Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2FiPgbj1x97nb6nRqSDvfi_MCvo.roa
File: 2FiPgbj1x97nb6nRqSDvfi_MCvo.roa (raw, json)
Hash identifier: 1+OdnhM4cOmqqFiB8YNLqIiGmaIdFtwSop8+BwRhUl8=
Subject key identifier: D8:58:8F:81:B8:F5:C7:DE:E7:6F:A9:D1:A9:20:EF:7E:2F:CC:0A:FA
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018EA9A607D2C8668B56EB168221B5F90C7E
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2FiPgbj1x97nb6nRqSDvfi_MCvo.roa
Signing time: Thu 04 Apr 2024 15:06:54 +0000
ROA not before: Thu 04 Apr 2024 15:06:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
188.209.133.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 21:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:a6:07:d2:c8:66:8b:56:eb:16:82:21:b5:f9:0c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Apr 4 15:06:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8588f81b8f5c7dee76fa9d1a920ef7e2fcc0afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:3d:7c:d1:a5:82:31:d9:b5:1b:65:68:d5:
00:07:d6:69:8c:c8:7e:f5:af:92:22:33:93:1f:d8:
c1:d7:5d:59:66:e6:b7:47:c4:40:0d:60:a6:0c:21:
27:bd:f0:b3:af:67:2f:52:c2:bf:e6:66:9d:2c:b3:
7d:ec:99:75:0e:f9:e1:38:da:b8:0e:fd:9d:8d:2b:
de:f2:88:af:c5:1b:81:20:3e:60:86:7a:79:19:54:
8e:99:9b:1d:f5:71:06:b1:28:75:6e:3c:04:35:be:
30:61:a4:19:dd:3d:74:30:c4:e7:88:09:b4:52:1c:
c9:3a:78:20:af:a2:b5:08:27:1a:5c:50:49:4a:a3:
17:e9:e5:7c:16:42:dc:88:1c:9c:b0:f8:08:28:7d:
77:be:55:ce:af:b9:ea:50:f9:46:e5:47:8d:86:ec:
3d:74:37:0b:ab:09:57:1a:b5:71:36:31:9d:f3:37:
77:3d:8e:27:e8:88:41:48:64:fd:a9:d4:0c:76:05:
10:f8:dc:5d:05:63:70:e9:9a:86:8e:ec:e3:fb:5e:
51:00:1d:1b:da:91:8a:0f:48:82:2c:e8:74:99:4c:
20:b6:18:b3:33:7a:f1:ae:c6:be:71:54:b2:91:ca:
35:c3:1f:7f:fe:4e:d0:f5:3e:4d:2c:8f:a6:6e:db:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:58:8F:81:B8:F5:C7:DE:E7:6F:A9:D1:A9:20:EF:7E:2F:CC:0A:FA
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2FiPgbj1x97nb6nRqSDvfi_MCvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5c:4b:2b:77:07:99:e9:91:bc:bd:cd:46:99:32:45:54:b2:
65:0a:41:80:e9:c7:ba:17:ee:9a:fc:08:49:f1:cc:0e:de:d2:
f9:aa:95:24:71:bf:ea:15:9c:5a:40:fa:0e:34:65:5b:dd:f5:
ae:d7:fa:d3:ac:7b:db:78:99:76:21:d1:29:0d:33:a3:26:58:
c2:4f:ba:53:a1:a8:91:40:68:e3:40:6f:73:56:00:7e:87:b4:
ec:c4:9f:82:83:fb:6b:18:d0:1e:f2:72:79:23:20:75:66:54:
0c:f3:34:4e:f0:bf:03:69:80:fd:bb:d0:7a:7c:67:3b:e2:b6:
2e:00:88:6e:08:12:93:62:93:a9:5a:5d:04:91:dd:eb:fc:68:
a7:8b:38:06:e9:6b:df:27:46:84:18:00:3f:0f:0d:0f:bf:fc:
cb:c5:5e:ab:46:8e:4d:9e:bb:4a:1a:38:a8:a4:50:84:6b:fc:
f6:5e:f3:f9:73:97:48:ad:9e:b7:31:3c:72:de:9e:41:a6:38:
76:2a:bf:ab:ac:4d:d4:5e:80:bd:fa:54:5c:04:fd:dc:3c:10:
ca:5a:70:2d:3d:9d:a1:8d:37:23:0d:c7:88:3f:01:3b:04:82:
6d:66:95:47:d3:f1:8b:1e:fe:bd:90:70:df:38:00:ac:25:fa:
79:a3:00:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6ppgfSyGaLVusWgiG1+Qx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNDA0MTUwNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU4OGY4MWI4ZjVjN2RlZTc2ZmE5ZDFhOTIwZWY3ZTJmY2MwYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQI9fNGlgjHZtRtlaNUAB9ZpjMh+
9a+SIjOTH9jB111ZZua3R8RADWCmDCEnvfCzr2cvUsK/5madLLN97Jl1DvnhONq4
Dv2djSve8oivxRuBID5ghnp5GVSOmZsd9XEGsSh1bjwENb4wYaQZ3T10MMTniAm0
UhzJOnggr6K1CCcaXFBJSqMX6eV8FkLciBycsPgIKH13vlXOr7nqUPlG5UeNhuw9
dDcLqwlXGrVxNjGd8zd3PY4n6IhBSGT9qdQMdgUQ+NxdBWNw6ZqGjuzj+15RAB0b
2pGKD0iCLOh0mUwgthizM3rxrsa+cVSykco1wx9//k7Q9T5NLI+mbtsDEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNhYj4G49cfe52+p0akg734vzAr6MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMkZpUGdiajF4OTduYjZuUnFTRHZmaV9NQ3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvNGEAwQA
vNGLMA0GCSqGSIb3DQEBCwUAA4IBAQBqXEsrdweZ6ZG8vc1GmTJFVLJlCkGA6ce6
F+6a/AhJ8cwO3tL5qpUkcb/qFZxaQPoONGVb3fWu1/rTrHvbeJl2IdEpDTOjJljC
T7pToaiRQGjjQG9zVgB+h7TsxJ+Cg/trGNAe8nJ5IyB1ZlQM8zRO8L8DaYD9u9B6
fGc74rYuAIhuCBKTYpOpWl0Ekd3r/GinizgG6WvfJ0aEGAA/Dw0Pv/zLxV6rRo5N
nrtKGjiopFCEa/z2XvP5c5dIrZ63MTxy3p5Bpjh2Kr+rrE3UXoC9+lRcBP3cPBDK
WnAtPZ2hjTcjDceIPwE7BIJtZpVH0/GLHv69kHDfOACsJfp5owDs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org