Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/G09QFMhRhg3Ul_6KSQHDL8QudgM.roa
File: G09QFMhRhg3Ul_6KSQHDL8QudgM.roa (raw, json)
Hash identifier: ZNcSKvWWUOnpGAhEl8VPNzeuIV0iauhOBvqshhk3VmY=
Subject key identifier: 1B:4F:50:14:C8:51:86:0D:D4:97:FE:8A:49:01:C3:2F:C4:2E:76:03
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01867E7896BF31125CC5E595FF947C40BDB3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/G09QFMhRhg3Ul_6KSQHDL8QudgM.roa
Signing time: Thu 23 Feb 2023 13:31:17 +0000
ROA not before: Thu 23 Feb 2023 13:31:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.253.12.0/24 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 14:22:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:78:96:bf:31:12:5c:c5:e5:95:ff:94:7c:40:bd:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 23 13:31:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b4f5014c851860dd497fe8a4901c32fc42e7603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:29:95:9f:ba:c8:fc:9b:76:63:11:49:83:
22:f7:16:05:b6:11:a4:6f:54:c2:f4:bf:10:99:f6:
eb:b9:d1:df:84:82:8e:47:dc:d4:80:a7:1d:dc:f2:
9e:88:ae:e1:e0:5c:19:03:9d:37:c1:14:b7:1a:78:
0e:a7:84:96:d6:c8:ec:8a:ff:c9:e5:2a:32:31:1f:
4b:02:9b:46:62:0f:1c:b2:6b:c1:ea:90:66:9b:e4:
2a:a2:c3:bb:80:59:f2:6b:f2:4b:ab:79:b0:9d:c5:
85:02:41:ac:0e:c9:be:f2:a4:2b:54:6f:74:e9:d2:
4e:f7:ec:c6:69:72:f5:3e:f2:c7:5d:39:9a:48:d5:
7f:0d:76:c6:71:6a:fb:94:fa:90:e2:d7:27:10:fc:
90:c2:8e:a2:90:af:61:35:2e:ff:5c:dd:09:d6:24:
41:f2:87:3a:ec:16:16:5c:0e:49:58:bf:b1:33:07:
53:01:99:d7:bf:a5:d1:7e:6b:fb:0b:3a:02:84:00:
4f:50:4d:25:5e:d0:22:8e:ac:4f:c9:e9:b3:da:9d:
55:8d:bd:4b:e8:90:39:84:eb:de:de:90:b9:e1:f7:
ad:d4:b2:c0:55:da:2e:fd:16:29:74:b7:9f:c6:c1:
4a:9d:cd:ec:6b:d6:e2:61:6d:71:72:eb:1b:ec:fb:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4F:50:14:C8:51:86:0D:D4:97:FE:8A:49:01:C3:2F:C4:2E:76:03
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/G09QFMhRhg3Ul_6KSQHDL8QudgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.12.0/24
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:0d:02:c3:ec:04:78:78:d2:ac:75:86:8a:0a:f2:3d:09:3f:
ec:61:d1:02:4b:ea:fe:57:c0:50:0a:1d:75:f4:6f:55:c8:a1:
b5:8e:de:6c:fb:be:38:81:aa:f1:71:8c:d7:7d:67:33:8f:fc:
76:2b:2f:bb:1e:93:8c:20:b8:af:f5:0a:f3:07:53:f0:eb:d2:
e3:72:04:19:6a:37:6c:87:a9:89:55:e0:73:d9:eb:01:1f:0a:
cb:41:3f:e0:d4:de:43:f1:c1:c4:4c:ec:e1:b7:d2:85:7d:d4:
0d:aa:c6:92:86:27:94:99:dd:9d:90:86:79:12:f7:db:00:e5:
07:c1:fc:35:a2:da:9f:62:19:d3:5b:f5:b5:3a:12:4c:23:2e:
92:4f:b0:a2:d9:90:9a:64:69:cb:34:54:a0:c5:f2:1d:ca:ed:
09:a9:ab:91:72:e6:12:ce:83:e0:ed:38:8a:56:e5:7f:96:17:
6a:4b:b6:7f:03:e8:bf:4f:b5:ba:9c:8f:6c:e7:79:71:24:55:
ff:70:aa:01:de:38:4b:d7:8c:ba:e4:76:61:fc:67:f6:4c:88:
62:d6:14:7a:c9:11:bb:8c:ac:5a:8a:d2:78:fe:77:e5:9d:3a:
ec:26:f9:0c:0d:80:03:4f:66:e2:18:59:c3:60:ad:8c:54:59:
2b:6f:c6:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ+eJa/MRJcxeWV/5R8QL2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjIzMTMzMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjRmNTAxNGM4NTE4NjBkZDQ5N2ZlOGE0OTAxYzMyZmM0MmU3NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx4plZ+6yPybdmMRSYMi9xYFthGk
b1TC9L8QmfbrudHfhIKOR9zUgKcd3PKeiK7h4FwZA503wRS3GngOp4SW1sjsiv/J
5SoyMR9LAptGYg8csmvB6pBmm+QqosO7gFnya/JLq3mwncWFAkGsDsm+8qQrVG90
6dJO9+zGaXL1PvLHXTmaSNV/DXbGcWr7lPqQ4tcnEPyQwo6ikK9hNS7/XN0J1iRB
8oc67BYWXA5JWL+xMwdTAZnXv6XRfmv7CzoChABPUE0lXtAijqxPyemz2p1Vjb1L
6JA5hOve3pC54fet1LLAVdou/RYpdLefxsFKnc3sa9biYW1xcusb7PtZoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBtPUBTIUYYN1Jf+ikkBwy/ELnYDMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRzA5UUZNaFJoZzNVbF82S1NRSERMOFF1ZGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvP0MAwQC
1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQAODQLD7AR4eNKsdYaKCvI9CT/sYdECS+r+
V8BQCh119G9VyKG1jt5s+744garxcYzXfWczj/x2Ky+7HpOMILiv9QrzB1Pw69Lj
cgQZajdsh6mJVeBz2esBHwrLQT/g1N5D8cHETOzht9KFfdQNqsaShieUmd2dkIZ5
EvfbAOUHwfw1otqfYhnTW/W1OhJMIy6ST7Ci2ZCaZGnLNFSgxfIdyu0JqauRcuYS
zoPg7TiKVuV/lhdqS7Z/A+i/T7W6nI9s53lxJFX/cKoB3jhL14y65HZh/Gf2TIhi
1hR6yRG7jKxaitJ4/nflnTrsJvkMDYADT2biGFnDYK2MVFkrb8bD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org