Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/n3_g7krhlgHHOAboUYS8g7iSzeQ.roa
File: n3_g7krhlgHHOAboUYS8g7iSzeQ.roa (raw, json)
Hash identifier: wWupOSPuuZj89hPUZJkjLnfl90h4lU7s+CR7yclEKM4=
Subject key identifier: 9F:7F:E0:EE:4A:E1:96:01:C7:38:06:E8:51:84:BC:83:B8:92:CD:E4
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 018CC94E62AECE6236FC083D0189234A38DE
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/n3_g7krhlgHHOAboUYS8g7iSzeQ.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200471
IP address blocks: 160.62.9.0/24 maxlen: 24
160.62.10.0/24 maxlen: 24
160.62.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 15:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:62:ae:ce:62:36:fc:08:3d:01:89:23:4a:38:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7fe0ee4ae19601c73806e85184bc83b892cde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:a4:f5:07:db:22:48:fb:ef:57:3e:cc:eb:45:
e0:ee:c8:40:b0:db:79:c0:60:02:1d:f1:7b:7e:46:
e1:de:3c:63:90:a2:cd:25:d0:3b:db:c1:b3:82:08:
9d:3b:b0:cd:30:4f:93:d9:04:7d:c2:ca:90:86:7e:
77:7e:97:f9:31:38:6d:14:f4:f7:ea:ad:3b:06:f5:
8e:59:2c:94:d4:bc:73:e6:7b:14:05:5b:4f:96:f8:
3c:da:73:63:d6:71:9f:9f:19:4d:4c:d0:7f:a1:e8:
63:cf:2e:3b:6e:95:2b:b0:e0:f3:f0:6f:50:8c:b8:
31:d5:10:d4:b8:d8:a6:09:50:4f:06:41:74:97:b9:
2b:d8:74:b3:62:17:21:74:1a:e2:d8:ec:df:9b:94:
c1:01:46:e2:b9:68:76:0d:31:29:8e:d4:e2:db:a7:
20:9a:af:f3:0b:b1:e1:29:16:b4:b1:50:c6:fc:59:
2e:6a:73:42:05:54:7f:76:a9:92:b5:fd:2e:af:8b:
3d:43:ea:26:68:f4:d2:92:49:2e:cb:6b:99:dc:41:
0a:b8:8c:3a:88:cc:63:05:d8:eb:94:e5:d9:69:39:
05:36:fc:ff:95:2d:a0:20:22:cd:6f:fc:51:3b:a2:
d4:a9:14:3c:11:b4:b1:ee:1c:19:8d:22:da:8d:68:
d9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7F:E0:EE:4A:E1:96:01:C7:38:06:E8:51:84:BC:83:B8:92:CD:E4
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/n3_g7krhlgHHOAboUYS8g7iSzeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.62.9.0-160.62.10.255
160.62.21.0/24
Signature Algorithm: sha256WithRSAEncryption
46:31:80:e3:ab:f4:75:cc:53:c5:de:01:37:af:18:b8:43:0c:
22:48:e6:81:6f:94:c6:eb:72:f0:61:67:38:72:90:a3:ed:49:
00:70:83:ef:41:53:8a:9e:ff:02:d6:9a:8b:0c:ac:63:cd:a7:
a8:09:32:1d:5e:98:39:7d:d0:7d:0d:2c:b3:06:0a:a5:4a:6f:
79:b3:7a:58:dd:2f:2e:b4:75:d1:1d:3d:ab:1d:74:66:d6:55:
c4:c3:2d:7f:41:92:4a:ca:b4:84:84:08:2b:11:39:4b:1b:fb:
5d:40:8b:9c:17:06:85:63:ef:8a:a3:3f:8c:30:70:ff:be:37:
c4:6d:6a:f7:93:3f:ee:10:e6:5d:af:64:50:20:e4:66:81:e6:
f0:0c:58:a1:83:a1:7e:02:9c:f6:31:04:bf:f5:6a:a4:c4:fa:
25:9d:29:6b:ae:1d:cf:a2:8e:8b:43:6a:30:d2:26:7f:44:24:
e2:4e:23:df:0b:79:01:e5:b0:65:82:0e:af:50:e4:39:67:80:
32:28:b9:5c:9d:a9:80:ed:66:38:a4:42:5d:8d:03:46:68:f7:
9f:9f:bb:16:22:60:11:42:7e:4c:93:49:e3:2f:b0:f4:2f:2c:
12:ff:91:88:d1:18:9a:95:6e:7b:17:5f:5a:58:a3:a7:fa:b6:
72:8d:00:96
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJTmKuzmI2/Ag9AYkjSjjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdmZTBlZTRhZTE5NjAxYzczODA2ZTg1MTg0YmM4M2I4OTJjZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9aT1B9siSPvvVz7M60Xg7shAsNt5
wGACHfF7fkbh3jxjkKLNJdA728GzggidO7DNME+T2QR9wsqQhn53fpf5MThtFPT3
6q07BvWOWSyU1Lxz5nsUBVtPlvg82nNj1nGfnxlNTNB/oehjzy47bpUrsODz8G9Q
jLgx1RDUuNimCVBPBkF0l7kr2HSzYhchdBri2Ozfm5TBAUbiuWh2DTEpjtTi26cg
mq/zC7HhKRa0sVDG/FkuanNCBVR/dqmStf0ur4s9Q+omaPTSkkkuy2uZ3EEKuIw6
iMxjBdjrlOXZaTkFNvz/lS2gICLNb/xRO6LUqRQ8EbSx7hwZjSLajWjZ1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ9/4O5K4ZYBxzgG6FGEvIO4ks3kMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvbjNfZzdrcmhsZ0hIT0Fib1VZUzhnN2lTemVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACgPgkD
BACgPgoDBACgPhUwDQYJKoZIhvcNAQELBQADggEBAEYxgOOr9HXMU8XeATevGLhD
DCJI5oFvlMbrcvBhZzhykKPtSQBwg+9BU4qe/wLWmosMrGPNp6gJMh1emDl90H0N
LLMGCqVKb3mzeljdLy60ddEdPasddGbWVcTDLX9BkkrKtISECCsROUsb+11Ai5wX
BoVj74qjP4wwcP++N8RtaveTP+4Q5l2vZFAg5GaB5vAMWKGDoX4CnPYxBL/1aqTE
+iWdKWuuHc+ijotDajDSJn9EJOJOI98LeQHlsGWCDq9Q5DlngDIouVydqYDtZjik
Ql2NA0Zo95+fuxYiYBFCfkyTSeMvsPQvLBL/kYjRGJqVbnsXX1pYo6f6tnKNAJY=
-----END CERTIFICATE-----
Generated at Fri Sep 13 17:40:59 2024 by rpki-client on console-fra.rpki-client.org