Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-URuwTYCjTB5XfKwSqw54BfMk6k.roa
File: 1-URuwTYCjTB5XfKwSqw54BfMk6k.roa (raw, json)
Hash identifier: G3g8zpTSyC/cNz6TeTn+jwETVXWKXBZEBdViVwnZCDA=
Subject key identifier: F9:44:6E:C1:36:02:8D:30:79:5D:F2:B0:4A:AC:39:E0:17:CC:93:A9
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01911DFF6D80C5F919F19651A119D9E4C272
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-URuwTYCjTB5XfKwSqw54BfMk6k.roa
Signing time: Sun 04 Aug 2024 15:26:04 +0000
ROA not before: Sun 04 Aug 2024 15:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.130.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:ff:6d:80:c5:f9:19:f1:96:51:a1:19:d9:e4:c2:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 4 15:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9446ec136028d30795df2b04aac39e017cc93a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:5e:57:3f:ab:78:76:fa:32:57:6d:fa:c0:
2e:cc:ef:28:c7:81:45:0c:6f:22:54:f6:ca:6f:27:
88:55:07:b2:d4:7c:ef:74:99:e0:37:6d:e2:3f:be:
8f:26:64:21:03:6a:f4:e1:06:16:d8:b7:43:19:e2:
6d:1c:6c:eb:59:78:a1:98:9f:09:ad:4a:f5:3b:89:
92:1d:66:6c:65:76:03:f1:8c:0e:1f:d7:c3:39:c9:
df:42:26:d5:1e:9a:05:e7:24:b7:53:86:00:db:13:
48:4c:66:c6:64:35:cf:a5:1b:f9:3a:a8:25:85:5a:
81:e3:47:1a:00:22:ce:71:c6:3f:64:ee:7d:21:68:
03:53:1d:d5:47:66:5a:32:b7:55:9d:3e:75:81:47:
dd:f2:c9:9b:5c:b9:7b:c1:3c:50:69:c8:4e:dc:55:
43:59:3b:9d:2f:31:8d:51:bc:29:c6:fe:d8:db:26:
86:4d:0a:e7:0a:d0:94:a0:ab:66:db:ed:16:ee:57:
39:ac:0d:a4:3e:90:ce:18:22:37:e9:06:c5:15:7b:
c6:e1:ce:d4:51:e5:b6:e2:06:4b:8b:74:a6:11:3b:
26:04:5c:0b:9b:08:3d:9d:9e:10:e4:6b:08:92:01:
81:db:3e:60:e8:9f:42:13:6d:f1:7c:65:dd:56:39:
86:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:44:6E:C1:36:02:8D:30:79:5D:F2:B0:4A:AC:39:E0:17:CC:93:A9
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-URuwTYCjTB5XfKwSqw54BfMk6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
34:85:79:40:70:f8:19:98:d8:56:32:6b:d9:ce:21:aa:a9:ce:
46:1a:8d:33:a3:0e:17:e6:4e:73:07:7d:be:07:48:f6:97:cc:
05:3a:95:f8:dd:45:04:b7:11:5b:56:9a:2d:2e:b6:e8:1d:78:
1e:b1:93:ff:cb:cb:06:80:f7:a9:0e:d1:dd:3a:38:ec:54:82:
a8:1e:36:c2:65:6b:56:c0:b5:59:73:33:95:38:5e:01:d8:52:
06:1f:4a:47:c0:c1:43:0b:03:1b:82:1d:63:5b:66:10:9a:05:
32:2e:a1:f3:8c:0e:44:be:58:42:f0:43:2f:eb:84:79:f2:de:
1b:ba:70:22:07:ab:ce:b0:c4:c4:5a:61:28:d6:6e:9f:ac:10:
22:7e:b8:f2:ff:dd:c5:c4:88:5a:a4:d7:c1:01:25:53:bb:2a:
e8:4f:c6:e9:01:7a:3f:cb:df:46:04:3b:00:11:3a:24:11:80:
f3:62:bd:42:7c:54:2d:5d:7e:9a:89:c9:ea:1f:7b:1f:e8:80:
7c:77:cc:a7:b5:0f:31:d4:26:94:fc:47:b1:8c:b9:fb:20:4b:
67:fc:4e:2b:84:55:7f:0d:01:45:40:ad:65:d3:05:23:d8:cd:
cb:93:dc:ae:38:5b:22:c7:39:a6:e1:41:bc:7d:bc:33:34:98:
16:ea:e8:b3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZEd/22AxfkZ8ZZRoRnZ5MJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwODA0MTUyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ0NmVjMTM2MDI4ZDMwNzk1ZGYyYjA0YWFjMzllMDE3Y2M5M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3BeVz+reHb6Mldt+sAuzO8ox4FF
DG8iVPbKbyeIVQey1HzvdJngN23iP76PJmQhA2r04QYW2LdDGeJtHGzrWXihmJ8J
rUr1O4mSHWZsZXYD8YwOH9fDOcnfQibVHpoF5yS3U4YA2xNITGbGZDXPpRv5Oqgl
hVqB40caACLOccY/ZO59IWgDUx3VR2ZaMrdVnT51gUfd8smbXLl7wTxQachO3FVD
WTudLzGNUbwpxv7Y2yaGTQrnCtCUoKtm2+0W7lc5rA2kPpDOGCI36QbFFXvG4c7U
UeW24gZLi3SmETsmBFwLmwg9nZ4Q5GsIkgGB2z5g6J9CE23xfGXdVjmGjwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlEbsE2Ao0weV3ysEqsOeAXzJOpMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMS1VUnV3VFlDalRCNVhmS3dTcXc1NEJmTWs2ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVj
NS8xLzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA7zRgAME
AMIPYTANBgkqhkiG9w0BAQsFAAOCAQEANIV5QHD4GZjYVjJr2c4hqqnORhqNM6MO
F+ZOcwd9vgdI9pfMBTqV+N1FBLcRW1aaLS626B14HrGT/8vLBoD3qQ7R3To47FSC
qB42wmVrVsC1WXMzlTheAdhSBh9KR8DBQwsDG4IdY1tmEJoFMi6h84wORL5YQvBD
L+uEefLeG7pwIgerzrDExFphKNZun6wQIn648v/dxcSIWqTXwQElU7sq6E/G6QF6
P8vfRgQ7ABE6JBGA82K9QnxULV1+monJ6h97H+iAfHfMp7UPMdQmlPxHsYy5+yBL
Z/xOK4RVfw0BRUCtZdMFI9jNy5PcrjhbIsc5puFBvH28MzSYFurosw==
-----END CERTIFICATE-----
Generated at Thu Aug 8 15:19:00 2024 by rpki-client on console-ams.rpki-client.org