Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/k2WL9tdnS14JPX3x7xt7ltERSUo.roa
File: k2WL9tdnS14JPX3x7xt7ltERSUo.roa (raw, json)
Hash identifier: 5MTi4SLFv3IhT6A68eY+VC2Ueoye9lBLEPs8pmCC1rQ=
Subject key identifier: 93:65:8B:F6:D7:67:4B:5E:09:3D:7D:F1:EF:1B:7B:96:D1:11:49:4A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F9569F4EEB3A3D49E93269C2C906
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/k2WL9tdnS14JPX3x7xt7ltERSUo.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197308
IP address blocks: 192.121.252.0/24 maxlen: 24
192.36.169.0/24 maxlen: 24
192.36.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 13:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f9:56:9f:4e:eb:3a:3d:49:e9:32:69:c2:c9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93658bf6d7674b5e093d7df1ef1b7b96d111494a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:32:6f:28:a3:60:7e:b7:3d:5d:95:56:46:23:
8e:7d:52:04:be:17:e3:6b:ec:2a:93:7e:ec:fe:89:
de:a0:fa:c0:07:87:79:04:5c:b5:76:13:03:cb:80:
c5:2d:7e:84:c7:eb:6c:a8:fb:a7:ca:cd:55:a9:ed:
b1:bb:32:df:d5:7f:09:8c:4e:b3:a8:29:c5:51:0d:
fc:aa:56:e2:89:05:d1:e5:4b:d6:a6:cd:ed:61:c7:
76:c4:d6:88:45:a5:59:bb:1d:60:01:d1:0a:e4:ff:
99:fc:bc:e1:0b:1a:aa:bb:b0:eb:3b:72:c5:c7:b1:
8f:94:eb:f2:39:c2:b3:5f:eb:60:c6:19:92:18:5e:
90:95:38:05:64:f4:52:27:87:97:35:50:9a:57:4c:
88:83:3d:95:59:ce:1e:f7:35:d8:a7:40:0b:7e:a7:
2e:0d:ab:b1:88:43:d5:fc:c3:ff:24:ad:4e:ce:2c:
ba:11:f2:b7:6a:36:d6:e8:ff:4b:05:a0:b0:e0:f6:
fc:d8:28:13:d1:be:bf:69:50:df:91:36:2d:2e:40:
5b:a3:1f:f5:6e:60:db:30:1a:0c:00:30:e3:df:78:
dd:d3:9a:37:fd:ad:87:07:da:95:66:1b:b8:76:d7:
aa:ed:a4:98:5e:69:5a:e4:ca:ca:19:d8:97:63:4d:
14:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:65:8B:F6:D7:67:4B:5E:09:3D:7D:F1:EF:1B:7B:96:D1:11:49:4A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/k2WL9tdnS14JPX3x7xt7ltERSUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.169.0/24
192.36.199.0/24
192.121.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e7:59:d6:1c:56:35:74:6d:d9:ff:59:9c:6c:fa:56:26:74:
b0:57:37:3d:6e:b9:34:02:7d:2e:41:e6:7f:6f:7e:17:2d:dc:
27:88:32:d2:e5:6a:70:c8:c2:33:63:ce:be:12:a4:37:cd:20:
f9:14:b2:ed:80:22:9e:eb:c7:db:72:2a:60:be:d7:ad:b8:20:
e5:f7:19:a5:6a:75:78:07:c8:38:37:4b:34:5c:b3:38:99:aa:
b3:39:34:8b:48:04:6f:0d:9b:81:a5:04:d8:99:39:d2:f8:b4:
e8:ca:76:98:00:7a:c0:ef:88:68:39:74:31:18:e0:39:97:4a:
3d:56:10:cd:b9:37:cb:41:1b:d3:3f:4c:e7:1d:da:5b:c8:d5:
bb:0e:63:74:31:f5:85:f5:ac:ee:75:f1:45:a7:d3:5d:f5:63:
1d:11:78:de:dc:c2:c4:5b:fb:4c:48:e3:a4:04:b1:1c:9d:8b:
8b:14:45:30:57:13:75:ef:84:4c:a2:5c:bd:39:32:7f:f8:e6:
1f:f0:f5:71:5b:fb:45:fa:c1:aa:9e:98:35:7c:94:80:1e:ae:
8d:51:5a:a7:06:02:f4:50:a9:6d:65:53:df:0e:92:53:67:4a:
5b:08:0d:ef:35:b8:c5:dd:9f:b7:60:6d:3d:05:7c:c1:f2:fa:
67:4a:1c:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAvlWn07rOj1J6TJpwskGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY1OGJmNmQ3Njc0YjVlMDkzZDdkZjFlZjFiN2I5NmQxMTE0OTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzJvKKNgfrc9XZVWRiOOfVIEvhfj
a+wqk37s/oneoPrAB4d5BFy1dhMDy4DFLX6Ex+tsqPunys1Vqe2xuzLf1X8JjE6z
qCnFUQ38qlbiiQXR5UvWps3tYcd2xNaIRaVZux1gAdEK5P+Z/LzhCxqqu7DrO3LF
x7GPlOvyOcKzX+tgxhmSGF6QlTgFZPRSJ4eXNVCaV0yIgz2VWc4e9zXYp0ALfqcu
DauxiEPV/MP/JK1Oziy6EfK3ajbW6P9LBaCw4Pb82CgT0b6/aVDfkTYtLkBbox/1
bmDbMBoMADDj33jd05o3/a2HB9qVZhu4dteq7aSYXmla5MrKGdiXY00UaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJNli/bXZ0teCT198e8be5bREUlKMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvazJXTDl0ZG5TMTRKUFgzeDd4dDdsdEVSU1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwCSpAwQA
wCTHAwQAwHn8MA0GCSqGSIb3DQEBCwUAA4IBAQA951nWHFY1dG3Z/1mcbPpWJnSw
Vzc9brk0An0uQeZ/b34XLdwniDLS5WpwyMIzY86+EqQ3zSD5FLLtgCKe68fbcipg
vtetuCDl9xmlanV4B8g4N0s0XLM4maqzOTSLSARvDZuBpQTYmTnS+LToynaYAHrA
74hoOXQxGOA5l0o9VhDNuTfLQRvTP0znHdpbyNW7DmN0MfWF9azudfFFp9Nd9WMd
EXje3MLEW/tMSOOkBLEcnYuLFEUwVxN174RMoly9OTJ/+OYf8PVxW/tF+sGqnpg1
fJSAHq6NUVqnBgL0UKltZVPfDpJTZ0pbCA3vNbjF3Z+3YG09BXzB8vpnShz1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:31 2025 by rpki-client