Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/tuVWr2AZ_fVybXnA7Cz6qqWMcns.roa
File: tuVWr2AZ_fVybXnA7Cz6qqWMcns.roa (raw, json)
Hash identifier: aMQFkHutSd8bOVCBcQHbpCBy1vcfMcPL8bThDr1zvAY=
Subject key identifier: B6:E5:56:AF:60:19:FD:F5:72:6D:79:C0:EC:2C:FA:AA:A5:8C:72:7B
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0192D40653DCBFA5A9A998FA8BB1D8062FB3
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/tuVWr2AZ_fVybXnA7Cz6qqWMcns.roa
Signing time: Mon 28 Oct 2024 16:47:17 +0000
ROA not before: Mon 28 Oct 2024 16:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214940
IP address blocks: 188.190.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 17:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d4:06:53:dc:bf:a5:a9:a9:98:fa:8b:b1:d8:06:2f:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Oct 28 16:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6e556af6019fdf5726d79c0ec2cfaaaa58c727b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:84:a7:87:54:42:cf:71:1a:07:8d:a5:c6:84:
b5:8e:e2:cb:8d:b8:8d:dc:f9:9d:c1:43:42:ab:8b:
66:7d:e2:44:da:12:3e:1c:4b:a2:4a:64:d0:1c:38:
50:cc:d6:80:46:eb:96:bf:0c:a5:67:10:96:b6:0a:
ef:12:57:f4:27:1b:a9:bf:f4:9d:0d:fd:79:be:c1:
6f:62:cf:10:20:dc:15:ef:69:48:7e:50:6d:84:eb:
60:a3:a1:d7:76:ab:da:75:6f:4f:de:c0:76:70:8f:
fb:3a:20:82:43:89:9d:61:fe:81:cf:28:e9:48:40:
2a:50:6c:02:cb:5b:d3:81:54:e0:f2:00:02:af:a3:
e5:ae:82:9b:33:86:22:6d:aa:98:94:5a:13:97:8d:
5e:7b:65:56:a4:42:d8:1e:d1:1f:ce:8f:c4:1b:24:
ae:25:14:16:2d:19:ad:51:50:b4:3b:06:47:93:e2:
5e:75:34:6e:11:4b:e2:49:23:65:db:f1:24:92:a1:
aa:7b:bf:98:c8:36:2b:8f:ff:24:95:79:43:1e:dd:
7d:9a:90:65:8a:db:14:14:40:8d:15:82:47:8a:b3:
51:bb:32:59:6d:63:9f:f0:46:eb:86:7f:65:5d:67:
c4:ef:04:ac:2d:f7:78:b6:67:2d:b3:86:51:fc:cc:
d5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E5:56:AF:60:19:FD:F5:72:6D:79:C0:EC:2C:FA:AA:A5:8C:72:7B
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/tuVWr2AZ_fVybXnA7Cz6qqWMcns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.10.0/24
Signature Algorithm: sha256WithRSAEncryption
63:04:ef:e1:42:c8:80:9f:e3:60:a8:21:bf:6b:da:fb:a9:92:
66:b5:22:b3:e1:21:32:c1:57:a6:ba:76:8e:3b:01:11:9f:46:
90:85:b2:b0:59:50:0e:0c:46:8a:47:96:cc:c5:f3:40:ec:28:
8c:e1:31:8f:fe:a7:21:c9:6a:92:56:6d:22:54:be:b4:d1:ad:
a2:34:19:40:45:0f:71:2d:15:05:3c:ea:5a:56:b9:09:a5:96:
6a:40:92:a2:15:12:9d:09:5b:83:46:5d:7d:55:76:16:7b:e3:
49:09:a2:6b:1c:6e:10:5e:f3:69:e9:aa:3d:60:de:03:f6:25:
d6:a5:55:1d:f7:ff:93:fe:64:c1:cb:ee:72:9a:1d:34:44:b5:
43:89:36:3b:21:b8:de:ba:5b:52:29:16:32:3e:b4:e3:3f:d4:
fb:ec:e4:89:eb:cb:90:85:ac:9e:9b:a0:53:b6:63:e0:1d:23:
d2:ae:16:19:fe:1b:e9:a5:a7:83:7e:b0:4c:24:36:a4:59:00:
5a:73:8e:c9:e3:b8:ae:2b:9a:7c:4e:d3:82:41:b4:ac:fc:15:
9b:70:10:3f:96:2c:a2:75:ba:ba:97:06:af:a6:dc:58:c1:6f:
02:43:4a:40:35:61:df:56:06:c1:bb:f3:9e:11:35:24:3c:45:
be:7d:16:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLUBlPcv6WpqZj6i7HYBi+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjQxMDI4MTY0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmU1NTZhZjYwMTlmZGY1NzI2ZDc5YzBlYzJjZmFhYWE1OGM3MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqISnh1RCz3EaB42lxoS1juLLjbiN
3PmdwUNCq4tmfeJE2hI+HEuiSmTQHDhQzNaARuuWvwylZxCWtgrvElf0Jxupv/Sd
Df15vsFvYs8QINwV72lIflBthOtgo6HXdqvadW9P3sB2cI/7OiCCQ4mdYf6Bzyjp
SEAqUGwCy1vTgVTg8gACr6PlroKbM4YibaqYlFoTl41ee2VWpELYHtEfzo/EGySu
JRQWLRmtUVC0OwZHk+JedTRuEUviSSNl2/EkkqGqe7+YyDYrj/8klXlDHt19mpBl
itsUFECNFYJHirNRuzJZbWOf8Ebrhn9lXWfE7wSsLfd4tmcts4ZR/MzVcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLblVq9gGf31cm15wOws+qqljHJ7MB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvdHVWV3IyQVpfZlZ5YlhuQTdDejZxcVdNY25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL4KMA0G
CSqGSIb3DQEBCwUAA4IBAQBjBO/hQsiAn+NgqCG/a9r7qZJmtSKz4SEywVemunaO
OwERn0aQhbKwWVAODEaKR5bMxfNA7CiM4TGP/qchyWqSVm0iVL600a2iNBlARQ9x
LRUFPOpaVrkJpZZqQJKiFRKdCVuDRl19VXYWe+NJCaJrHG4QXvNp6ao9YN4D9iXW
pVUd9/+T/mTBy+5ymh00RLVDiTY7IbjeultSKRYyPrTjP9T77OSJ68uQhayem6BT
tmPgHSPSrhYZ/hvppaeDfrBMJDakWQBac47J47iuK5p8TtOCQbSs/BWbcBA/liyi
dbq6lwavptxYwW8CQ0pANWHfVgbBu/OeETUkPEW+fRaP
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:21:44 2025 by rpki-client