Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/pO93P0IPYxO60nqJWtd1hBeKP9M.roa
File: pO93P0IPYxO60nqJWtd1hBeKP9M.roa (raw, json)
Hash identifier: SIzxMj/XvF5LrDffQ0fyqanFpqj40boRNXhrY9lHK74=
Subject key identifier: A4:EF:77:3F:42:0F:63:13:BA:D2:7A:89:5A:D7:75:84:17:8A:3F:D3
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A7398B3D1C7B2AF0E62C8B24AC99D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/pO93P0IPYxO60nqJWtd1hBeKP9M.roa
Signing time: Tue 02 Jan 2024 12:33:48 +0000
ROA not before: Tue 02 Jan 2024 12:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142578
IP address blocks: 188.209.156.0/22 maxlen: 24
185.207.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 03:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:73:98:b3:d1:c7:b2:af:0e:62:c8:b2:4a:c9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4ef773f420f6313bad27a895ad77584178a3fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:44:92:31:a5:fa:69:cb:64:ac:bb:0d:36:
14:0a:e4:89:29:e6:2a:a7:35:6c:5b:88:96:2a:a4:
45:2e:dc:09:8a:20:35:88:1f:78:dc:96:46:36:4c:
90:2f:d8:35:bf:1b:c4:1c:9f:4d:06:08:0e:37:c9:
79:3d:7c:d7:f8:fa:4c:bf:f2:47:ad:29:82:c9:91:
5f:6f:0a:d3:a0:d8:4f:9a:85:ec:32:1b:6f:cf:d0:
cc:2a:3c:b8:e6:7a:ee:76:d6:3d:e9:e2:20:d9:1a:
6b:66:24:dc:e3:e3:6b:73:97:8b:b0:8e:28:0d:02:
d3:7c:08:25:ac:45:d5:cd:ff:25:2c:86:9e:2a:66:
c0:9e:98:19:f5:d7:a3:2e:58:3d:37:eb:ed:38:8f:
b9:5f:76:a3:cc:46:58:53:9e:00:2f:62:1b:b7:d7:
ff:9e:0f:a5:29:ed:af:44:42:e3:15:13:ad:b8:b6:
5e:55:7b:06:41:59:fc:b0:63:85:f6:19:45:0f:58:
5e:69:8a:8e:88:79:06:f8:76:28:7d:70:f7:52:60:
f1:74:3f:33:86:e6:0f:7f:0b:bf:60:64:ea:97:88:
90:0e:77:4d:79:83:0e:5a:b4:3b:9b:45:f8:ec:1c:
31:e8:bf:4b:c2:de:70:54:a1:10:28:54:57:51:2c:
24:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EF:77:3F:42:0F:63:13:BA:D2:7A:89:5A:D7:75:84:17:8A:3F:D3
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/pO93P0IPYxO60nqJWtd1hBeKP9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.196.0/22
188.209.156.0/22
Signature Algorithm: sha256WithRSAEncryption
33:b7:5d:b5:b1:c0:60:6f:a5:d8:e3:02:61:2b:19:6c:0c:8c:
d6:bc:4d:6f:55:72:80:09:61:50:8a:7a:fb:54:b1:c7:55:61:
99:1f:8b:09:af:d8:9c:99:8d:70:ab:ad:16:3f:79:30:cb:b6:
79:ab:80:4b:3a:0d:50:72:51:11:71:3f:43:3e:71:8a:25:2e:
1d:a6:83:bc:dc:99:98:bf:68:39:b1:2f:77:88:73:e8:dd:c3:
87:74:32:5d:59:8c:30:08:3c:34:28:16:e0:59:ec:36:c8:b1:
1e:fe:6f:7e:9f:98:01:da:b6:cf:d0:58:d7:97:b1:77:12:7a:
78:d4:fb:28:c1:1d:5b:59:75:c8:d9:1a:e3:ad:a7:cd:05:e5:
dd:58:78:6a:19:a1:96:bc:ba:9e:27:ed:e2:63:7e:11:b1:fc:
58:e0:b0:bb:7a:74:1a:b0:11:59:7e:be:38:19:73:71:9c:af:
e2:57:de:c3:18:df:eb:e0:5d:4f:6d:4e:5d:58:c2:a0:ab:d0:
2a:01:fc:5b:ee:40:52:50:f6:b4:bd:7b:52:a7:9b:1a:dc:96:
d3:0b:db:18:fe:02:9d:69:3e:66:23:fa:a2:09:c2:b0:c6:cd:
39:9e:b2:2d:29:9c:98:8e:e0:88:ce:72:4e:23:b4:a7:d5:33:
08:fd:ce:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKnOYs9HHsq8OYsiySsmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGVmNzczZjQyMGY2MzEzYmFkMjdhODk1YWQ3NzU4NDE3OGEzZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8pEkjGl+mnLZKy7DTYUCuSJKeYq
pzVsW4iWKqRFLtwJiiA1iB943JZGNkyQL9g1vxvEHJ9NBggON8l5PXzX+PpMv/JH
rSmCyZFfbwrToNhPmoXsMhtvz9DMKjy45nrudtY96eIg2RprZiTc4+Nrc5eLsI4o
DQLTfAglrEXVzf8lLIaeKmbAnpgZ9dejLlg9N+vtOI+5X3ajzEZYU54AL2Ibt9f/
ng+lKe2vRELjFROtuLZeVXsGQVn8sGOF9hlFD1heaYqOiHkG+HYofXD3UmDxdD8z
huYPfwu/YGTql4iQDndNeYMOWrQ7m0X47Bwx6L9Lwt5wVKEQKFRXUSwkWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTvdz9CD2MTutJ6iVrXdYQXij/TMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcE85M1AwSVBZeE82MG5xSld0ZDFoQmVLUDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuc/EAwQC
vNGcMA0GCSqGSIb3DQEBCwUAA4IBAQAzt121scBgb6XY4wJhKxlsDIzWvE1vVXKA
CWFQinr7VLHHVWGZH4sJr9icmY1wq60WP3kwy7Z5q4BLOg1QclERcT9DPnGKJS4d
poO83JmYv2g5sS93iHPo3cOHdDJdWYwwCDw0KBbgWew2yLEe/m9+n5gB2rbP0FjX
l7F3Enp41PsowR1bWXXI2RrjrafNBeXdWHhqGaGWvLqeJ+3iY34RsfxY4LC7enQa
sBFZfr44GXNxnK/iV97DGN/r4F1PbU5dWMKgq9AqAfxb7kBSUPa0vXtSp5sa3JbT
C9sY/gKdaT5mI/qiCcKwxs05nrItKZyYjuCIznJOI7Sn1TMI/c7g
-----END CERTIFICATE-----
Generated at Tue Sep 10 05:22:38 2024 by rpki-client on console-fra.rpki-client.org