Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-5CEX-TEXRSBX104joj_YPHBnBw.roa
File: 1-5CEX-TEXRSBX104joj_YPHBnBw.roa (raw, json)
Hash identifier: tdNsMba5/gDJK/MRVPuuaCl6LeM0JRNLoVpvxBrdiTU=
Subject key identifier: FB:90:84:5F:E4:C4:5D:14:81:5F:5D:38:8E:88:FF:60:F1:C1:9C:1C
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018F403FD721795D43A56119CD3EAF7B9877
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-5CEX-TEXRSBX104joj_YPHBnBw.roa
Signing time: Fri 03 May 2024 20:57:56 +0000
ROA not before: Fri 03 May 2024 20:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 998
IP address blocks: 188.209.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 15:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:40:3f:d7:21:79:5d:43:a5:61:19:cd:3e:af:7b:98:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 3 20:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb90845fe4c45d14815f5d388e88ff60f1c19c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:21:2a:19:e5:f0:1c:95:b8:18:de:3e:1d:d6:
32:2e:a4:79:a7:7d:74:20:0e:2c:a6:2b:fb:dd:ad:
d2:4a:19:05:fc:e6:ee:91:09:38:0f:c6:15:46:16:
7b:d9:3a:91:f5:58:e8:6e:1c:d1:0d:65:ea:4c:c6:
ac:fb:09:62:17:0d:a4:ab:38:4a:4e:40:5d:6a:d8:
d4:ed:14:bd:54:0b:5d:67:82:af:80:98:de:11:9a:
d4:e7:02:55:37:f2:45:f3:f1:ff:52:cf:58:7b:fa:
cf:f5:51:1c:cd:4e:d8:7d:12:46:cd:87:fc:17:c5:
2a:59:02:aa:29:cd:71:5f:99:0f:e3:cd:f1:75:c1:
b8:b6:6f:a0:24:5c:e8:4e:6f:eb:78:d3:84:c1:9b:
91:77:6e:b6:6c:bf:ba:d9:7d:b5:53:6b:af:af:1a:
11:51:9e:fc:2f:9f:38:db:97:47:b0:84:31:9c:46:
91:b0:10:de:b8:99:1b:d0:89:3f:cc:2a:4b:f2:b3:
5e:8b:01:f6:91:61:80:bb:fa:25:52:e4:42:a0:e8:
a5:97:72:c8:45:30:08:a5:04:57:c8:42:f7:54:ea:
ac:ba:d7:b1:09:51:f1:5d:66:0b:0d:64:24:61:a8:
fb:fc:b7:63:62:85:82:4a:15:48:ea:ac:9d:53:54:
91:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:90:84:5F:E4:C4:5D:14:81:5F:5D:38:8E:88:FF:60:F1:C1:9C:1C
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-5CEX-TEXRSBX104joj_YPHBnBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.136.0/24
Signature Algorithm: sha256WithRSAEncryption
06:a2:7c:5d:38:23:d2:ee:f4:6e:5d:77:85:68:3b:2f:da:a8:
f1:f3:33:38:85:46:b5:d3:70:3b:95:a0:d6:44:b2:2b:b0:72:
fb:73:9f:1a:0b:0b:6d:07:45:6d:7d:e1:cc:e0:c0:02:e9:25:
e4:15:62:ca:3f:f1:65:29:39:38:f6:b5:28:6a:f8:8e:c4:6b:
00:bc:fd:c2:d8:fe:78:7f:fb:d5:d6:e6:78:31:2a:1e:f5:c0:
a2:15:a6:a1:46:1c:23:7a:f4:28:47:15:82:02:5e:78:5e:1d:
33:21:33:c7:5b:08:34:70:7e:c2:6b:dc:be:19:24:78:8b:98:
af:e5:0f:08:18:f9:c1:69:ca:b5:e9:c2:b2:f4:d3:52:6b:17:
e4:11:b7:2d:88:14:2a:b6:59:f6:ed:e9:af:ff:3a:52:8d:72:
fc:fe:29:2c:81:45:aa:01:b2:c1:56:41:82:64:65:33:50:61:
aa:71:32:34:d7:04:e9:5d:d7:4e:7c:5c:84:c8:a6:73:b6:08:
9a:83:c0:11:9b:7d:82:c8:26:d5:cf:23:13:c9:1a:b4:91:89:
e7:19:29:4b:0b:ba:de:ab:9c:0c:6c:dd:2a:48:a1:64:1e:ab:
af:de:19:d1:6a:58:bc:e3:1f:cb:98:dc:cd:e6:88:42:34:2f:
3f:a4:bb:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY9AP9cheV1DpWEZzT6ve5h3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNTAzMjA1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjkwODQ1ZmU0YzQ1ZDE0ODE1ZjVkMzg4ZTg4ZmY2MGYxYzE5YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSEqGeXwHJW4GN4+HdYyLqR5p310
IA4spiv73a3SShkF/ObukQk4D8YVRhZ72TqR9VjobhzRDWXqTMas+wliFw2kqzhK
TkBdatjU7RS9VAtdZ4KvgJjeEZrU5wJVN/JF8/H/Us9Ye/rP9VEczU7YfRJGzYf8
F8UqWQKqKc1xX5kP483xdcG4tm+gJFzoTm/reNOEwZuRd262bL+62X21U2uvrxoR
UZ78L58425dHsIQxnEaRsBDeuJkb0Ik/zCpL8rNeiwH2kWGAu/olUuRCoOill3LI
RTAIpQRXyEL3VOqsutexCVHxXWYLDWQkYaj7/LdjYoWCShVI6qydU1SRhwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuQhF/kxF0UgV9dOI6I/2DxwZwcMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMS01Q0VYLVRFWFJTQlgxMDRqb2pfWVBIQm5Cdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVj
NS8xLzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALzRiDAN
BgkqhkiG9w0BAQsFAAOCAQEABqJ8XTgj0u70bl13hWg7L9qo8fMzOIVGtdNwO5Wg
1kSyK7By+3OfGgsLbQdFbX3hzODAAukl5BViyj/xZSk5OPa1KGr4jsRrALz9wtj+
eH/71dbmeDEqHvXAohWmoUYcI3r0KEcVggJeeF4dMyEzx1sINHB+wmvcvhkkeIuY
r+UPCBj5wWnKtenCsvTTUmsX5BG3LYgUKrZZ9u3pr/86Uo1y/P4pLIFFqgGywVZB
gmRlM1BhqnEyNNcE6V3XTnxchMimc7YImoPAEZt9gsgm1c8jE8katJGJ5xkpSwu6
3qucDGzdKkihZB6rr94Z0WpYvOMfy5jczeaIQjQvP6S7LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org