Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/w3CpFX9w4-YioBKAFaOrS-Fms6A.roa
File: w3CpFX9w4-YioBKAFaOrS-Fms6A.roa (raw, json)
Hash identifier: iHfpxUVreEMk05ti1ZCRJ4XONoP6Frylt42HkJDdN0k=
Subject key identifier: C3:70:A9:15:7F:70:E3:E6:22:A0:12:80:15:A3:AB:4B:E1:66:B3:A0
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 018CC9BCA3590CBC89A09342B5C40DD524EC
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/w3CpFX9w4-YioBKAFaOrS-Fms6A.roa
Signing time: Tue 02 Jan 2024 10:33:52 +0000
ROA not before: Tue 02 Jan 2024 10:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 192.189.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 23:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a3:59:0c:bc:89:a0:93:42:b5:c4:0d:d5:24:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Jan 2 10:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c370a9157f70e3e622a0128015a3ab4be166b3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:9c:7e:4e:f4:db:f1:a2:31:8a:0e:a8:78:bc:
58:c6:12:67:bc:86:93:64:48:f9:18:48:1b:34:37:
48:52:4e:3f:15:ad:35:26:f0:87:5e:e4:44:cf:c4:
88:20:d2:06:84:87:75:6a:3d:79:29:8f:b6:06:5a:
42:ce:37:f0:7c:0c:ed:4c:3b:df:9f:c5:97:48:ce:
5c:41:5b:ca:39:0b:a2:62:2e:61:a4:87:c2:8c:fb:
d4:fa:9d:11:c6:92:96:ff:4c:57:c5:f8:3d:67:f4:
d2:9b:b1:e8:80:ac:80:d1:36:a2:8c:fa:43:68:0e:
71:7c:b0:42:92:d2:64:05:2c:0c:c4:f0:89:8a:06:
55:37:df:6c:82:5d:c3:87:f6:b6:f4:52:cc:f0:c9:
70:75:57:27:d0:5c:be:c5:c8:ca:95:81:5d:a9:ff:
b1:46:9b:05:2c:77:ae:88:6d:3d:3b:07:6e:f6:c4:
56:d6:e4:0d:5c:a9:90:03:18:19:80:f1:02:e1:dd:
d6:f9:fe:e0:42:cd:01:86:26:f9:4e:b4:74:20:cb:
5c:7f:f8:0b:e7:c6:05:da:aa:32:f5:61:80:d7:77:
93:8d:34:20:17:72:2c:06:42:e7:41:5f:12:73:62:
b5:dd:8a:ff:e0:8a:f5:3e:d5:1e:89:62:ad:a7:a1:
b3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:70:A9:15:7F:70:E3:E6:22:A0:12:80:15:A3:AB:4B:E1:66:B3:A0
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/w3CpFX9w4-YioBKAFaOrS-Fms6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.189.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:a2:5a:51:86:a0:e8:29:45:e2:fc:95:89:41:10:4d:e1:6d:
2a:b0:05:c6:23:92:a9:27:45:4d:39:f1:3d:f0:f1:99:b1:cc:
83:e4:16:e1:4c:ae:c8:ba:34:16:24:17:b8:7d:69:82:40:11:
96:f7:96:6b:5f:09:66:6c:3c:f2:91:21:1f:e4:cd:98:95:c7:
3a:fa:73:c6:75:31:32:8c:5c:e0:f8:9b:62:35:c7:da:df:68:
66:4b:e6:71:63:72:14:79:4c:ba:09:6b:b1:77:6a:7b:28:17:
3e:6f:98:70:60:9e:2b:96:c4:16:03:f2:a9:4b:02:d6:94:34:
46:8e:7b:8b:85:f5:a4:4e:46:fc:51:b2:b5:1c:25:65:ef:0c:
ab:f6:9f:26:c2:75:89:39:9d:76:0e:01:65:9c:18:65:55:1b:
c3:7e:8d:e0:c0:ca:63:a6:96:d4:75:10:5b:08:d1:01:72:8a:
22:29:91:57:69:7e:42:84:fc:d9:ea:93:67:8a:ec:b1:86:db:
49:2b:5f:ac:f3:58:f5:0b:7a:e6:a6:fd:12:d1:3f:f6:14:6c:
13:5d:c6:5e:1e:5b:65:d8:65:ce:64:3d:59:62:66:96:11:00:
85:ed:e5:72:c1:1e:fe:ed:2f:74:b6:89:c1:04:35:db:f5:da:
cb:b0:7f:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvKNZDLyJoJNCtcQN1STsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwMTAyMTAzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzcwYTkxNTdmNzBlM2U2MjJhMDEyODAxNWEzYWI0YmUxNjZiM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA85x+TvTb8aIxig6oeLxYxhJnvIaT
ZEj5GEgbNDdIUk4/Fa01JvCHXuREz8SIINIGhId1aj15KY+2BlpCzjfwfAztTDvf
n8WXSM5cQVvKOQuiYi5hpIfCjPvU+p0RxpKW/0xXxfg9Z/TSm7HogKyA0TaijPpD
aA5xfLBCktJkBSwMxPCJigZVN99sgl3Dh/a29FLM8MlwdVcn0Fy+xcjKlYFdqf+x
RpsFLHeuiG09Owdu9sRW1uQNXKmQAxgZgPEC4d3W+f7gQs0Bhib5TrR0IMtcf/gL
58YF2qoy9WGA13eTjTQgF3IsBkLnQV8Sc2K13Yr/4Ir1PtUeiWKtp6GzwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNwqRV/cOPmIqASgBWjq0vhZrOgMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvdzNDcEZYOXc0LVlpb0JLQUZhT3JTLUZtczZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwL2dMA0G
CSqGSIb3DQEBCwUAA4IBAQCholpRhqDoKUXi/JWJQRBN4W0qsAXGI5KpJ0VNOfE9
8PGZscyD5BbhTK7IujQWJBe4fWmCQBGW95ZrXwlmbDzykSEf5M2Ylcc6+nPGdTEy
jFzg+JtiNcfa32hmS+ZxY3IUeUy6CWuxd2p7KBc+b5hwYJ4rlsQWA/KpSwLWlDRG
jnuLhfWkTkb8UbK1HCVl7wyr9p8mwnWJOZ12DgFlnBhlVRvDfo3gwMpjppbUdRBb
CNEBcooiKZFXaX5ChPzZ6pNniuyxhttJK1+s81j1C3rmpv0S0T/2FGwTXcZeHltl
2GXOZD1ZYmaWEQCF7eVywR7+7S90tonBBDXb9drLsH+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org