Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/cDw4qQKEGmm1bZ09PhSp7tpADdY.roa
File: cDw4qQKEGmm1bZ09PhSp7tpADdY.roa (raw, json)
Hash identifier: UZF5ugooRKVTwHPKisg6f9i+LxXIS4IJCDp5rA9h+08=
Subject key identifier: 70:3C:38:A9:02:84:1A:69:B5:6D:9D:3D:3E:14:A9:EE:DA:40:0D:D6
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 0190BB82427510AB6105F10896B696FEA454
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/cDw4qQKEGmm1bZ09PhSp7tpADdY.roa
Signing time: Tue 16 Jul 2024 12:26:34 +0000
ROA not before: Tue 16 Jul 2024 12:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56478
IP address blocks: 185.24.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Jul 2024 14:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:82:42:75:10:ab:61:05:f1:08:96:b6:96:fe:a4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Jul 16 12:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=703c38a902841a69b56d9d3d3e14a9eeda400dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:8e:50:e5:38:c5:b9:21:59:54:7e:ad:fe:
5a:d5:aa:c0:35:cd:dc:b5:06:2d:77:52:9e:25:35:
f7:89:5b:6a:c8:7f:af:51:ba:f8:8a:78:a9:88:bc:
d3:bb:63:88:5d:f7:56:35:d3:af:2c:9c:de:35:56:
b9:3a:4b:a6:cb:6d:8f:5c:2d:50:82:e4:3c:27:ed:
30:80:02:f8:e6:bf:64:49:f0:27:25:9c:0a:0d:c3:
03:ce:39:30:4f:63:a2:1b:86:b3:b3:7e:a0:5c:9e:
fc:54:fe:c6:82:ac:35:0a:a5:e0:80:e8:ef:df:22:
bd:8d:cb:2b:08:33:9f:79:0b:3c:b5:0b:8b:b6:d7:
98:af:5b:1c:42:63:2e:cc:a2:7b:6e:9e:cf:ee:61:
32:d3:93:ab:9c:29:a4:7a:a0:10:e4:0f:40:5f:af:
e9:4d:1a:5d:01:3a:61:70:43:86:d4:19:67:ee:42:
f1:4b:3b:ae:47:47:ab:8a:af:bc:00:c1:21:2f:70:
c4:81:4f:b7:b3:3f:dc:82:b0:49:aa:0a:47:58:5f:
2e:06:00:99:82:ef:05:4f:cb:16:01:13:b9:f4:74:
a8:15:9d:d6:62:54:d2:c6:56:84:d9:92:32:7e:ed:
6d:52:48:db:8f:55:0b:26:42:1a:e5:65:f2:bf:dd:
72:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3C:38:A9:02:84:1A:69:B5:6D:9D:3D:3E:14:A9:EE:DA:40:0D:D6
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/cDw4qQKEGmm1bZ09PhSp7tpADdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.120.0/22
Signature Algorithm: sha256WithRSAEncryption
40:a4:54:33:0f:ef:c6:ab:10:27:59:0e:b1:f7:84:1b:73:c4:
2e:f6:ee:20:ea:b1:17:0b:58:85:5b:f6:bd:a2:e7:74:8f:16:
a6:fa:5a:1a:65:ce:51:f2:0e:95:8c:5d:30:f9:c6:c7:f5:aa:
7d:d6:af:58:c2:bf:7a:ea:04:91:54:d1:14:1c:37:3d:d7:27:
22:92:be:df:db:35:95:c8:48:89:49:f4:0b:1b:39:bd:87:b0:
a9:bf:7f:86:cd:78:38:62:25:ec:91:f4:6d:bb:ce:4f:a4:e1:
87:e0:8b:c9:2d:bb:43:dd:71:7a:b2:4a:e2:30:23:8d:bc:28:
41:55:a3:fc:02:73:b4:f0:af:9a:d7:dd:be:8b:9c:7e:90:8b:
c5:97:7b:02:96:57:5a:6e:57:69:2b:95:be:3a:c0:2e:57:12:
27:20:b9:27:7c:ac:12:af:c9:c5:30:78:ae:b7:c3:a9:61:17:
85:1d:70:ab:42:34:20:8a:5b:1f:a4:74:a5:92:e6:c6:75:9c:
87:d0:f8:40:7f:a4:15:52:7a:a9:6f:1d:d4:67:61:8e:b2:bd:
ef:f0:f8:dd:1d:0c:e6:93:5a:b5:ee:fd:2f:5d:93:5c:1a:be:
74:c6:71:f4:b0:48:b1:66:c0:71:08:78:d0:96:20:08:82:99:
f4:d0:76:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC7gkJ1EKthBfEIlraW/qRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjQwNzE2MTIyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDNjMzhhOTAyODQxYTY5YjU2ZDlkM2QzZTE0YTllZWRhNDAwZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/COUOU4xbkhWVR+rf5a1arANc3c
tQYtd1KeJTX3iVtqyH+vUbr4inipiLzTu2OIXfdWNdOvLJzeNVa5Okumy22PXC1Q
guQ8J+0wgAL45r9kSfAnJZwKDcMDzjkwT2OiG4azs36gXJ78VP7Ggqw1CqXggOjv
3yK9jcsrCDOfeQs8tQuLtteYr1scQmMuzKJ7bp7P7mEy05OrnCmkeqAQ5A9AX6/p
TRpdATphcEOG1Bln7kLxSzuuR0eriq+8AMEhL3DEgU+3sz/cgrBJqgpHWF8uBgCZ
gu8FT8sWARO59HSoFZ3WYlTSxlaE2ZIyfu1tUkjbj1ULJkIa5WXyv91yAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHA8OKkChBpptW2dPT4Uqe7aQA3WMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvY0R3NHFRS0VHbW0xYlowOVBoU3A3dHBBRGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRh4MA0G
CSqGSIb3DQEBCwUAA4IBAQBApFQzD+/GqxAnWQ6x94Qbc8Qu9u4g6rEXC1iFW/a9
oud0jxam+loaZc5R8g6VjF0w+cbH9ap91q9Ywr966gSRVNEUHDc91ycikr7f2zWV
yEiJSfQLGzm9h7Cpv3+GzXg4YiXskfRtu85PpOGH4IvJLbtD3XF6skriMCONvChB
VaP8AnO08K+a192+i5x+kIvFl3sClldabldpK5W+OsAuVxInILknfKwSr8nFMHiu
t8OpYReFHXCrQjQgilsfpHSlkubGdZyH0PhAf6QVUnqpbx3UZ2GOsr3v8PjdHQzm
k1q17v0vXZNcGr50xnH0sEixZsBxCHjQliAIgpn00HYe
-----END CERTIFICATE-----
Generated at Tue Jul 16 18:33:28 2024 by rpki-client on console-ams.rpki-client.org