Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/u2wIEGR89Yia3fzdrZIgwkU6dPU.roa
File: u2wIEGR89Yia3fzdrZIgwkU6dPU.roa (raw, json)
Hash identifier: fo1cLbhtFMV8+9vPQ8JkbaZkkTeThh7kQOsT4fjXo0M=
Subject key identifier: BB:6C:08:10:64:7C:F5:88:9A:DD:FC:DD:AD:92:20:C2:45:3A:74:F5
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 0189ABA90304A88851409B0A895A1FA8FF3F
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/u2wIEGR89Yia3fzdrZIgwkU6dPU.roa
Signing time: Mon 31 Jul 2023 11:15:27 +0000
ROA not before: Mon 31 Jul 2023 11:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132335
IP address blocks: 188.241.63.0/24 maxlen: 24
188.241.62.0/24 maxlen: 24
188.208.141.0/24 maxlen: 24
188.208.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:a9:03:04:a8:88:51:40:9b:0a:89:5a:1f:a8:ff:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jul 31 11:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb6c0810647cf5889addfcddad9220c2453a74f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:89:80:c2:2d:b2:f6:94:b0:ff:96:34:60:f7:
ad:ef:e9:dc:86:12:63:35:ed:96:1e:91:c5:38:a8:
dc:6a:e6:8e:aa:67:82:1d:2d:eb:76:fd:9d:c6:d0:
51:99:b3:9a:7d:c9:81:5d:16:1e:b0:77:ca:62:fc:
10:99:eb:c0:cf:6e:ae:8e:20:73:47:b3:69:2d:e0:
6a:75:c8:28:e3:12:6f:da:e1:15:62:e2:ff:53:56:
82:ff:ec:10:28:69:4c:6c:dc:0b:11:b1:54:87:03:
d3:99:84:bf:c3:76:c7:a0:00:be:9e:2d:6a:2a:80:
f1:44:b6:b0:55:b1:5d:33:12:9a:8a:36:af:c8:4b:
42:ba:34:66:96:7e:eb:9a:e1:b2:e9:4f:01:91:3b:
fc:d7:95:47:ab:44:99:58:2d:54:11:e3:ab:87:eb:
09:35:be:35:05:68:bc:51:e3:cd:15:34:7e:9b:67:
79:ac:dd:00:ed:82:66:72:cd:79:c3:42:97:bf:44:
31:6a:6c:e8:16:3e:44:be:aa:04:9f:11:8d:3e:cb:
3f:50:c3:18:37:34:8f:b6:34:43:84:0d:54:28:7f:
3b:b6:2a:4f:fe:f9:61:b9:b4:73:27:7a:0b:84:9c:
e4:12:53:09:d2:26:0a:ae:a8:63:03:27:44:4f:cd:
03:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:6C:08:10:64:7C:F5:88:9A:DD:FC:DD:AD:92:20:C2:45:3A:74:F5
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/u2wIEGR89Yia3fzdrZIgwkU6dPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.140.0/23
188.241.62.0/23
Signature Algorithm: sha256WithRSAEncryption
50:83:fd:96:62:f1:3a:ca:a6:59:3a:0f:4d:c3:8e:17:87:45:
1f:05:1b:e4:a0:8a:c1:d7:f5:30:28:96:2e:f3:6e:08:d4:30:
40:2e:6f:13:43:c1:b7:ff:4b:af:66:07:bb:73:2b:13:69:f8:
dd:4b:ec:6c:d7:47:91:2b:65:df:18:bd:f8:e5:1e:af:49:ba:
00:4c:53:15:05:f0:c3:b0:96:b8:5e:e9:ec:32:ba:bd:f8:94:
25:57:ea:bc:c9:03:19:68:c3:ef:29:a2:a6:37:7e:d3:af:d0:
4f:8b:ce:82:d4:2f:f0:35:7d:50:e1:c2:93:6e:5f:76:79:dc:
35:82:86:e1:ff:23:a4:5d:e2:b1:33:f9:48:c0:50:c0:66:8d:
18:b7:00:07:fd:8d:ec:54:be:1c:14:df:ff:29:f0:e5:d0:3d:
9e:14:e3:d0:2a:8e:ff:85:66:c5:89:8a:ea:e3:91:7c:25:eb:
62:92:c5:6a:29:2d:ca:6c:ae:5f:f4:b7:6e:0c:69:25:b1:12:
9f:29:87:24:02:a2:34:0a:2b:a6:be:26:21:45:60:d0:31:be:
23:5b:5e:39:38:81:dd:b1:39:df:97:6a:5b:5f:01:bd:94:0d:
84:82:c0:09:e7:92:ad:ae:92:7d:b7:97:79:0e:bb:a8:7d:8f:
31:5c:f0:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmrqQMEqIhRQJsKiVofqP8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjMwNzMxMTExNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjZjMDgxMDY0N2NmNTg4OWFkZGZjZGRhZDkyMjBjMjQ1M2E3NGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4mAwi2y9pSw/5Y0YPet7+nchhJj
Ne2WHpHFOKjcauaOqmeCHS3rdv2dxtBRmbOafcmBXRYesHfKYvwQmevAz26ujiBz
R7NpLeBqdcgo4xJv2uEVYuL/U1aC/+wQKGlMbNwLEbFUhwPTmYS/w3bHoAC+ni1q
KoDxRLawVbFdMxKaijavyEtCujRmln7rmuGy6U8BkTv815VHq0SZWC1UEeOrh+sJ
Nb41BWi8UePNFTR+m2d5rN0A7YJmcs15w0KXv0QxamzoFj5EvqoEnxGNPss/UMMY
NzSPtjRDhA1UKH87tipP/vlhubRzJ3oLhJzkElMJ0iYKrqhjAydET80DnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLtsCBBkfPWImt383a2SIMJFOnT1MB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvdTJ3SUVHUjg5WWlhM2Z6ZHJaSWd3a1U2ZFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvNCMAwQB
vPE+MA0GCSqGSIb3DQEBCwUAA4IBAQBQg/2WYvE6yqZZOg9Nw44Xh0UfBRvkoIrB
1/UwKJYu824I1DBALm8TQ8G3/0uvZge7cysTafjdS+xs10eRK2XfGL345R6vSboA
TFMVBfDDsJa4XunsMrq9+JQlV+q8yQMZaMPvKaKmN37Tr9BPi86C1C/wNX1Q4cKT
bl92edw1gobh/yOkXeKxM/lIwFDAZo0YtwAH/Y3sVL4cFN//KfDl0D2eFOPQKo7/
hWbFiYrq45F8JetiksVqKS3KbK5f9LduDGklsRKfKYckAqI0CiumviYhRWDQMb4j
W145OIHdsTnfl2pbXwG9lA2EgsAJ55KtrpJ9t5d5DruofY8xXPDf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org