Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/CgOwa0YnMgCeaZvcaA5aX_C8Ohk.roa
File: CgOwa0YnMgCeaZvcaA5aX_C8Ohk.roa (raw, json)
Hash identifier: 29VlG8TjsPF7GEdADoXhOmHLDUo5M2+eduS0IodJViE=
Subject key identifier: 0A:03:B0:6B:46:27:32:00:9E:69:9B:DC:68:0E:5A:5F:F0:BC:3A:19
Certificate issuer: /CN=7a3508be2a868d6ce54db9b3a864d4be985cae4d
Certificate serial: 018BFC262B86B960D91F6B0C5C691850770E
Authority key identifier: 7A:35:08:BE:2A:86:8D:6C:E5:4D:B9:B3:A8:64:D4:BE:98:5C:AE:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUIviqGjWzlTbmzqGTUvphcrk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/CgOwa0YnMgCeaZvcaA5aX_C8Ohk.roa
Signing time: Thu 23 Nov 2023 12:27:21 +0000
ROA not before: Thu 23 Nov 2023 12:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57671
IP address blocks: 192.146.141.0/24 maxlen: 24
192.146.140.0/23 maxlen: 23
192.146.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:26:2b:86:b9:60:d9:1f:6b:0c:5c:69:18:50:77:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a3508be2a868d6ce54db9b3a864d4be985cae4d
Validity
Not Before: Nov 23 12:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a03b06b462732009e699bdc680e5a5ff0bc3a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3e:b8:e9:8d:00:dc:dd:50:50:3d:95:61:5d:
d8:2d:01:e9:dc:c2:5b:da:0c:b1:e8:ce:9f:96:b8:
69:25:f0:e6:e5:9c:a2:46:48:3d:31:e4:ba:a3:e3:
a7:09:46:23:48:ff:19:85:19:5d:38:4b:ef:cf:43:
fd:d9:b9:06:9b:a6:03:b6:7c:fe:3c:2e:52:99:07:
b3:4c:0f:70:f7:1f:c6:6c:e6:54:09:61:b6:a7:6e:
ef:ad:48:40:37:41:e4:2d:85:09:ab:aa:e8:91:49:
90:3a:6d:d5:9c:73:05:3a:54:c4:0a:a3:13:de:98:
67:de:f9:75:30:4d:4f:7b:ea:de:44:7c:50:8c:e2:
eb:b4:70:11:52:47:45:ac:4d:98:3c:a3:aa:74:d9:
74:7d:17:2b:08:0a:7e:77:25:05:9a:f9:a7:39:f4:
0b:af:99:86:f4:84:9e:1f:ed:ef:5a:9e:4f:9f:3c:
a3:7b:31:bd:35:4e:5a:f3:bb:a2:4a:77:32:a5:18:
9a:c4:79:26:8a:16:ac:4f:23:13:62:25:a4:34:60:
71:17:30:0f:15:21:f3:d9:8d:09:2c:93:df:65:eb:
f2:85:3a:5e:89:ae:91:20:c9:fd:7b:d8:1e:d8:9a:
14:df:50:9b:3a:81:2a:2e:f6:30:c9:6c:7b:0c:92:
59:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:03:B0:6B:46:27:32:00:9E:69:9B:DC:68:0E:5A:5F:F0:BC:3A:19
X509v3 Authority Key Identifier:
keyid:7A:35:08:BE:2A:86:8D:6C:E5:4D:B9:B3:A8:64:D4:BE:98:5C:AE:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUIviqGjWzlTbmzqGTUvphcrk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/CgOwa0YnMgCeaZvcaA5aX_C8Ohk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/ejUIviqGjWzlTbmzqGTUvphcrk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.146.140.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:e1:07:cf:88:86:1c:43:41:72:07:45:de:68:13:12:1f:88:
59:bc:9f:3b:71:78:43:62:0c:33:ac:68:15:b8:14:c8:9d:22:
87:04:89:25:a8:45:39:4c:55:92:83:11:c2:33:e0:09:b2:6c:
a9:af:97:41:26:89:01:46:5c:9e:4d:ad:05:77:18:ae:a9:86:
e1:97:63:b0:37:dc:28:cd:ef:d1:25:ae:3f:9a:4d:8f:ed:2f:
e8:21:2e:ea:ff:75:d6:53:4d:03:17:5c:ee:fd:21:de:19:33:
5c:f5:8d:e0:ec:93:e1:e1:53:d8:79:ba:84:05:a2:47:c2:27:
87:c1:5e:0e:22:6e:e2:38:9c:d8:e8:a9:28:bd:fa:f5:9e:df:
44:2e:7a:e2:a7:0e:41:af:78:5a:18:60:77:c2:2f:36:cd:6e:
17:7a:13:a1:ab:5b:ad:d4:5f:35:56:f1:06:a8:6d:f9:7a:e4:
c6:af:1c:f9:93:9f:f4:9c:2a:e0:54:ea:23:5b:c4:96:c4:3e:
4c:b7:99:ce:a5:d9:39:49:92:2f:f2:37:b7:9e:02:24:fa:4e:
98:ed:33:46:73:d4:bb:74:24:1e:e4:cf:0e:4e:44:25:8b:32:
ea:d5:45:38:f1:58:08:6d:70:7d:4f:ee:89:1d:b3:62:e4:1c:
18:36:49:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv8JiuGuWDZH2sMXGkYUHcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwOGJlMmE4NjhkNmNlNTRkYjliM2E4NjRkNGJlOTg1
Y2FlNGQwHhcNMjMxMTIzMTIyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAzYjA2YjQ2MjczMjAwOWU2OTliZGM2ODBlNWE1ZmYwYmMzYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD646Y0A3N1QUD2VYV3YLQHp3MJb
2gyx6M6flrhpJfDm5ZyiRkg9MeS6o+OnCUYjSP8ZhRldOEvvz0P92bkGm6YDtnz+
PC5SmQezTA9w9x/GbOZUCWG2p27vrUhAN0HkLYUJq6rokUmQOm3VnHMFOlTECqMT
3phn3vl1ME1Pe+reRHxQjOLrtHARUkdFrE2YPKOqdNl0fRcrCAp+dyUFmvmnOfQL
r5mG9ISeH+3vWp5PnzyjezG9NU5a87uiSncypRiaxHkmihasTyMTYiWkNGBxFzAP
FSHz2Y0JLJPfZevyhTpeia6RIMn9e9ge2JoU31CbOoEqLvYwyWx7DJJZkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoDsGtGJzIAnmmb3GgOWl/wvDoZMB8GA1UdIwQY
MBaAFHo1CL4qho1s5U25s6hk1L6YXK5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVSXZpcUdqV3psVGJtenFHVFV2cGhjcmswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83NTg4ZDAtMzNiZC00OWM5LTg4NWQt
NGMzOGJmZjFhZjE4LzEvQ2dPd2EwWW5NZ0NlYVp2Y2FBNWFYX0M4T2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83NTg4ZDAtMzNiZC00OWM5LTg4NWQtNGMzOGJmZjFhZjE4
LzEvZWpVSXZpcUdqV3psVGJtenFHVFV2cGhjcmswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwJKMMA0G
CSqGSIb3DQEBCwUAA4IBAQBr4QfPiIYcQ0FyB0XeaBMSH4hZvJ87cXhDYgwzrGgV
uBTInSKHBIklqEU5TFWSgxHCM+AJsmypr5dBJokBRlyeTa0FdxiuqYbhl2OwN9wo
ze/RJa4/mk2P7S/oIS7q/3XWU00DF1zu/SHeGTNc9Y3g7JPh4VPYebqEBaJHwieH
wV4OIm7iOJzY6Kkovfr1nt9ELnripw5Br3haGGB3wi82zW4XehOhq1ut1F81VvEG
qG35euTGrxz5k5/0nCrgVOojW8SWxD5Mt5nOpdk5SZIv8je3ngIk+k6Y7TNGc9S7
dCQe5M8OTkQlizLq1UU48VgIbXB9T+6JHbNi5BwYNkmS
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:30 2024 by rpki-client on console-ams.rpki-client.org