Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3b1f56-8707-472c-8971-626ef88f21a9/1/NgIOTQ9LpiWiOpte7LHz__64khI.roa
File: NgIOTQ9LpiWiOpte7LHz__64khI.roa (raw, json)
Hash identifier: dehVIBVo1yecx2oFlm2BK57k09f1b9tzO9A4maf3ZLc=
Subject key identifier: 36:02:0E:4D:0F:4B:A6:25:A2:3A:9B:5E:EC:B1:F3:FF:FE:B8:92:12
Certificate issuer: /CN=f2f672bdb7b07659147e587d4431aa604f76a384
Certificate serial: 018573BAAE4726E5A915F2E4CB7CE846DA11
Authority key identifier: F2:F6:72:BD:B7:B0:76:59:14:7E:58:7D:44:31:AA:60:4F:76:A3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8vZyvbewdlkUflh9RDGqYE92o4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/3b1f56-8707-472c-8971-626ef88f21a9/1/NgIOTQ9LpiWiOpte7LHz__64khI.roa
Signing time: Mon 02 Jan 2023 18:24:52 +0000
ROA not before: Mon 02 Jan 2023 18:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.108.34.0/24 maxlen: 24
193.22.112.0/24 maxlen: 24
193.22.114.0/23 maxlen: 23
193.22.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:ae:47:26:e5:a9:15:f2:e4:cb:7c:e8:46:da:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2f672bdb7b07659147e587d4431aa604f76a384
Validity
Not Before: Jan 2 18:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36020e4d0f4ba625a23a9b5eecb1f3fffeb89212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:30:a8:d4:d0:a6:12:89:c2:0b:11:1e:14:3b:
94:28:44:0f:ba:05:4f:01:dd:fa:85:44:25:d3:74:
ca:b7:59:fd:fd:30:1d:fd:69:3b:04:24:34:d8:f1:
f4:c3:a4:bf:93:2c:74:fd:13:f1:8c:17:73:9d:6f:
06:02:e9:af:dd:ff:8b:40:3f:2b:10:51:cd:b6:0d:
a5:bf:c3:b3:ca:1b:ce:1f:d8:1a:f5:ce:7d:2a:69:
0d:3e:12:57:a4:e3:da:f2:f4:e2:60:b3:7a:f4:4b:
cd:a7:66:89:ed:ab:17:39:60:7e:04:de:1b:59:fc:
ff:a9:ca:dc:e3:2d:47:cd:d3:a9:7c:cf:47:86:ed:
d1:95:79:7b:df:3a:bb:e6:37:ae:db:46:d7:a6:30:
76:7b:15:3b:ec:b4:72:49:92:fc:99:57:1b:d0:e1:
bd:53:de:a0:8f:d5:0f:e2:a5:c6:bf:8f:8c:8e:1b:
fe:45:88:2c:a3:be:75:b5:34:eb:27:56:85:e4:98:
e1:d3:47:bc:94:76:17:74:36:2b:f0:22:05:70:f7:
99:e9:9e:38:3b:e7:14:90:5c:ab:88:79:e5:3e:81:
f8:8e:68:3b:60:9b:31:c3:54:67:9d:33:b7:03:ca:
f5:e3:cd:df:cd:af:cc:d1:19:5b:d5:00:7e:71:09:
ba:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:02:0E:4D:0F:4B:A6:25:A2:3A:9B:5E:EC:B1:F3:FF:FE:B8:92:12
X509v3 Authority Key Identifier:
keyid:F2:F6:72:BD:B7:B0:76:59:14:7E:58:7D:44:31:AA:60:4F:76:A3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8vZyvbewdlkUflh9RDGqYE92o4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3b1f56-8707-472c-8971-626ef88f21a9/1/NgIOTQ9LpiWiOpte7LHz__64khI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3b1f56-8707-472c-8971-626ef88f21a9/1/8vZyvbewdlkUflh9RDGqYE92o4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.108.34.0/24
193.22.112.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:91:fb:8b:08:b1:42:83:b5:5d:34:62:f7:a9:09:ef:0e:dd:
7c:79:f0:1f:1c:7e:db:89:8e:d0:19:a0:36:1b:e0:40:8f:35:
c1:eb:35:4f:7e:ab:5a:fc:e8:40:0e:1d:2c:a6:c6:03:a1:87:
65:a5:f3:46:b0:24:40:5b:52:9a:35:98:70:c4:da:51:b1:7e:
84:88:8b:04:b7:da:8e:00:57:1f:4c:a6:56:ca:85:49:54:f7:
53:5f:53:85:87:4a:98:64:ba:8a:4e:de:01:e1:b8:d5:54:73:
dd:f4:d5:ac:eb:00:7b:62:47:bc:3a:f9:13:62:8d:3f:39:11:
c8:1c:a9:d3:09:34:07:a2:bb:75:95:9e:97:3b:58:33:90:75:
29:3c:02:3c:08:9f:1e:f5:6e:e2:97:d2:23:d6:4d:0f:32:7d:
fa:cd:fe:37:48:5b:7f:04:c2:b2:be:fc:ad:24:4d:58:53:8a:
e3:b0:8f:3e:ed:74:aa:e4:b6:7c:2f:2b:91:39:9c:7e:1b:11:
3f:85:71:da:6e:b6:9f:bb:82:56:ed:5d:95:76:04:0b:20:cd:
dc:a2:fd:a8:87:d8:f6:b4:f9:05:98:52:e6:9e:88:08:10:4f:
28:10:c7:73:df:77:9a:06:e7:92:d7:40:c1:2e:73:85:3f:26:
a5:e1:00:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzuq5HJuWpFfLky3zoRtoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZjY3MmJkYjdiMDc2NTkxNDdlNTg3ZDQ0MzFhYTYwNGY3
NmEzODQwHhcNMjMwMTAyMTgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjAyMGU0ZDBmNGJhNjI1YTIzYTliNWVlY2IxZjNmZmZlYjg5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjCo1NCmEonCCxEeFDuUKEQPugVP
Ad36hUQl03TKt1n9/TAd/Wk7BCQ02PH0w6S/kyx0/RPxjBdznW8GAumv3f+LQD8r
EFHNtg2lv8OzyhvOH9ga9c59KmkNPhJXpOPa8vTiYLN69EvNp2aJ7asXOWB+BN4b
Wfz/qcrc4y1HzdOpfM9Hhu3RlXl73zq75jeu20bXpjB2exU77LRySZL8mVcb0OG9
U96gj9UP4qXGv4+Mjhv+RYgso751tTTrJ1aF5Jjh00e8lHYXdDYr8CIFcPeZ6Z44
O+cUkFyriHnlPoH4jmg7YJsxw1RnnTO3A8r1483fza/M0Rlb1QB+cQm65wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDYCDk0PS6YlojqbXuyx8//+uJISMB8GA1UdIwQY
MBaAFPL2cr23sHZZFH5YfUQxqmBPdqOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHZaeXZiZXdkbGtVZmxoOVJER3FZRTkybzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zYjFmNTYtODcwNy00NzJjLTg5NzEt
NjI2ZWY4OGYyMWE5LzEvTmdJT1RROUxwaVdpT3B0ZTdMSHpfXzY0a2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zYjFmNTYtODcwNy00NzJjLTg5NzEtNjI2ZWY4OGYyMWE5
LzEvOHZaeXZiZXdkbGtVZmxoOVJER3FZRTkybzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwGwiAwQC
wRZwMA0GCSqGSIb3DQEBCwUAA4IBAQAckfuLCLFCg7VdNGL3qQnvDt18efAfHH7b
iY7QGaA2G+BAjzXB6zVPfqta/OhADh0spsYDoYdlpfNGsCRAW1KaNZhwxNpRsX6E
iIsEt9qOAFcfTKZWyoVJVPdTX1OFh0qYZLqKTt4B4bjVVHPd9NWs6wB7Yke8OvkT
Yo0/ORHIHKnTCTQHort1lZ6XO1gzkHUpPAI8CJ8e9W7il9Ij1k0PMn36zf43SFt/
BMKyvvytJE1YU4rjsI8+7XSq5LZ8LyuROZx+GxE/hXHabrafu4JW7V2VdgQLIM3c
ov2oh9j2tPkFmFLmnogIEE8oEMdz33eaBueS10DBLnOFPyal4QAP
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:19 2024 by rpki-client on console-ams.rpki-client.org