aluvNjyGykJ5I81
hncNiMcFOcwShpHtI5YH/fIzH6+2zdtt7qyJxUq4UliUeRaNzGXtLZs0EQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMsuLza2cYyfbVs0Yb01NH4eH8f8MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveXk0dk5yWnhqSjl0V3pSaHZUVTBmaDRmeF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBALAfLQD
BADAfLYDBADAfLwDBAHAfL4DBADAfNEDBADUwN0wDQYJKoZIhvcNAQELBQADggEB
ACMTVRc5gVlk7W3m6orfPu8gLRzWhJwFSW00GVC3kJWtC5tAst977dBphFPM9yVg
r3fG80qCzisqnIKeez1JXIpXkO5p5g6N18BTqG+hArkDKyK6JiPPxUoyvsAMBoZO
2sz/5j/BtsOEx9Tg54M10a1jcYVx85lkFnjsZAxPLZk5vJueNXU/RulmAUf0wsRU
y4YaQqWxVKF6d0wt4CwIiRakPSPr7c6yLXgUJyyrmd/ANhjLOa2pWwgrt8gfDat8
nF2z0YX0YgFc2137ToSsuce/pBXx0pq0ueKG7G2Q7Jhkc0tIs/SchIIh5+sOF+AO
ku4G6S5z7HN95uK9s4upX4E=
-----END CERTIFICATE-----
Generated at Sun Jan 21 17:22:30 2024 by rpki-client on console-fra.rpki-client.org