Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3ou432ZpOwJmQ41kA7HjnmQhefI.roa
File: 3ou432ZpOwJmQ41kA7HjnmQhefI.roa (raw, json)
Hash identifier: aOxFFzFT06m6rsQw8PtsOCrgBT0espfMT8F7mNbxTUw=
Subject key identifier: DE:8B:B8:DF:66:69:3B:02:66:43:8D:64:03:B1:E3:9E:64:21:79:F2
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018DE433AD078BC66C9683BF334DB3427675
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3ou432ZpOwJmQ41kA7HjnmQhefI.roa
Signing time: Mon 26 Feb 2024 06:56:48 +0000
ROA not before: Mon 26 Feb 2024 06:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
188.209.136.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 03:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:33:ad:07:8b:c6:6c:96:83:bf:33:4d:b3:42:76:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 26 06:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de8bb8df66693b0266438d6403b1e39e642179f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:27:8a:f8:14:8b:c8:0c:ec:b7:58:b7:2c:0f:
41:5d:41:b1:54:40:8a:2d:86:e6:7e:5b:fd:53:94:
54:af:40:e1:b1:f7:24:02:ee:88:58:80:7e:21:cd:
fd:88:99:c0:68:dd:17:27:1a:3c:43:64:3e:ff:52:
a5:fd:a2:ce:fd:4e:e3:76:bf:3c:f8:b5:24:cb:71:
5b:85:f7:a0:f4:d3:33:fc:3c:8d:3b:6c:52:0a:0b:
a5:41:63:7e:b6:5b:25:13:9f:19:e9:76:e3:51:0c:
f9:d1:ec:37:2b:62:f6:3d:36:b5:ce:80:f5:5b:67:
f8:33:32:b7:3e:e7:3c:f3:cc:27:e9:05:00:c8:ba:
29:48:8e:7e:3f:0e:03:8c:b9:a5:3a:5a:47:0e:8e:
8a:8f:ca:4c:8d:19:d4:c3:40:c9:31:48:14:b5:ed:
ab:ba:1a:b3:14:f2:d0:02:2c:60:98:8f:e3:7d:46:
a5:7a:6e:e1:9d:b6:a5:30:89:fb:3a:46:b9:b4:36:
fe:f8:47:13:67:30:c3:1a:c9:b2:f6:d7:82:f0:50:
7a:44:67:ae:47:d9:f1:4b:06:48:16:fd:e0:97:f6:
6c:5f:c9:27:c6:32:c6:48:f9:cf:61:52:48:ce:9a:
c2:bc:2e:93:f6:54:5f:d2:8e:4e:54:fa:d7:99:26:
fa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8B:B8:DF:66:69:3B:02:66:43:8D:64:03:B1:E3:9E:64:21:79:F2
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3ou432ZpOwJmQ41kA7HjnmQhefI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0-188.209.139.255
Signature Algorithm: sha256WithRSAEncryption
7e:61:2e:46:3a:b7:5f:94:71:f9:9b:76:c6:8d:6c:0a:37:7b:
3b:2e:7a:67:7c:bb:32:38:f3:b0:b6:8d:3e:e9:8c:d7:af:55:
04:c6:8c:bf:a2:d9:89:e4:db:9e:d6:43:be:30:4a:97:34:db:
5f:06:14:35:26:29:6c:5a:bc:1e:4f:54:75:75:67:61:d9:45:
fe:68:84:e4:be:e1:10:43:c8:ba:d4:fc:09:09:e9:bf:bf:45:
9f:1a:08:8c:ac:0a:b0:e3:eb:df:07:81:73:ee:ce:33:ed:70:
ad:67:00:0e:ea:1e:0e:34:a7:f2:a0:50:ba:87:f4:9c:38:a5:
75:5a:a1:55:41:9c:6f:bc:2c:f3:63:ec:c5:02:ef:ef:66:0c:
41:42:6b:12:94:a8:70:2c:90:3c:19:f5:c5:98:f0:3a:82:95:
ad:d3:c7:4f:a6:26:06:bf:4b:e8:ae:38:42:bf:76:20:89:c7:
88:b3:e5:ed:8a:d4:50:b2:e9:63:30:8c:5b:1d:09:71:89:bf:
f0:43:8c:7b:50:04:02:7a:35:c5:b9:5e:d6:75:68:3a:78:17:
1f:96:86:97:73:e1:26:8a:02:d5:9b:33:47:7a:d3:d0:ca:a1:
98:13:94:bc:26:85:28:28:92:1e:78:ef:51:34:d2:fd:9f:0b:
78:d6:16:91
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3kM60Hi8ZsloO/M02zQnZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjI2MDY1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThiYjhkZjY2NjkzYjAyNjY0MzhkNjQwM2IxZTM5ZTY0MjE3OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCeK+BSLyAzst1i3LA9BXUGxVECK
LYbmflv9U5RUr0DhsfckAu6IWIB+Ic39iJnAaN0XJxo8Q2Q+/1Kl/aLO/U7jdr88
+LUky3Fbhfeg9NMz/DyNO2xSCgulQWN+tlslE58Z6XbjUQz50ew3K2L2PTa1zoD1
W2f4MzK3Puc888wn6QUAyLopSI5+Pw4DjLmlOlpHDo6Kj8pMjRnUw0DJMUgUte2r
uhqzFPLQAixgmI/jfUalem7hnbalMIn7Oka5tDb++EcTZzDDGsmy9teC8FB6RGeu
R9nxSwZIFv3gl/ZsX8knxjLGSPnPYVJIzprCvC6T9lRf0o5OVPrXmSb66QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN6LuN9maTsCZkONZAOx455kIXnyMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvM291NDMyWnBPd0ptUTQxa0E3SGpubVFoZWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK80YQD
BAK80YgwDQYJKoZIhvcNAQELBQADggEBAH5hLkY6t1+UcfmbdsaNbAo3ezsuemd8
uzI487C2jT7pjNevVQTGjL+i2Ynk257WQ74wSpc0218GFDUmKWxavB5PVHV1Z2HZ
Rf5ohOS+4RBDyLrU/AkJ6b+/RZ8aCIysCrDj698HgXPuzjPtcK1nAA7qHg40p/Kg
ULqH9Jw4pXVaoVVBnG+8LPNj7MUC7+9mDEFCaxKUqHAskDwZ9cWY8DqCla3Tx0+m
Jga/S+iuOEK/diCJx4iz5e2K1FCy6WMwjFsdCXGJv/BDjHtQBAJ6NcW5XtZ1aDp4
Fx+Whpdz4SaKAtWbM0d609DKoZgTlLwmhSgokh5471E00v2fC3jWFpE=
-----END CERTIFICATE-----
Generated at Sat Mar 2 04:08:41 2024 by rpki-client on console-fra.rpki-client.org