Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/dMnUlvroe3fbKEyJCbFSqw5wyQw.roa
File: dMnUlvroe3fbKEyJCbFSqw5wyQw.roa (raw, json)
Hash identifier: U0sQIy2vig4UqgtN9Frogq2XN2G843DwW+qLICUm4Jc=
Subject key identifier: 74:C9:D4:96:FA:E8:7B:77:DB:28:4C:89:09:B1:52:AB:0E:70:C9:0C
Certificate issuer: /CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Certificate serial: 01856D4ACC2CF4FFCBB68F0EF9CB24334A11
Authority key identifier: 6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/dMnUlvroe3fbKEyJCbFSqw5wyQw.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199351
IP address blocks: 176.124.231.0/24 maxlen: 24
194.60.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 15:37:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:cc:2c:f4:ff:cb:b6:8f:0e:f9:cb:24:33:4a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74c9d496fae87b77db284c8909b152ab0e70c90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:ae:ba:bf:84:08:8f:f9:c7:80:5c:03:ae:
46:a6:4b:ad:95:cd:4d:9b:8d:51:b6:ed:f4:4e:2b:
06:ba:36:da:be:01:05:d4:8f:e8:74:0b:a9:46:7f:
f8:54:9b:ea:c2:ab:b9:8f:10:b9:6a:a9:bc:79:e3:
43:32:29:26:ff:ed:a1:cc:99:d9:8b:6e:2e:fa:a9:
4e:69:15:6d:83:6c:25:5c:11:17:ff:7d:f5:71:ef:
19:71:2e:3c:07:bc:4d:ca:45:e4:40:61:d9:79:44:
4c:96:e9:4c:39:62:1f:6a:17:ae:7a:f1:90:7a:4c:
16:00:2b:67:ca:cd:2c:b1:b0:78:00:90:9a:62:51:
05:5f:8d:0d:b2:48:43:c9:f8:8c:97:9c:cd:e2:40:
58:97:f3:21:55:3a:52:33:69:b9:61:d3:49:0b:ee:
7a:29:81:5d:a9:63:8e:82:4c:ac:1f:fa:be:9f:cd:
12:f1:14:f3:6b:68:d2:20:84:b0:e7:11:dd:b1:4d:
ef:5f:dc:d8:51:a5:ed:e0:84:23:83:e7:69:da:b1:
cf:d2:34:e3:f6:09:8f:9b:a2:07:c5:2c:1f:85:74:
9f:09:8a:e3:de:61:d0:9a:f4:8c:7e:a8:5a:8f:18:
f0:b4:03:1d:cd:0c:be:fe:4c:46:e2:79:58:f0:f1:
92:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C9:D4:96:FA:E8:7B:77:DB:28:4C:89:09:B1:52:AB:0E:70:C9:0C
X509v3 Authority Key Identifier:
keyid:6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/dMnUlvroe3fbKEyJCbFSqw5wyQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.231.0/24
194.60.253.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:7f:c0:89:56:bb:32:0d:34:3f:04:8e:99:9c:f9:43:9a:ec:
a3:83:1a:54:e8:e8:df:ac:32:5c:53:29:88:4f:8b:fb:31:e7:
3c:fc:de:66:fb:bd:dd:94:00:c4:e7:75:a5:6e:0b:03:17:11:
0a:11:c5:3c:5b:ae:e8:70:65:38:cf:ab:61:0c:43:f8:57:36:
a6:8a:48:78:3c:41:80:ca:2c:0a:67:24:25:07:88:fc:69:0d:
f2:44:ed:31:cc:7f:e3:64:77:af:b2:d1:cb:8e:bb:1f:1a:a3:
f2:e8:8a:fb:d6:45:4e:e6:bf:10:04:12:f3:50:52:1b:11:bc:
00:ef:a2:42:b9:69:93:ab:59:47:3b:cf:77:eb:69:a4:1d:4c:
60:fc:e6:6a:97:00:e8:b0:4c:22:ad:fc:ff:ba:52:db:a1:47:
50:ed:eb:f0:85:3d:b6:c6:71:2a:60:06:0b:49:cb:49:96:75:
3c:c9:48:8c:bd:f4:c0:f8:df:1a:37:76:9f:bd:da:6b:25:af:
c7:49:c3:6e:b2:c0:b0:b5:4c:ba:cb:f1:61:2f:c2:21:0b:8f:
66:21:18:46:75:70:c1:20:ff:76:57:bb:89:a4:44:80:2f:86:
86:e4:e3:b1:d2:5a:7d:0b:91:14:44:58:c9:3b:3b:4f:a9:99:
6b:87:eb:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSsws9P/Lto8O+cskM0oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMzY2ZmRmY2FhMjBlODBlOGJmYzMzMGE0ZDhiMWJlN2Rl
NmExZDAwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM5ZDQ5NmZhZTg3Yjc3ZGIyODRjODkwOWIxNTJhYjBlNzBjOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui+uur+ECI/5x4BcA65Gpkutlc1N
m41Rtu30TisGujbavgEF1I/odAupRn/4VJvqwqu5jxC5aqm8eeNDMikm/+2hzJnZ
i24u+qlOaRVtg2wlXBEX/331ce8ZcS48B7xNykXkQGHZeURMlulMOWIfaheuevGQ
ekwWACtnys0ssbB4AJCaYlEFX40NskhDyfiMl5zN4kBYl/MhVTpSM2m5YdNJC+56
KYFdqWOOgkysH/q+n80S8RTza2jSIISw5xHdsU3vX9zYUaXt4IQjg+dp2rHP0jTj
9gmPm6IHxSwfhXSfCYrj3mHQmvSMfqhajxjwtAMdzQy+/kxG4nlY8PGSrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTJ1Jb66Ht32yhMiQmxUqsOcMkMMB8GA1UdIwQY
MBaAFGo2b9/Kog6A6L/DMKTYsb595qHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgt
MDU1NTljMWY1OTE1LzEvZE1uVWx2cm9lM2ZiS0V5SkNiRlNxdzV3eVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgtMDU1NTljMWY1OTE1
LzEvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHznAwQA
wjz9MA0GCSqGSIb3DQEBCwUAA4IBAQDUf8CJVrsyDTQ/BI6ZnPlDmuyjgxpU6Ojf
rDJcUymIT4v7Mec8/N5m+73dlADE53WlbgsDFxEKEcU8W67ocGU4z6thDEP4Vzam
ikh4PEGAyiwKZyQlB4j8aQ3yRO0xzH/jZHevstHLjrsfGqPy6Ir71kVO5r8QBBLz
UFIbEbwA76JCuWmTq1lHO89362mkHUxg/OZqlwDosEwirfz/ulLboUdQ7evwhT22
xnEqYAYLSctJlnU8yUiMvfTA+N8aN3afvdprJa/HScNussCwtUy6y/FhL8IhC49m
IRhGdXDBIP92V7uJpESAL4aG5OOx0lp9C5EURFjJOztPqZlrh+sz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org