Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/gnOFAKf9Pxc6JyhXjz6XcWtG6sM.roa
File: gnOFAKf9Pxc6JyhXjz6XcWtG6sM.roa (raw, json)
Hash identifier: fClTVBVca+LE2qlgPQiue7aGD9c63VL1P0I65NmbwTU=
Subject key identifier: 82:73:85:00:A7:FD:3F:17:3A:27:28:57:8F:3E:97:71:6B:46:EA:C3
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 0189FCFA4797566868878415F65DBB8939A5
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/gnOFAKf9Pxc6JyhXjz6XcWtG6sM.roa
Signing time: Wed 16 Aug 2023 06:13:28 +0000
ROA not before: Wed 16 Aug 2023 06:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 192.35.206.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 06:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fc:fa:47:97:56:68:68:87:84:15:f6:5d:bb:89:39:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Aug 16 06:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82738500a7fd3f173a2728578f3e97716b46eac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:c6:ca:d1:b7:ea:da:d0:96:9b:01:7b:bd:
07:89:61:42:c0:fd:58:c4:65:7f:2c:55:fd:ff:73:
84:2d:c7:13:ca:78:66:c0:6b:03:6e:7d:86:29:3b:
e2:c6:6d:11:04:08:c4:16:1a:ff:72:66:f3:51:53:
5c:72:94:10:ed:a1:0a:10:35:fc:8a:47:a4:45:db:
d4:96:f2:f1:52:5e:6b:dc:b0:65:8a:68:6c:63:1d:
cb:d3:00:b2:9b:e8:c6:f1:97:db:c8:3e:81:cb:98:
fa:3f:2d:b1:da:70:d9:f4:5e:d6:86:40:fd:e5:08:
10:60:a6:ac:bb:da:bf:85:12:46:56:78:60:dc:80:
94:fa:bb:55:11:67:35:2f:ba:a2:b0:86:7f:70:4f:
67:92:ea:b8:50:9d:dd:17:c2:52:9e:4f:5d:14:ca:
cd:cd:25:fd:48:9d:dd:ea:63:76:09:23:58:55:ca:
05:39:9b:ce:50:0f:39:6d:82:b2:54:25:91:a5:01:
5b:1f:8c:e5:bc:ad:a9:9f:72:bd:5a:94:cc:53:af:
47:9d:97:d0:43:7f:8d:bc:5c:fc:71:a3:21:1b:79:
dd:b6:20:c2:70:19:54:ca:a6:76:3c:50:48:e7:a3:
0d:77:19:0d:5f:8f:bc:73:a6:15:6c:d5:3c:1e:f9:
68:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:73:85:00:A7:FD:3F:17:3A:27:28:57:8F:3E:97:71:6B:46:EA:C3
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/gnOFAKf9Pxc6JyhXjz6XcWtG6sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
147.189.163.0/24
192.35.206.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ad:20:4f:a7:86:28:1e:a2:e3:b0:8a:87:0c:9a:cc:7e:fa:
21:73:19:7f:81:97:77:b3:31:fc:88:02:71:39:7d:b5:af:e2:
6a:a2:f4:34:f3:08:2b:69:55:1e:e2:13:c3:4e:9e:d4:bb:c9:
e3:26:93:36:81:4b:ae:c6:31:df:4b:9d:95:df:40:23:00:8e:
17:bc:bd:ec:c3:04:0e:78:b3:4f:53:46:17:a1:5b:54:a4:a9:
a3:ac:0c:74:9f:de:bc:e0:0b:63:3d:05:cf:fa:c3:eb:31:29:
5d:1d:c6:c7:13:ed:c8:ce:56:1a:8e:6c:e5:e1:55:2e:c0:16:
d3:58:c1:e7:c5:30:61:ec:b5:d2:5f:52:f4:31:a5:5d:05:04:
85:54:84:3f:d6:2a:3e:c2:e4:0e:94:7b:c5:14:a3:45:49:53:
a3:a4:0b:f0:b7:22:b7:ea:36:e3:ad:d0:e8:ea:dd:5b:72:f5:
aa:af:0e:af:49:46:bf:98:68:85:79:dc:ad:a9:db:4e:70:58:
99:11:57:cc:82:6a:26:87:9a:70:f9:3a:b4:04:9b:97:66:f8:
12:31:67:e8:87:0e:21:57:d1:4a:7f:92:a1:e2:3f:47:b8:2a:
15:25:54:d9:4e:33:a8:20:8d:15:18:da:36:c2:98:31:d9:a0:
87:9f:3e:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn8+keXVmhoh4QV9l27iTmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwODE2MDYxMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjczODUwMGE3ZmQzZjE3M2EyNzI4NTc4ZjNlOTc3MTZiNDZlYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbjGytG36trQlpsBe70HiWFCwP1Y
xGV/LFX9/3OELccTynhmwGsDbn2GKTvixm0RBAjEFhr/cmbzUVNccpQQ7aEKEDX8
ikekRdvUlvLxUl5r3LBlimhsYx3L0wCym+jG8ZfbyD6By5j6Py2x2nDZ9F7WhkD9
5QgQYKasu9q/hRJGVnhg3ICU+rtVEWc1L7qisIZ/cE9nkuq4UJ3dF8JSnk9dFMrN
zSX9SJ3d6mN2CSNYVcoFOZvOUA85bYKyVCWRpQFbH4zlvK2pn3K9WpTMU69HnZfQ
Q3+NvFz8caMhG3ndtiDCcBlUyqZ2PFBI56MNdxkNX4+8c6YVbNU8HvloYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIJzhQCn/T8XOicoV48+l3FrRurDMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvZ25PRkFLZjlQeGM2SnloWGp6NlhjV3RHNnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHxkLAwQA
k72jAwQAwCPOMA0GCSqGSIb3DQEBCwUAA4IBAQCZrSBPp4YoHqLjsIqHDJrMfvoh
cxl/gZd3szH8iAJxOX21r+JqovQ08wgraVUe4hPDTp7Uu8njJpM2gUuuxjHfS52V
30AjAI4XvL3swwQOeLNPU0YXoVtUpKmjrAx0n9684AtjPQXP+sPrMSldHcbHE+3I
zlYajmzl4VUuwBbTWMHnxTBh7LXSX1L0MaVdBQSFVIQ/1io+wuQOlHvFFKNFSVOj
pAvwtyK36jbjrdDo6t1bcvWqrw6vSUa/mGiFedytqdtOcFiZEVfMgmomh5pw+Tq0
BJuXZvgSMWfohw4hV9FKf5Kh4j9HuCoVJVTZTjOoII0VGNo2wpgx2aCHnz7s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:37 2024 by rpki-client on console-fra.rpki-client.org