Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/IwtqWMmhAMP6WnX47s18z4scfTo.roa
File: IwtqWMmhAMP6WnX47s18z4scfTo.roa (raw, json)
Hash identifier: eWG7QLHfLP1Nv+NFG2Idbh9foWps6ShI1VgZdpeiaQM=
Subject key identifier: 23:0B:6A:58:C9:A1:00:C3:FA:5A:75:F8:EE:CD:7C:CF:8B:1C:7D:3A
Certificate issuer: /CN=3cde2470c8563949487a3e78743c544c99ec8a64
Certificate serial: 018D63C030B79904A83D218BD8F589A199EB
Authority key identifier: 3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/IwtqWMmhAMP6WnX47s18z4scfTo.roa
Signing time: Thu 01 Feb 2024 08:19:16 +0000
ROA not before: Thu 01 Feb 2024 08:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 86.111.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 11 Mar 2024 08:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:c0:30:b7:99:04:a8:3d:21:8b:d8:f5:89:a1:99:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cde2470c8563949487a3e78743c544c99ec8a64
Validity
Not Before: Feb 1 08:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=230b6a58c9a100c3fa5a75f8eecd7ccf8b1c7d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:17:f5:2e:a9:d5:40:93:91:13:17:b8:b6:e8:
fc:05:f4:7e:8b:2c:b9:d3:8c:0f:85:08:d6:60:7b:
2a:2f:ff:1f:1e:00:88:4f:1c:3e:73:b2:77:6c:66:
27:8a:ec:28:91:9d:67:df:e7:f8:72:0b:5c:c4:86:
94:43:28:fa:d5:7d:44:65:0c:4f:19:b9:6b:ec:0b:
b7:ea:97:8d:28:b7:0e:57:58:14:2e:91:f1:cd:df:
3a:8e:27:d9:2a:33:4b:dd:ff:aa:da:2c:fa:0f:4c:
1f:8e:82:c0:51:05:e6:26:ca:dc:67:d5:dd:ab:ad:
06:f6:d3:48:1d:3f:01:76:12:c8:78:5a:29:1c:5d:
1d:b7:69:26:f5:85:ea:d3:dd:7a:ed:52:c2:47:85:
c2:97:d6:26:08:50:89:42:47:6f:fd:6b:99:65:c1:
26:c2:ff:06:8f:0f:e9:f6:21:42:f2:3f:90:58:88:
7b:46:5e:d4:de:d9:ee:64:41:7a:5d:7f:5f:16:3c:
c8:b5:b6:b6:d3:e5:b4:0f:70:7f:b3:01:6a:fc:10:
4b:a6:8d:63:3f:bf:d2:99:ee:b4:b3:aa:e0:cb:7f:
52:20:78:37:94:f7:95:f0:29:de:01:82:bb:46:d5:
cb:c8:bb:92:e8:65:28:a7:96:6f:79:84:a6:bf:ee:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0B:6A:58:C9:A1:00:C3:FA:5A:75:F8:EE:CD:7C:CF:8B:1C:7D:3A
X509v3 Authority Key Identifier:
keyid:3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/IwtqWMmhAMP6WnX47s18z4scfTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.192.0/22
Signature Algorithm: sha256WithRSAEncryption
25:97:1a:0f:a4:e7:d1:b5:b1:a1:1d:0a:55:59:74:98:fe:86:
a0:bd:52:17:93:b4:33:19:49:0e:c8:7d:ef:12:61:9f:7b:73:
6f:f6:78:0a:4c:71:e9:a6:72:bd:aa:27:17:9a:36:88:7a:9e:
a4:28:fb:27:8c:0e:8f:94:3a:71:70:7f:81:d5:d4:0e:ac:4f:
13:43:d0:5d:14:b8:5a:7e:97:7f:09:40:71:9d:ec:6c:c5:8d:
ec:be:b7:18:a2:33:36:e6:66:21:80:27:83:41:a3:14:34:d2:
70:0b:bc:80:ba:81:4a:6f:df:e6:67:22:07:86:1d:4d:d7:47:
dc:1c:42:a3:b8:d6:f7:bc:af:ee:48:b9:1c:09:88:39:68:41:
5f:c4:99:2f:1f:ea:c2:e6:89:47:83:79:ff:15:ff:cd:9b:04:
54:d2:73:0c:28:7d:64:f1:be:f2:71:ef:ab:da:09:23:42:85:
c6:a2:c4:ee:1f:9a:db:ce:75:ea:ed:44:c6:bb:ed:8f:06:6a:
06:3d:6c:c6:be:c9:27:e0:f3:14:94:55:bf:a4:24:43:e0:4d:
78:f3:92:2c:67:cb:af:e0:3f:c4:26:48:e0:61:d0:6f:c8:04:
51:fe:c2:77:15:aa:fc:f6:b7:4d:34:95:e9:7e:71:c4:8c:59:
91:dd:25:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1jwDC3mQSoPSGL2PWJoZnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGUyNDcwYzg1NjM5NDk0ODdhM2U3ODc0M2M1NDRjOTll
YzhhNjQwHhcNMjQwMjAxMDgxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBiNmE1OGM5YTEwMGMzZmE1YTc1ZjhlZWNkN2NjZjhiMWM3ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRf1LqnVQJORExe4tuj8BfR+iyy5
04wPhQjWYHsqL/8fHgCITxw+c7J3bGYniuwokZ1n3+f4cgtcxIaUQyj61X1EZQxP
Gblr7Au36peNKLcOV1gULpHxzd86jifZKjNL3f+q2iz6D0wfjoLAUQXmJsrcZ9Xd
q60G9tNIHT8BdhLIeFopHF0dt2km9YXq09167VLCR4XCl9YmCFCJQkdv/WuZZcEm
wv8Gjw/p9iFC8j+QWIh7Rl7U3tnuZEF6XX9fFjzItba20+W0D3B/swFq/BBLpo1j
P7/Sme60s6rgy39SIHg3lPeV8CneAYK7RtXLyLuS6GUop5ZveYSmv+7TqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMLaljJoQDD+lp1+O7NfM+LHH06MB8GA1UdIwQY
MBaAFDzeJHDIVjlJSHo+eHQ8VEyZ7IpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUt
NDQxNzFiMmY1OTllLzEvSXd0cVdNbWhBTVA2V25YNDdzMTh6NHNjZlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUtNDQxNzFiMmY1OTll
LzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVm/AMA0G
CSqGSIb3DQEBCwUAA4IBAQAllxoPpOfRtbGhHQpVWXSY/oagvVIXk7QzGUkOyH3v
EmGfe3Nv9ngKTHHppnK9qicXmjaIep6kKPsnjA6PlDpxcH+B1dQOrE8TQ9BdFLha
fpd/CUBxnexsxY3svrcYojM25mYhgCeDQaMUNNJwC7yAuoFKb9/mZyIHhh1N10fc
HEKjuNb3vK/uSLkcCYg5aEFfxJkvH+rC5olHg3n/Ff/NmwRU0nMMKH1k8b7yce+r
2gkjQoXGosTuH5rbznXq7UTGu+2PBmoGPWzGvskn4PMUlFW/pCRD4E1485IsZ8uv
4D/EJkjgYdBvyARR/sJ3Far89rdNNJXpfnHEjFmR3SUA
-----END CERTIFICATE-----
Generated at Mon Mar 11 11:55:57 2024 by rpki-client on console-fra.rpki-client.org