Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/xbBYDNsAQOV8O12WE2lRXgcVgtQ.roa
File: xbBYDNsAQOV8O12WE2lRXgcVgtQ.roa (raw, json)
Hash identifier: 3ZEOG8ySSbtlEtjKJmVLCtT8PdZhkruangtJRuJNQvI=
Subject key identifier: C5:B0:58:0C:DB:00:40:E5:7C:3B:5D:96:13:69:51:5E:07:15:82:D4
Certificate issuer: /CN=3848885c9702eac1f3d01263e6d3e54449ee2154
Certificate serial: 018BDD4EFDB009CF77556D5B2FF8D5CFF79C
Authority key identifier: 38:48:88:5C:97:02:EA:C1:F3:D0:12:63:E6:D3:E5:44:49:EE:21:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEiIXJcC6sHz0BJj5tPlREnuIVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/xbBYDNsAQOV8O12WE2lRXgcVgtQ.roa
Signing time: Fri 17 Nov 2023 12:43:43 +0000
ROA not before: Fri 17 Nov 2023 12:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210767
IP address blocks: 188.64.139.0/24 maxlen: 24
2a11:fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:4e:fd:b0:09:cf:77:55:6d:5b:2f:f8:d5:cf:f7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3848885c9702eac1f3d01263e6d3e54449ee2154
Validity
Not Before: Nov 17 12:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5b0580cdb0040e57c3b5d961369515e071582d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2d:ce:0c:fc:e2:bf:26:64:95:9f:5e:c7:d3:
12:f5:64:30:56:76:46:58:7e:ec:c2:88:d9:24:d2:
49:7b:e5:90:05:ce:71:f1:f7:02:e0:f5:5c:da:b7:
b7:8a:bc:f8:54:4c:f5:f3:02:87:8b:e9:70:3b:43:
04:ff:20:8a:49:c1:5d:20:9b:fe:d2:0b:7b:11:20:
81:19:15:e5:6d:59:f6:ae:00:30:b0:39:e5:69:bd:
2f:c0:59:a1:4c:ea:f1:2a:e9:7c:ff:f0:0d:b6:79:
b7:fb:39:4e:cb:da:4b:d6:27:a3:b9:a8:5e:5c:c5:
19:fb:26:5a:94:d7:70:7b:10:08:ed:3f:78:14:7b:
30:30:49:45:4f:74:d4:fd:7a:ce:ae:41:a0:f7:07:
e0:0c:50:13:12:26:27:9b:4e:7a:27:cc:5d:2b:6d:
9a:cf:4a:6d:a5:26:d8:69:41:1b:5e:9b:ce:59:89:
6b:02:3d:3a:af:f4:b0:a7:e3:ef:d9:39:c5:77:c4:
4e:78:bd:71:6c:59:b6:49:36:a3:32:e6:ef:82:fd:
93:11:a8:5d:53:b9:89:dd:20:90:8b:fb:b0:cf:3f:
2a:fa:e4:1f:a4:2b:f6:8c:f4:c0:9c:19:28:b9:75:
d9:03:18:e9:29:b1:32:c7:04:a0:de:b9:c9:f7:e9:
5e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B0:58:0C:DB:00:40:E5:7C:3B:5D:96:13:69:51:5E:07:15:82:D4
X509v3 Authority Key Identifier:
keyid:38:48:88:5C:97:02:EA:C1:F3:D0:12:63:E6:D3:E5:44:49:EE:21:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEiIXJcC6sHz0BJj5tPlREnuIVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/xbBYDNsAQOV8O12WE2lRXgcVgtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/OEiIXJcC6sHz0BJj5tPlREnuIVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.139.0/24
IPv6:
2a11:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:a6:49:31:5b:5d:b8:69:a5:6b:1b:6f:b6:24:68:d2:34:d7:
5b:c6:1d:c7:85:7d:c6:8c:10:53:2c:04:50:38:3d:93:41:78:
b5:a7:fa:36:37:ae:eb:6a:bf:4c:b9:99:fc:1d:6d:40:18:21:
b3:9c:a8:2b:04:4d:eb:36:e4:78:d0:7e:6c:84:c2:33:a5:02:
e0:fe:a4:a5:83:35:55:fc:2e:2b:a2:ba:c5:10:9c:f5:74:2e:
41:e7:b8:f9:22:2d:53:3b:d0:d9:82:ff:18:0d:01:46:76:7e:
a8:fe:57:19:df:77:d5:9a:45:aa:64:2e:73:ea:81:bc:d5:93:
f9:40:c4:0d:eb:1a:04:f7:5b:f7:68:a0:77:1a:7e:fd:c6:43:
6d:75:55:86:53:da:4c:a4:bc:af:6d:eb:2c:82:b4:2a:7a:4c:
13:7c:10:29:ce:14:ce:15:50:a6:4d:0b:dc:10:c9:1e:fe:ae:
95:8d:32:98:c3:be:c7:7a:a0:99:ab:2e:53:db:77:29:14:d5:
b8:cc:0c:7d:27:b4:7a:42:1c:1b:5f:9b:0c:3f:27:14:4b:b9:
79:5a:89:36:6a:1a:87:1a:ba:c6:27:a7:78:66:68:36:07:10:
62:04:09:0f:4b:d5:5b:7e:d7:1d:34:28:10:3f:57:9d:eb:50:
0c:25:1d:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvdTv2wCc93VW1bL/jVz/ecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg4ODVjOTcwMmVhYzFmM2QwMTI2M2U2ZDNlNTQ0NDll
ZTIxNTQwHhcNMjMxMTE3MTI0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWIwNTgwY2RiMDA0MGU1N2MzYjVkOTYxMzY5NTE1ZTA3MTU4MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC3ODPzivyZklZ9ex9MS9WQwVnZG
WH7swojZJNJJe+WQBc5x8fcC4PVc2re3irz4VEz18wKHi+lwO0ME/yCKScFdIJv+
0gt7ESCBGRXlbVn2rgAwsDnlab0vwFmhTOrxKul8//ANtnm3+zlOy9pL1iejuahe
XMUZ+yZalNdwexAI7T94FHswMElFT3TU/XrOrkGg9wfgDFATEiYnm056J8xdK22a
z0ptpSbYaUEbXpvOWYlrAj06r/Swp+Pv2TnFd8ROeL1xbFm2STajMubvgv2TEahd
U7mJ3SCQi/uwzz8q+uQfpCv2jPTAnBkouXXZAxjpKbEyxwSg3rnJ9+lecwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMWwWAzbAEDlfDtdlhNpUV4HFYLUMB8GA1UdIwQY
MBaAFDhIiFyXAurB89ASY+bT5URJ7iFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VpSVhKY0M2c0h6MEJKajV0UGxSRW51SVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zN2JkYjctOWI5My00NmFiLTlhMTUt
NDJhNDhkYmMyNTIxLzEveGJCWUROc0FRT1Y4TzEyV0UybFJYZ2NWZ3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zN2JkYjctOWI5My00NmFiLTlhMTUtNDJhNDhkYmMyNTIx
LzEvT0VpSVhKY0M2c0h6MEJKajV0UGxSRW51SVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvECLMA0E
AgACMAcDBQMqEQ/AMA0GCSqGSIb3DQEBCwUAA4IBAQBdpkkxW124aaVrG2+2JGjS
NNdbxh3HhX3GjBBTLARQOD2TQXi1p/o2N67rar9MuZn8HW1AGCGznKgrBE3rNuR4
0H5shMIzpQLg/qSlgzVV/C4rorrFEJz1dC5B57j5Ii1TO9DZgv8YDQFGdn6o/lcZ
33fVmkWqZC5z6oG81ZP5QMQN6xoE91v3aKB3Gn79xkNtdVWGU9pMpLyvbessgrQq
ekwTfBApzhTOFVCmTQvcEMke/q6VjTKYw77HeqCZqy5T23cpFNW4zAx9J7R6Qhwb
X5sMPycUS7l5Wok2ahqHGrrGJ6d4Zmg2BxBiBAkPS9VbftcdNCgQP1ed61AMJR3S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org