Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2hpccr7uFtEVLdwIxVfwpwWvdgk.roa
File: 2hpccr7uFtEVLdwIxVfwpwWvdgk.roa (raw, json)
Hash identifier: NZhlbwZwvoritXz+SFmMcgIUcYoPkKb5i0RvCx9gNBI=
Subject key identifier: DA:1A:5C:72:BE:EE:16:D1:15:2D:DC:08:C5:57:F0:A7:05:AF:76:09
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018F4E82F6AC67892971C6DE6415997EF776
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2hpccr7uFtEVLdwIxVfwpwWvdgk.roa
Signing time: Mon 06 May 2024 15:25:56 +0000
ROA not before: Mon 06 May 2024 15:25:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 188.209.133.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 17:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:82:f6:ac:67:89:29:71:c6:de:64:15:99:7e:f7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 6 15:25:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da1a5c72beee16d1152ddc08c557f0a705af7609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:39:17:7d:63:c8:7a:06:87:10:a3:96:a3:e7:
25:9a:e0:15:73:c9:4d:54:67:e6:05:bf:ab:73:0b:
e5:31:a3:6f:90:bf:bc:ab:5f:ca:5f:07:ce:fc:26:
92:98:04:18:43:9d:71:1d:29:d9:f9:c8:b5:4a:97:
f2:a7:d0:d9:f2:ad:b2:3a:92:a2:fd:69:05:77:40:
90:a3:9c:ba:55:b5:f4:ce:52:c2:64:a8:81:39:c5:
a3:61:41:eb:6a:4a:4f:f4:8c:6b:23:e7:c0:66:27:
d1:a1:a2:00:2d:e5:cb:dc:47:7c:dc:21:cd:3a:d9:
67:bb:43:1b:25:2a:9a:5f:54:6a:8f:4b:b6:35:15:
b7:a0:33:94:f5:89:6e:3a:89:77:49:d7:9b:b2:0b:
5b:99:23:63:5f:31:5e:44:4c:5f:c9:8d:bd:47:63:
10:9f:f0:e6:d8:1d:5a:3f:8d:b6:36:6c:e2:6c:46:
ca:69:6d:54:16:43:b4:1a:cd:91:d8:d3:66:99:9c:
b2:f4:fb:23:60:b8:f1:06:f2:44:b7:2c:62:b7:a9:
1b:f7:9c:38:97:0c:3f:25:18:73:7f:bd:ed:5c:fd:
a1:0d:a6:4a:eb:e4:44:f5:52:2e:32:2e:1a:d1:37:
74:9f:3a:fc:18:12:bf:f1:8b:16:38:a5:a3:e9:24:
85:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1A:5C:72:BE:EE:16:D1:15:2D:DC:08:C5:57:F0:A7:05:AF:76:09
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2hpccr7uFtEVLdwIxVfwpwWvdgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.133.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
82:11:66:cb:56:4f:bc:d9:3f:46:cd:a1:29:c9:2c:f4:bb:62:
5c:0b:9c:6c:ac:56:6f:6a:62:6d:cc:67:ad:5e:13:53:0f:23:
c5:d0:f0:3c:d8:98:da:70:cd:d6:44:1b:96:38:22:25:7d:14:
65:49:21:5c:32:aa:b6:13:a9:06:12:1f:3f:7f:97:b5:d8:d3:
6c:de:73:74:db:3b:39:0a:ca:a8:6a:e9:c2:b0:1f:32:20:a8:
39:ff:c1:7b:8c:66:c1:5b:d0:67:a3:7c:39:22:20:3c:f3:a3:
c7:9e:c9:10:08:c3:05:9c:d7:74:84:e0:f0:b3:aa:42:d3:a0:
98:20:7f:72:b0:a5:00:8c:34:9f:e5:fb:39:59:ff:15:70:28:
f9:51:1f:4d:24:c5:1b:13:3c:fe:e5:0d:79:18:b6:49:32:d3:
28:2b:86:83:cb:0b:37:da:ad:8a:60:f4:93:7d:3e:29:f4:11:
a8:35:54:ec:c4:3e:c7:a0:5a:31:f5:77:8f:50:5b:61:eb:72:
a2:cb:47:bb:22:c2:45:7f:b3:5d:29:81:f7:f7:d4:dc:ce:ff:
07:1b:b0:57:c2:14:dc:1b:b3:1f:3c:c6:30:31:a5:c0:03:1b:
57:be:22:c7:2e:fc:30:f5:78:3b:ad:04:bb:a0:6f:30:90:4f:
b2:26:0b:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9OgvasZ4kpccbeZBWZfvd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNTA2MTUyNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTFhNWM3MmJlZWUxNmQxMTUyZGRjMDhjNTU3ZjBhNzA1YWY3NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TkXfWPIegaHEKOWo+clmuAVc8lN
VGfmBb+rcwvlMaNvkL+8q1/KXwfO/CaSmAQYQ51xHSnZ+ci1Spfyp9DZ8q2yOpKi
/WkFd0CQo5y6VbX0zlLCZKiBOcWjYUHrakpP9IxrI+fAZifRoaIALeXL3Ed83CHN
Otlnu0MbJSqaX1Rqj0u2NRW3oDOU9YluOol3SdebsgtbmSNjXzFeRExfyY29R2MQ
n/Dm2B1aP422NmzibEbKaW1UFkO0Gs2R2NNmmZyy9PsjYLjxBvJEtyxit6kb95w4
lww/JRhzf73tXP2hDaZK6+RE9VIuMi4a0Td0nzr8GBK/8YsWOKWj6SSFYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNoaXHK+7hbRFS3cCMVX8KcFr3YJMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMmhwY2NyN3VGdEVWTGR3SXhWZndwd1d2ZGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNGFAwQA
vNGLMA0GCSqGSIb3DQEBCwUAA4IBAQCCEWbLVk+82T9GzaEpySz0u2JcC5xsrFZv
amJtzGetXhNTDyPF0PA82JjacM3WRBuWOCIlfRRlSSFcMqq2E6kGEh8/f5e12NNs
3nN02zs5CsqoaunCsB8yIKg5/8F7jGbBW9Bno3w5IiA886PHnskQCMMFnNd0hODw
s6pC06CYIH9ysKUAjDSf5fs5Wf8VcCj5UR9NJMUbEzz+5Q15GLZJMtMoK4aDyws3
2q2KYPSTfT4p9BGoNVTsxD7HoFox9XePUFth63Kiy0e7IsJFf7NdKYH399Tczv8H
G7BXwhTcG7MfPMYwMaXAAxtXviLHLvww9Xg7rQS7oG8wkE+yJgvU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org