Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/80959d-f5c4-4ac9-ad13-d48fbc1a243b/1/CW3mAtCqWgPxWS6h_zTVIzCAywQ.roa
File: CW3mAtCqWgPxWS6h_zTVIzCAywQ.roa (raw, json)
Hash identifier: aBtJw68+DNe0dFUq1RVDKhKq6rWanQqzQbfRS0IdVM0=
Subject key identifier: 09:6D:E6:02:D0:AA:5A:03:F1:59:2E:A1:FF:34:D5:23:30:80:CB:04
Certificate issuer: /CN=3993d54e639080a46c3fe3d58aa87e305db69ad1
Certificate serial: 018CC2DB24B22EBB1C8C19FB77FD09371D80
Authority key identifier: 39:93:D5:4E:63:90:80:A4:6C:3F:E3:D5:8A:A8:7E:30:5D:B6:9A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZPVTmOQgKRsP-PViqh-MF22mtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/80959d-f5c4-4ac9-ad13-d48fbc1a243b/1/CW3mAtCqWgPxWS6h_zTVIzCAywQ.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212424
IP address blocks: 192.159.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:24:b2:2e:bb:1c:8c:19:fb:77:fd:09:37:1d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3993d54e639080a46c3fe3d58aa87e305db69ad1
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=096de602d0aa5a03f1592ea1ff34d5233080cb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:26:51:7a:a8:36:eb:cf:39:2a:30:2c:3b:27:
b2:24:76:f1:45:0b:dd:88:4f:f1:8c:20:bc:fe:e7:
10:f0:4d:a6:ec:8e:dd:c1:06:96:75:c2:3f:ac:9a:
36:2b:85:37:e4:3a:85:33:a9:0f:7d:3d:06:89:22:
7b:41:55:0e:78:a0:82:9f:ef:c4:0c:9d:3e:5a:ac:
09:56:19:35:37:64:7d:3e:c0:32:2d:82:5c:a4:67:
dd:f2:b6:2f:81:a8:6c:77:3d:db:70:6e:bf:76:ea:
0e:5a:56:cd:29:b6:8a:e0:b4:44:66:9e:37:e4:dc:
37:a0:a8:0d:4d:f0:97:ba:89:f4:92:bd:c6:53:9a:
49:b9:64:23:68:96:db:a9:f8:e8:25:70:52:7e:cc:
63:65:81:35:a7:4b:4f:bd:5d:57:be:a4:10:b3:ed:
e8:3f:9d:65:c7:38:e1:46:91:d8:16:f5:22:ad:53:
4d:75:c4:98:3e:02:e7:f9:7f:c2:93:6b:d1:36:c1:
26:0d:22:7b:50:3e:75:46:6e:a3:24:42:6e:03:2f:
10:75:fb:de:37:a7:b9:40:f7:80:0c:b1:ea:19:d4:
60:f1:34:3f:a5:e3:75:45:ef:99:c8:81:a9:75:d2:
da:b6:bc:80:6f:fa:bf:b3:36:a6:f0:5d:d5:82:e4:
14:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6D:E6:02:D0:AA:5A:03:F1:59:2E:A1:FF:34:D5:23:30:80:CB:04
X509v3 Authority Key Identifier:
keyid:39:93:D5:4E:63:90:80:A4:6C:3F:E3:D5:8A:A8:7E:30:5D:B6:9A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZPVTmOQgKRsP-PViqh-MF22mtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/80959d-f5c4-4ac9-ad13-d48fbc1a243b/1/CW3mAtCqWgPxWS6h_zTVIzCAywQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/80959d-f5c4-4ac9-ad13-d48fbc1a243b/1/OZPVTmOQgKRsP-PViqh-MF22mtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.159.121.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:c7:aa:ad:f0:89:eb:01:d4:45:1b:b4:c4:18:c5:d1:22:51:
ed:cb:54:7b:33:47:83:af:50:ce:50:0d:9e:24:b3:62:c6:68:
65:22:7e:ee:21:12:0c:28:4b:43:85:18:f1:de:6b:58:ba:0f:
d9:20:50:cb:3e:46:a2:8e:c6:86:2d:c1:4e:55:31:97:2d:a2:
92:f3:a1:40:29:b4:fb:76:de:4f:ff:1d:6d:47:cd:4f:a0:3e:
aa:8c:e0:15:28:dd:60:0a:59:20:e3:f1:6e:9e:bd:1b:45:97:
ea:b2:11:96:79:37:a4:1c:41:99:8e:75:49:b7:e5:6a:79:7c:
ba:7f:ac:2b:40:f2:6b:96:fb:32:ac:da:56:ed:d4:2c:55:ae:
eb:90:dd:05:a9:34:48:09:49:99:af:05:d0:22:6a:9a:01:12:
12:52:0f:04:eb:fe:c6:70:14:ee:e9:e0:65:7e:75:85:2a:6e:
f9:03:64:ee:ae:df:af:64:b6:23:6f:f5:f8:9d:c2:41:bc:e7:
be:a7:60:3c:a5:82:0e:46:f7:57:07:ca:02:70:53:fd:e5:9a:
66:72:57:54:4d:df:c6:d9:18:91:15:56:f5:f2:84:1d:d6:df:
3a:b2:21:2e:63:0a:d6:64:18:90:66:1c:70:9a:a8:4b:22:68:
51:71:88:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2ySyLrscjBn7d/0JNx2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OTNkNTRlNjM5MDgwYTQ2YzNmZTNkNThhYTg3ZTMwNWRi
NjlhZDEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZkZTYwMmQwYWE1YTAzZjE1OTJlYTFmZjM0ZDUyMzMwODBjYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyZReqg26885KjAsOyeyJHbxRQvd
iE/xjCC8/ucQ8E2m7I7dwQaWdcI/rJo2K4U35DqFM6kPfT0GiSJ7QVUOeKCCn+/E
DJ0+WqwJVhk1N2R9PsAyLYJcpGfd8rYvgahsdz3bcG6/duoOWlbNKbaK4LREZp43
5Nw3oKgNTfCXuon0kr3GU5pJuWQjaJbbqfjoJXBSfsxjZYE1p0tPvV1XvqQQs+3o
P51lxzjhRpHYFvUirVNNdcSYPgLn+X/Ck2vRNsEmDSJ7UD51Rm6jJEJuAy8Qdfve
N6e5QPeADLHqGdRg8TQ/peN1Re+ZyIGpddLatryAb/q/szam8F3VguQUuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlt5gLQqloD8Vkuof801SMwgMsEMB8GA1UdIwQY
MBaAFDmT1U5jkICkbD/j1YqofjBdtprRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1pQVlRtT1FnS1JzUC1QVmlxaC1NRjIybXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS84MDk1OWQtZjVjNC00YWM5LWFkMTMt
ZDQ4ZmJjMWEyNDNiLzEvQ1czbUF0Q3FXZ1B4V1M2aF96VFZJekNBeXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS84MDk1OWQtZjVjNC00YWM5LWFkMTMtZDQ4ZmJjMWEyNDNi
LzEvT1pQVlRtT1FnS1JzUC1QVmlxaC1NRjIybXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJ95MA0G
CSqGSIb3DQEBCwUAA4IBAQBOx6qt8InrAdRFG7TEGMXRIlHty1R7M0eDr1DOUA2e
JLNixmhlIn7uIRIMKEtDhRjx3mtYug/ZIFDLPkaijsaGLcFOVTGXLaKS86FAKbT7
dt5P/x1tR81PoD6qjOAVKN1gClkg4/Funr0bRZfqshGWeTekHEGZjnVJt+VqeXy6
f6wrQPJrlvsyrNpW7dQsVa7rkN0FqTRICUmZrwXQImqaARISUg8E6/7GcBTu6eBl
fnWFKm75A2Turt+vZLYjb/X4ncJBvOe+p2A8pYIORvdXB8oCcFP95ZpmcldUTd/G
2RiRFVb18oQd1t86siEuYwrWZBiQZhxwmqhLImhRcYhQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:07 2025 by rpki-client