Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/2ouImmlQk1CU_Zw_lEcD-igJWCA.roa
File: 2ouImmlQk1CU_Zw_lEcD-igJWCA.roa (raw, json)
Hash identifier: CfCA+xwu2PT39ugwaXQzETtSDXmP1z0Sz1JU+TxAWe4=
Subject key identifier: DA:8B:88:9A:69:50:93:50:94:FD:9C:3F:94:47:03:FA:28:09:58:20
Certificate issuer: /CN=9f7432f699cbd249b2e3c9c55bdefaf83986b442
Certificate serial: 01856CF8680261485A5FE36AF7D5345B271D
Authority key identifier: 9F:74:32:F6:99:CB:D2:49:B2:E3:C9:C5:5B:DE:FA:F8:39:86:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/2ouImmlQk1CU_Zw_lEcD-igJWCA.roa
Signing time: Sun 01 Jan 2023 10:54:56 +0000
ROA not before: Sun 01 Jan 2023 10:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43757
IP address blocks: 192.108.126.0/24 maxlen: 24
78.31.24.0/21 maxlen: 21
2001:67c:1578::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:68:02:61:48:5a:5f:e3:6a:f7:d5:34:5b:27:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f7432f699cbd249b2e3c9c55bdefaf83986b442
Validity
Not Before: Jan 1 10:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da8b889a6950935094fd9c3f944703fa28095820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2c:a9:e1:23:42:22:b4:8e:1c:ad:0b:80:84:
e9:9b:91:ff:24:3a:d4:f2:af:e5:2a:1d:ed:86:62:
ae:47:23:78:bf:f3:84:4b:54:f5:c6:52:8e:62:3d:
c8:54:bd:4f:78:f6:c2:29:f8:00:55:41:06:ea:aa:
7c:ab:e1:c6:8a:39:8b:26:e1:e4:12:02:dd:37:61:
9f:87:b8:49:62:69:08:0d:4a:0a:a9:be:54:49:c1:
df:be:7d:5b:72:ae:77:60:28:35:60:3d:c9:ee:56:
e7:d3:01:f4:59:36:2d:6d:01:f0:e6:db:30:57:21:
1c:9d:e9:c7:11:be:38:f8:24:9d:58:a2:14:25:83:
dd:01:2e:7f:21:e8:43:7d:73:99:6c:71:35:8c:49:
ee:1f:d0:da:42:61:49:52:82:04:24:a5:90:b2:66:
1c:69:b9:a3:97:65:8f:f7:29:57:b3:66:3d:a2:47:
89:4b:5e:61:a8:dc:b9:b8:7a:af:c5:e0:41:f0:0c:
1c:e1:e3:04:89:a0:2e:54:44:72:25:a5:f7:98:5f:
b4:b5:81:0e:7d:53:c4:c0:5a:f3:62:fd:88:d1:1f:
8d:03:7f:ed:73:fc:d3:94:0e:15:0e:ef:3b:c2:70:
8d:87:70:78:07:7f:60:b1:b1:fb:fd:7d:f2:c6:d2:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8B:88:9A:69:50:93:50:94:FD:9C:3F:94:47:03:FA:28:09:58:20
X509v3 Authority Key Identifier:
keyid:9F:74:32:F6:99:CB:D2:49:B2:E3:C9:C5:5B:DE:FA:F8:39:86:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/2ouImmlQk1CU_Zw_lEcD-igJWCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/n3Qy9pnL0kmy48nFW976-DmGtEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.24.0/21
192.108.126.0/24
IPv6:
2001:67c:1578::/48
Signature Algorithm: sha256WithRSAEncryption
6b:a7:e1:0c:a5:bd:11:7d:df:be:07:b3:d0:85:93:bf:33:bc:
62:a3:01:98:d4:30:d9:f9:2a:4a:4a:06:a4:67:bd:b8:49:3e:
f6:69:8b:20:ef:d4:cb:35:1b:57:27:63:72:79:9f:f5:a5:6b:
1e:89:15:ee:d0:e8:b5:bc:a1:9b:06:43:e7:85:88:53:2d:31:
74:9e:e5:1c:6c:88:eb:b9:b1:73:c6:83:ed:f3:13:0c:78:93:
71:54:f7:7b:d5:d3:1f:c9:26:3d:8d:b8:95:43:d8:26:2d:7e:
3e:65:be:c5:0c:d5:59:bf:86:ef:32:47:ef:e7:db:94:85:dd:
81:3e:87:81:30:18:0b:d0:5a:40:88:95:0b:1a:43:68:1b:be:
f8:fa:89:02:da:e3:9b:37:3f:7a:74:e6:68:3f:fa:2b:e2:3a:
5c:e0:b7:b4:f5:ef:99:e3:df:bb:bf:c4:37:a5:29:79:35:fb:
11:2f:6c:b1:23:14:fd:0d:8e:8c:e3:e2:72:eb:35:26:b7:80:
17:3d:01:52:26:7e:d9:d0:1a:35:92:ba:dd:a4:4a:79:61:7b:
d8:6e:e0:63:c8:8d:7f:54:16:7a:e6:03:fa:a6:ff:48:47:72:
71:19:2b:ec:33:3b:d5:58:8e:25:14:f6:f1:5b:14:5d:b2:ec:
d3:1d:70:a9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVs+GgCYUhaX+Nq99U0WycdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNzQzMmY2OTljYmQyNDliMmUzYzljNTViZGVmYWY4Mzk4
NmI0NDIwHhcNMjMwMTAxMTA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThiODg5YTY5NTA5MzUwOTRmZDljM2Y5NDQ3MDNmYTI4MDk1ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Syp4SNCIrSOHK0LgITpm5H/JDrU
8q/lKh3thmKuRyN4v/OES1T1xlKOYj3IVL1PePbCKfgAVUEG6qp8q+HGijmLJuHk
EgLdN2Gfh7hJYmkIDUoKqb5UScHfvn1bcq53YCg1YD3J7lbn0wH0WTYtbQHw5tsw
VyEcnenHEb44+CSdWKIUJYPdAS5/IehDfXOZbHE1jEnuH9DaQmFJUoIEJKWQsmYc
abmjl2WP9ylXs2Y9okeJS15hqNy5uHqvxeBB8Awc4eMEiaAuVERyJaX3mF+0tYEO
fVPEwFrzYv2I0R+NA3/tc/zTlA4VDu87wnCNh3B4B39gsbH7/X3yxtJ6tQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNqLiJppUJNQlP2cP5RHA/ooCVggMB8GA1UdIwQY
MBaAFJ90MvaZy9JJsuPJxVve+vg5hrRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjNReTlwbkwwa215NDhuRlc5NzYtRG1HdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wY2YxODctZWNiMy00YjQyLTkxZTQt
NmFkZGZjYjE4Zjk5LzEvMm91SW1tbFFrMUNVX1p3X2xFY0QtaWdKV0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8wY2YxODctZWNiMy00YjQyLTkxZTQtNmFkZGZjYjE4Zjk5
LzEvbjNReTlwbkwwa215NDhuRlc5NzYtRG1HdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDTh8YAwQA
wGx+MA8EAgACMAkDBwAgAQZ8FXgwDQYJKoZIhvcNAQELBQADggEBAGun4QylvRF9
374Hs9CFk78zvGKjAZjUMNn5KkpKBqRnvbhJPvZpiyDv1Ms1G1cnY3J5n/Wlax6J
Fe7Q6LW8oZsGQ+eFiFMtMXSe5RxsiOu5sXPGg+3zEwx4k3FU93vV0x/JJj2NuJVD
2CYtfj5lvsUM1Vm/hu8yR+/n25SF3YE+h4EwGAvQWkCIlQsaQ2gbvvj6iQLa45s3
P3p05mg/+iviOlzgt7T175nj37u/xDelKXk1+xEvbLEjFP0Njozj4nLrNSa3gBc9
AVImftnQGjWSut2kSnlhe9hu4GPIjX9UFnrmA/qm/0hHcnEZK+wzO9VYjiUU9vFb
FF2y7NMdcKk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:23 2024 by rpki-client on console-fra.rpki-client.org