Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/28DFMY1Us8_JnBnFtwGUeNaSEX4.roa
File: 28DFMY1Us8_JnBnFtwGUeNaSEX4.roa (raw, json)
Hash identifier: Abh0fB9NQ/OTi86eU8mO0hE0DzEZOmRpzAzd+75BwsQ=
Subject key identifier: DB:C0:C5:31:8D:54:B3:CF:C9:9C:19:C5:B7:01:94:78:D6:92:11:7E
Certificate issuer: /CN=fe2796c5a9854532e9ed638d1c39a541c2d8952c
Certificate serial: 018EBF3653DB11ED88FA0EFB5240F918CB4E
Authority key identifier: FE:27:96:C5:A9:85:45:32:E9:ED:63:8D:1C:39:A5:41:C2:D8:95:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/28DFMY1Us8_JnBnFtwGUeNaSEX4.roa
Signing time: Mon 08 Apr 2024 19:36:32 +0000
ROA not before: Mon 08 Apr 2024 19:36:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6694
IP address blocks: 194.247.128.0/19 maxlen: 19
194.247.132.0/24 maxlen: 24
194.247.142.0/24 maxlen: 24
194.247.143.0/24 maxlen: 24
194.247.144.0/24 maxlen: 24
194.247.152.0/24 maxlen: 24
212.5.224.0/19 maxlen: 19
212.5.226.0/24 maxlen: 24
2a04:8240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Apr 2024 08:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bf:36:53:db:11:ed:88:fa:0e:fb:52:40:f9:18:cb:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe2796c5a9854532e9ed638d1c39a541c2d8952c
Validity
Not Before: Apr 8 19:36:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbc0c5318d54b3cfc99c19c5b7019478d692117e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:23:c9:23:d3:34:aa:59:b1:49:13:d4:f7:9d:
79:34:32:8b:b6:5e:7c:48:df:e7:71:f3:83:3b:d7:
cc:93:e6:18:cc:1d:6f:a1:4d:2c:4c:c9:87:2e:39:
b3:29:71:7a:f2:99:98:74:51:75:e6:64:cd:e4:90:
3e:b4:65:cf:a1:02:c6:c3:70:66:f4:cd:55:27:e3:
88:8e:c1:22:83:07:2f:26:05:f2:ae:0d:b5:12:a2:
dc:0f:4a:33:f0:de:be:24:7a:67:60:be:0c:17:b1:
43:33:1e:60:bc:f6:72:8a:5d:db:d9:a3:ba:d9:72:
ff:05:30:6a:c5:d8:22:7f:14:94:08:12:01:1b:a3:
70:c7:9b:03:a5:3a:f7:79:f6:e7:73:42:d8:ba:52:
19:ab:7a:39:81:b1:96:c6:ad:91:45:cf:0b:aa:02:
89:64:8a:99:77:fa:28:d8:21:35:72:b0:99:5f:3c:
87:46:c0:33:6d:d1:c4:a5:93:c0:06:49:90:17:8b:
a8:3c:76:c7:a0:f9:12:0a:1a:4b:7e:ed:3b:36:0c:
2f:c2:f8:4b:55:8d:d2:ee:c3:0c:b4:ab:63:54:9a:
4d:11:52:89:13:09:60:fc:13:93:06:26:ca:6c:d9:
cb:20:6e:2a:11:61:d8:7d:d8:dd:d6:43:1c:01:c3:
e6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C0:C5:31:8D:54:B3:CF:C9:9C:19:C5:B7:01:94:78:D6:92:11:7E
X509v3 Authority Key Identifier:
keyid:FE:27:96:C5:A9:85:45:32:E9:ED:63:8D:1C:39:A5:41:C2:D8:95:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/28DFMY1Us8_JnBnFtwGUeNaSEX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/_ieWxamFRTLp7WONHDmlQcLYlSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.247.128.0/19
212.5.224.0/19
IPv6:
2a04:8240::/29
Signature Algorithm: sha256WithRSAEncryption
6b:c6:00:15:6a:ee:8c:ae:53:97:7c:9b:5f:57:da:6a:92:f2:
ba:97:d9:93:77:98:09:a5:5b:a9:ac:e6:ef:14:91:f5:06:34:
84:b0:9b:dc:86:d3:4e:b4:13:1d:da:83:ad:e1:11:c8:75:96:
fd:de:20:ec:02:b2:a7:76:6f:2c:fa:82:40:47:02:e7:a5:94:
47:ff:00:f3:ce:fb:90:99:92:9d:84:d5:67:0f:a6:19:fc:28:
c6:a9:c1:c9:06:86:50:0f:13:a6:16:9b:d3:4b:c9:06:ee:a6:
10:94:2c:58:ce:1e:2e:b8:a4:59:98:82:b8:0e:f6:ab:f7:96:
fc:24:9e:d0:f6:ce:81:7c:9c:de:20:03:d8:24:46:dd:42:78:
ca:3d:62:54:06:b7:2a:b5:c2:bd:85:08:53:64:5c:f4:41:80:
fe:93:1a:4e:a5:d4:72:5a:50:04:64:34:74:ce:fc:dd:27:bd:
04:b4:5e:b4:70:59:05:a4:65:26:6b:2d:80:2b:29:be:f8:b7:
74:49:74:f2:8c:9e:f5:89:4c:07:42:7c:cb:f2:f1:23:2a:d4:
e9:6d:e9:24:22:25:44:a0:c8:de:02:29:70:05:42:01:19:70:
c8:f5:c6:a3:d0:39:18:f7:77:04:dc:61:9b:98:d5:01:ed:a5:
de:1d:b7:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6/NlPbEe2I+g77UkD5GMtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMjc5NmM1YTk4NTQ1MzJlOWVkNjM4ZDFjMzlhNTQxYzJk
ODk1MmMwHhcNMjQwNDA4MTkzNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMwYzUzMThkNTRiM2NmYzk5YzE5YzViNzAxOTQ3OGQ2OTIxMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SPJI9M0qlmxSRPU9515NDKLtl58
SN/ncfODO9fMk+YYzB1voU0sTMmHLjmzKXF68pmYdFF15mTN5JA+tGXPoQLGw3Bm
9M1VJ+OIjsEigwcvJgXyrg21EqLcD0oz8N6+JHpnYL4MF7FDMx5gvPZyil3b2aO6
2XL/BTBqxdgifxSUCBIBG6Nwx5sDpTr3efbnc0LYulIZq3o5gbGWxq2RRc8LqgKJ
ZIqZd/oo2CE1crCZXzyHRsAzbdHEpZPABkmQF4uoPHbHoPkSChpLfu07NgwvwvhL
VY3S7sMMtKtjVJpNEVKJEwlg/BOTBibKbNnLIG4qEWHYfdjd1kMcAcPmzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNvAxTGNVLPPyZwZxbcBlHjWkhF+MB8GA1UdIwQY
MBaAFP4nlsWphUUy6e1jjRw5pUHC2JUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2llV3hhbUZSVExwN1dPTkhEbWxRY0xZbFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYmExODYtZTRkMi00NWUxLWE5Mzgt
MGU0YWIyNjM3YmVkLzEvMjhERk1ZMVVzOF9KbkJuRnR3R1VlTmFTRVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYmExODYtZTRkMi00NWUxLWE5MzgtMGU0YWIyNjM3YmVk
LzEvX2llV3hhbUZSVExwN1dPTkhEbWxRY0xZbFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFwveAAwQF
1AXgMA0EAgACMAcDBQMqBIJAMA0GCSqGSIb3DQEBCwUAA4IBAQBrxgAVau6MrlOX
fJtfV9pqkvK6l9mTd5gJpVuprObvFJH1BjSEsJvchtNOtBMd2oOt4RHIdZb93iDs
ArKndm8s+oJARwLnpZRH/wDzzvuQmZKdhNVnD6YZ/CjGqcHJBoZQDxOmFpvTS8kG
7qYQlCxYzh4uuKRZmIK4Dvar95b8JJ7Q9s6BfJzeIAPYJEbdQnjKPWJUBrcqtcK9
hQhTZFz0QYD+kxpOpdRyWlAEZDR0zvzdJ70EtF60cFkFpGUmay2AKym++Ld0SXTy
jJ71iUwHQnzL8vEjKtTpbekkIiVEoMjeAilwBUIBGXDI9caj0DkY93cE3GGbmNUB
7aXeHbde
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:40 2024 by rpki-client on console-ams.rpki-client.org