Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/1-slGSel5no6T__GxbgRF-MrQzoA.roa
File: 1-slGSel5no6T__GxbgRF-MrQzoA.roa (raw, json)
Hash identifier: 0Q/wh4Cvm09V7nwtZ2+wAfbyaCSJlIPJ6RklG/hhVGc=
Subject key identifier: FA:C9:46:49:E9:79:9E:8E:93:FF:F1:B1:6E:04:45:F8:CA:D0:CE:80
Certificate issuer: /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Certificate serial: 01874EA80E98E2FFA2D0BE2DBBC2E5D44DDB
Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/1-slGSel5no6T__GxbgRF-MrQzoA.roa
Signing time: Tue 04 Apr 2023 23:44:09 +0000
ROA not before: Tue 04 Apr 2023 23:44:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 132.68.0.0/15 maxlen: 15
132.68.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 13:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:a8:0e:98:e2:ff:a2:d0:be:2d:bb:c2:e5:d4:4d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Validity
Not Before: Apr 4 23:44:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fac94649e9799e8e93fff1b16e0445f8cad0ce80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:85:16:c0:30:57:ef:b2:81:8d:49:ee:6d:e8:
47:aa:4b:15:51:9f:b1:9d:80:fb:cf:69:70:8a:fc:
8f:bd:a1:99:e2:be:ee:43:07:58:c6:3c:22:7b:8a:
4d:55:9c:66:c6:a6:43:d3:f5:ef:f7:8a:0b:9f:4a:
2d:4c:03:e3:0c:67:d9:3b:9a:2d:bf:92:c0:fc:0f:
37:5f:0b:93:94:72:83:91:e9:0a:61:1f:12:ad:10:
00:a1:0e:3a:7f:8b:6e:63:4b:65:f7:89:7b:7c:a0:
65:a8:13:e5:77:ec:b0:62:78:01:2a:88:5f:ca:af:
4c:08:47:5a:fe:16:f6:11:e7:06:b4:da:22:8f:bb:
91:3e:88:79:28:aa:55:71:32:2d:83:95:f8:2f:ad:
5c:58:40:03:de:fc:43:00:80:e3:70:24:ab:c0:ae:
15:cc:11:11:01:1f:15:58:88:4f:72:a7:b4:2e:17:
2e:01:e6:b4:34:d0:05:60:93:ed:a1:1a:60:77:13:
c7:b8:5c:7b:93:5d:06:23:3d:d5:98:71:97:d8:cc:
e8:f8:83:f3:b1:df:48:1b:46:59:14:85:44:b1:18:
02:4c:fa:b5:91:e9:bc:c4:ca:4c:cd:c3:a2:42:df:
ac:2c:cc:57:da:42:b8:32:7c:99:9d:2c:68:ce:52:
19:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C9:46:49:E9:79:9E:8E:93:FF:F1:B1:6E:04:45:F8:CA:D0:CE:80
X509v3 Authority Key Identifier:
keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/1-slGSel5no6T__GxbgRF-MrQzoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.68.0.0/15
Signature Algorithm: sha256WithRSAEncryption
34:9a:4f:8c:0f:1b:91:f3:4c:ad:12:07:ec:18:d0:96:20:94:
36:a8:af:f7:cc:fc:96:94:9a:00:62:6a:62:42:e1:5a:7e:33:
60:b5:e2:bd:08:7a:63:c0:0c:4b:64:3c:e4:f3:cf:6b:29:72:
1f:bd:ce:85:0a:93:56:ba:23:a2:d0:17:8f:25:4e:33:9b:36:
a2:9b:53:56:19:14:17:c0:c2:f3:a1:ac:fd:f0:d1:0a:24:9f:
1c:b8:9d:7f:dd:f6:ef:ee:81:c7:9d:e1:1b:84:c1:90:ca:bc:
6e:5f:d2:2e:ce:56:d2:a4:aa:0e:65:b6:60:d6:7a:8e:aa:3b:
98:13:b3:ca:ea:bc:34:05:ae:95:6f:ac:8f:51:1e:54:19:d4:
3c:1c:39:0f:70:a7:3e:5f:9a:cd:c0:66:0f:26:45:39:fa:ed:
5f:32:cd:cd:10:1d:4f:f0:63:7f:a7:c0:8b:3d:18:2f:d0:22:
21:71:f4:e2:54:62:3e:c4:42:39:a0:bf:f8:f8:58:f1:60:2c:
53:f1:01:9e:43:45:a9:c9:28:7e:c1:cc:41:ab:f6:05:0a:69:
d2:04:d5:ad:e5:f7:63:01:ec:42:90:99:74:f0:78:11:84:bb:
75:b6:d5:a4:39:fa:7e:6b:e2:f5:9e:c7:7b:bd:7c:0d:b4:93:
d8:d6:12:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdOqA6Y4v+i0L4tu8Ll1E3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi
ZWE4ZTUwHhcNMjMwNDA0MjM0NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWM5NDY0OWU5Nzk5ZThlOTNmZmYxYjE2ZTA0NDVmOGNhZDBjZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4UWwDBX77KBjUnubehHqksVUZ+x
nYD7z2lwivyPvaGZ4r7uQwdYxjwie4pNVZxmxqZD0/Xv94oLn0otTAPjDGfZO5ot
v5LA/A83XwuTlHKDkekKYR8SrRAAoQ46f4tuY0tl94l7fKBlqBPld+ywYngBKohf
yq9MCEda/hb2EecGtNoij7uRPoh5KKpVcTItg5X4L61cWEAD3vxDAIDjcCSrwK4V
zBERAR8VWIhPcqe0LhcuAea0NNAFYJPtoRpgdxPHuFx7k10GIz3VmHGX2Mzo+IPz
sd9IG0ZZFIVEsRgCTPq1kem8xMpMzcOiQt+sLMxX2kK4MnyZnSxozlIZuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPrJRknpeZ6Ok//xsW4ERfjK0M6AMB8GA1UdIwQY
MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt
ZGRiOWU0ZGI5OGM2LzEvMS1zbEdTZWw1bm82VF9fR3hiZ1JGLU1yUXpvQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTgvMGY3NTk0LWYwNDgtNDczZC1hMzlhLWRkYjllNGRiOThj
Ni8xL0R5RzNqT2w3RDEtejJJdjVYUHV3aXktLXFPVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAYREMA0G
CSqGSIb3DQEBCwUAA4IBAQA0mk+MDxuR80ytEgfsGNCWIJQ2qK/3zPyWlJoAYmpi
QuFafjNgteK9CHpjwAxLZDzk889rKXIfvc6FCpNWuiOi0BePJU4zmzaim1NWGRQX
wMLzoaz98NEKJJ8cuJ1/3fbv7oHHneEbhMGQyrxuX9IuzlbSpKoOZbZg1nqOqjuY
E7PK6rw0Ba6Vb6yPUR5UGdQ8HDkPcKc+X5rNwGYPJkU5+u1fMs3NEB1P8GN/p8CL
PRgv0CIhcfTiVGI+xEI5oL/4+FjxYCxT8QGeQ0WpySh+wcxBq/YFCmnSBNWt5fdj
AexCkJl08HgRhLt1ttWkOfp+a+L1nsd7vXwNtJPY1hKn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:56 2024 by rpki-client on console-fra.rpki-client.org