Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-BnJOg0JbxcSQlvMuSt4I1A47AU.roa
File: 1-BnJOg0JbxcSQlvMuSt4I1A47AU.roa (raw, json)
Hash identifier: nM7La8mgnIbhpDOcQ80Cn4hBZcOOHPh1l5VYNGSeR9Y=
Subject key identifier: F8:19:C9:3A:0D:09:6F:17:12:42:5B:CC:B9:2B:78:23:50:38:EC:05
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01926884394C19CBE19FB4362DE72A9ACD81
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-BnJOg0JbxcSQlvMuSt4I1A47AU.roa
Signing time: Mon 07 Oct 2024 19:45:48 +0000
ROA not before: Mon 07 Oct 2024 19:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 11:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:68:84:39:4c:19:cb:e1:9f:b4:36:2d:e7:2a:9a:cd:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Oct 7 19:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f819c93a0d096f1712425bccb92b78235038ec05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:0d:a2:c2:e3:f9:f1:79:fa:0f:cf:a9:58:
d6:b0:6e:e2:e0:fd:c6:bc:e6:ca:dd:8c:98:5d:10:
ef:5e:f7:56:fd:70:d6:a8:08:09:2c:f3:67:5a:0c:
8f:6e:2c:85:f0:34:b1:1c:95:1f:ee:19:c7:22:bc:
03:96:b1:28:39:dd:c4:f4:31:b6:a0:24:a1:d4:ca:
ca:6f:2b:02:95:81:2d:7a:9e:81:64:f2:5f:90:6f:
d8:fd:56:e6:ff:f4:22:4c:63:59:fc:32:92:86:6f:
42:06:a0:bd:40:9c:6e:d5:72:98:0a:03:e5:d7:29:
4e:17:6c:93:21:da:6a:97:70:45:b8:fb:8c:66:ba:
25:ac:a9:b2:e3:88:58:ac:1a:ce:47:6e:35:31:73:
36:a2:1c:bf:5a:fa:87:12:b0:79:bf:1b:43:fa:15:
03:e2:a8:3a:fa:bb:94:e9:b7:06:c6:ef:41:78:27:
a4:13:19:3b:76:ea:d4:62:30:fb:05:93:8d:a6:18:
6b:32:39:46:4d:64:d8:a0:69:f1:c7:e9:41:af:db:
d3:ef:83:80:b5:85:29:75:ff:4d:82:a0:50:16:1d:
cc:aa:13:6e:e7:51:5f:10:23:67:b4:2f:7d:f6:1e:
26:f7:fc:c0:ef:c3:68:57:3a:01:a4:b2:eb:10:60:
3c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:19:C9:3A:0D:09:6F:17:12:42:5B:CC:B9:2B:78:23:50:38:EC:05
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-BnJOg0JbxcSQlvMuSt4I1A47AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
Signature Algorithm: sha256WithRSAEncryption
45:aa:78:f3:65:2f:f2:80:59:2a:87:05:48:c5:d5:19:0c:2f:
f1:e9:d9:d0:97:73:03:c4:f7:07:53:d1:0e:94:b6:7e:c4:ff:
23:af:cd:35:4d:d6:bb:c3:c9:09:1a:d7:e0:56:97:aa:e6:39:
25:4d:91:ba:02:47:7b:03:9e:6d:4e:03:25:d3:b5:63:bb:f7:
6a:d9:37:c6:bc:51:e4:3b:9d:65:03:ff:0a:59:5c:b3:af:29:
d6:08:bb:ad:36:01:54:9b:37:34:1b:9d:49:9c:48:41:a4:20:
88:d8:af:84:66:c9:c2:16:07:27:72:0e:cb:5d:20:4d:84:c6:
f7:dc:7a:e0:77:58:36:33:7b:8f:41:a9:96:e0:b0:72:7d:d8:
3d:5e:d1:fe:13:b0:31:b6:ae:67:44:69:73:c8:66:19:45:25:
ed:6b:d3:00:40:00:c3:ad:c7:bf:34:4b:d8:d1:70:d9:46:7f:
fc:48:d6:1b:7e:63:b7:3b:e9:a8:a7:82:5c:0f:92:92:63:47:
45:90:5f:5f:58:04:ac:1a:23:60:7c:c6:1a:9a:09:13:d9:25:
95:05:6a:4a:e8:f7:78:7a:36:49:c3:50:c4:63:fe:e9:95:b0:
7c:eb:05:64:e8:d5:04:78:d7:b5:f4:1a:55:ba:a3:f3:23:eb:
bf:18:65:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJohDlMGcvhn7Q2Lecqms2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQxMDA3MTk0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODE5YzkzYTBkMDk2ZjE3MTI0MjViY2NiOTJiNzgyMzUwMzhlYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMQNosLj+fF5+g/PqVjWsG7i4P3G
vObK3YyYXRDvXvdW/XDWqAgJLPNnWgyPbiyF8DSxHJUf7hnHIrwDlrEoOd3E9DG2
oCSh1MrKbysClYEtep6BZPJfkG/Y/Vbm//QiTGNZ/DKShm9CBqC9QJxu1XKYCgPl
1ylOF2yTIdpql3BFuPuMZrolrKmy44hYrBrOR241MXM2ohy/WvqHErB5vxtD+hUD
4qg6+ruU6bcGxu9BeCekExk7durUYjD7BZONphhrMjlGTWTYoGnxx+lBr9vT74OA
tYUpdf9NgqBQFh3MqhNu51FfECNntC999h4m9/zA78NoVzoBpLLrEGA8iQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgZyToNCW8XEkJbzLkreCNQOOwFMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMS1CbkpPZzBKYnhjU1Fsdk11U3Q0STFBNDdBVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVj
NS8xLzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArzRhDAN
BgkqhkiG9w0BAQsFAAOCAQEARap482Uv8oBZKocFSMXVGQwv8enZ0JdzA8T3B1PR
DpS2fsT/I6/NNU3Wu8PJCRrX4FaXquY5JU2RugJHewOebU4DJdO1Y7v3atk3xrxR
5DudZQP/Cllcs68p1gi7rTYBVJs3NBudSZxIQaQgiNivhGbJwhYHJ3IOy10gTYTG
99x64HdYNjN7j0GpluCwcn3YPV7R/hOwMbauZ0Rpc8hmGUUl7WvTAEAAw63HvzRL
2NFw2UZ//EjWG35jtzvpqKeCXA+SkmNHRZBfX1gErBojYHzGGpoJE9kllQVqSuj3
eHo2ScNQxGP+6ZWwfOsFZOjVBHjXtfQaVbqj8yPrvxhlag==
-----END CERTIFICATE-----
Generated at Thu Oct 17 16:48:32 2024 by rpki-client on console-ams.rpki-client.org