Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/4MBvg78GYHJUBtM0y1DDedquMSo.roa
File: 4MBvg78GYHJUBtM0y1DDedquMSo.roa (raw, json)
Hash identifier: IoHcqK1Te9pRXj4oTQU29nEczSYS3iYnvbCBylz/G4c=
Subject key identifier: E0:C0:6F:83:BF:06:60:72:54:06:D3:34:CB:50:C3:79:DA:AE:31:2A
Certificate issuer: /CN=10953e607670ff738eee6a6b577d8c8b2804e1e1
Certificate serial: 01856B4A07813E7419FA938A24787C1300E3
Authority key identifier: 10:95:3E:60:76:70:FF:73:8E:EE:6A:6B:57:7D:8C:8B:28:04:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/4MBvg78GYHJUBtM0y1DDedquMSo.roa
Signing time: Sun 01 Jan 2023 03:04:51 +0000
ROA not before: Sun 01 Jan 2023 03:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8473
IP address blocks: 176.124.224.0/23 maxlen: 23
176.124.225.0/24 maxlen: 24
176.124.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:07:81:3e:74:19:fa:93:8a:24:78:7c:13:00:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10953e607670ff738eee6a6b577d8c8b2804e1e1
Validity
Not Before: Jan 1 03:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0c06f83bf0660725406d334cb50c379daae312a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e1:5a:a9:44:19:ac:a1:84:26:ad:b0:02:a3:
95:d6:e1:42:f3:e6:3b:7c:26:20:bf:b1:ba:fc:ef:
3d:b8:93:7b:d7:40:d6:ca:3e:30:a8:ad:13:6b:cf:
69:39:dd:3b:34:dc:ea:0e:5d:64:1d:63:e6:13:ee:
49:a3:38:d3:5e:e8:17:8f:9f:24:34:65:ad:c6:f4:
91:cd:08:c2:bb:1c:a5:e3:ae:a9:db:43:a6:73:4f:
0c:31:57:ad:95:fb:9b:fa:18:22:eb:85:d6:8a:49:
59:ec:78:e1:cc:23:5e:60:a3:e1:8f:4f:be:9c:84:
98:1a:43:65:8a:37:ad:a4:b8:ba:d0:46:9a:49:16:
07:9a:34:47:a3:12:f8:6c:41:68:7b:f9:87:a4:bf:
84:aa:dd:04:7f:3e:83:d8:2d:31:6c:04:bf:96:cf:
74:a5:67:f2:ad:f7:d5:18:b3:d6:a0:dc:b3:67:1f:
58:b7:7b:c6:62:a0:30:63:ea:a3:4e:84:9c:19:af:
78:9b:0f:bb:29:80:87:12:73:97:b3:5a:7b:4b:36:
55:cc:7e:4c:4e:e8:b9:67:ae:fe:b3:f1:6c:d4:80:
5f:bb:98:5f:d2:12:09:e1:23:43:86:3b:cd:89:f2:
38:ab:42:61:b2:4b:80:a8:db:7c:ba:87:33:db:e1:
1b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C0:6F:83:BF:06:60:72:54:06:D3:34:CB:50:C3:79:DA:AE:31:2A
X509v3 Authority Key Identifier:
keyid:10:95:3E:60:76:70:FF:73:8E:EE:6A:6B:57:7D:8C:8B:28:04:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJU-YHZw_3OO7mprV32MiygE4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/4MBvg78GYHJUBtM0y1DDedquMSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a99355-2d01-4da5-8e73-1bc552c00dd7/1/EJU-YHZw_3OO7mprV32MiygE4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.224.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:41:cf:07:28:b1:10:91:b2:03:fc:86:23:f1:77:fa:8a:37:
52:d5:d7:42:32:fe:b6:5b:67:ce:8e:54:c9:8b:2d:bf:ab:05:
a4:59:8f:0f:15:a6:2a:58:a5:10:11:10:8f:d0:75:87:2b:56:
29:9a:6f:aa:ff:74:a8:bd:00:b0:1a:a0:84:ec:bb:72:aa:fd:
4b:11:9e:d9:29:96:0b:c6:c2:97:d7:ae:d6:0e:c8:b2:ff:1d:
d3:13:65:b9:6f:d5:1d:3e:6a:a8:e7:70:e6:8c:49:0c:50:62:
03:d4:79:54:ae:41:71:ca:e7:c6:5a:8c:c7:2d:fd:c4:cc:af:
f2:7c:cc:29:dc:e7:f0:d9:56:7d:5e:0a:7a:c0:44:ea:3f:0c:
05:fd:b0:52:b3:fa:a9:9d:11:77:09:c4:c3:83:e9:73:29:20:
e4:40:12:9b:08:1f:19:90:03:90:21:dc:11:b6:bc:49:c9:3b:
31:97:b4:19:2d:43:d9:da:cf:fe:f6:29:1c:b8:d1:69:1b:e3:
68:ea:16:ac:7e:b8:0c:09:4e:88:9b:47:eb:b5:11:9e:90:e9:
1b:98:d0:c9:c2:11:5a:07:87:69:97:6e:82:4c:c2:7f:b5:80:
eb:59:b1:1e:00:55:ee:0d:77:1f:6b:c7:68:ee:b2:ee:78:d5:
97:dd:08:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSgeBPnQZ+pOKJHh8EwDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTUzZTYwNzY3MGZmNzM4ZWVlNmE2YjU3N2Q4YzhiMjgw
NGUxZTEwHhcNMjMwMTAxMDMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGMwNmY4M2JmMDY2MDcyNTQwNmQzMzRjYjUwYzM3OWRhYWUzMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuFaqUQZrKGEJq2wAqOV1uFC8+Y7
fCYgv7G6/O89uJN710DWyj4wqK0Ta89pOd07NNzqDl1kHWPmE+5JozjTXugXj58k
NGWtxvSRzQjCuxyl466p20Omc08MMVetlfub+hgi64XWiklZ7HjhzCNeYKPhj0++
nISYGkNlijetpLi60EaaSRYHmjRHoxL4bEFoe/mHpL+Eqt0Efz6D2C0xbAS/ls90
pWfyrffVGLPWoNyzZx9Yt3vGYqAwY+qjToScGa94mw+7KYCHEnOXs1p7SzZVzH5M
Tui5Z67+s/Fs1IBfu5hf0hIJ4SNDhjvNifI4q0JhskuAqNt8uocz2+EbdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODAb4O/BmByVAbTNMtQw3narjEqMB8GA1UdIwQY
MBaAFBCVPmB2cP9zju5qa1d9jIsoBOHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpVLVlIWndfM09PN21wclYzMk1peWdFNGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hOTkzNTUtMmQwMS00ZGE1LThlNzMt
MWJjNTUyYzAwZGQ3LzEvNE1Cdmc3OEdZSEpVQnRNMHkxRERlZHF1TVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hOTkzNTUtMmQwMS00ZGE1LThlNzMtMWJjNTUyYzAwZGQ3
LzEvRUpVLVlIWndfM09PN21wclYzMk1peWdFNGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHzgMA0G
CSqGSIb3DQEBCwUAA4IBAQAPQc8HKLEQkbID/IYj8Xf6ijdS1ddCMv62W2fOjlTJ
iy2/qwWkWY8PFaYqWKUQERCP0HWHK1Ypmm+q/3SovQCwGqCE7Ltyqv1LEZ7ZKZYL
xsKX167WDsiy/x3TE2W5b9UdPmqo53DmjEkMUGID1HlUrkFxyufGWozHLf3EzK/y
fMwp3Ofw2VZ9Xgp6wETqPwwF/bBSs/qpnRF3CcTDg+lzKSDkQBKbCB8ZkAOQIdwR
trxJyTsxl7QZLUPZ2s/+9ikcuNFpG+No6hasfrgMCU6Im0frtRGekOkbmNDJwhFa
B4dpl26CTMJ/tYDrWbEeAFXuDXcfa8do7rLueNWX3Qi4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:27 2024 by rpki-client on console-ams.rpki-client.org