Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/74anLQUQa0j5lxzUhXTuAox2X5o.roa
File: 74anLQUQa0j5lxzUhXTuAox2X5o.roa (raw, json)
Hash identifier: TpViesWLgfjLloPb2vWgIRMUX4AKbDiBmnswzSdQLaE=
Subject key identifier: EF:86:A7:2D:05:10:6B:48:F9:97:1C:D4:85:74:EE:02:8C:76:5F:9A
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0190B0422076CF26CCEB2F93903C383E136E
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/74anLQUQa0j5lxzUhXTuAox2X5o.roa
Signing time: Sun 14 Jul 2024 08:00:41 +0000
ROA not before: Sun 14 Jul 2024 08:00:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 14:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b0:42:20:76:cf:26:cc:eb:2f:93:90:3c:38:3e:13:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 14 08:00:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef86a72d05106b48f9971cd48574ee028c765f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c7:f0:78:df:a4:2f:3d:a7:f4:48:cf:09:ca:
1e:81:32:b5:75:93:d9:00:2f:3e:cd:55:65:52:1e:
fe:95:f6:a9:29:99:ae:39:1f:4e:7e:5d:ae:f7:28:
1e:0a:ed:4e:33:66:92:8c:40:b8:9e:ae:c0:19:d8:
1e:b7:af:24:1f:76:68:3b:5b:4c:5d:2b:19:23:a5:
45:c3:7d:36:92:f0:fd:6a:03:e6:58:1d:f6:f7:41:
99:55:ef:35:f0:cb:18:3a:c1:9d:72:35:37:4d:73:
3c:5e:97:b3:04:ee:b0:bb:df:fd:3e:e1:62:29:b9:
dd:61:28:2d:92:c8:5a:d9:18:37:b1:ce:f3:e7:6e:
b7:75:45:96:f9:91:3e:08:da:a8:28:87:f4:50:8d:
19:73:a8:d3:47:1d:44:88:a9:46:56:61:b7:d5:aa:
cc:6a:5b:dc:ce:b0:9e:ef:15:eb:39:b0:48:ae:cf:
d4:d7:8c:c7:c8:66:b7:82:55:25:a0:47:5e:e6:0c:
28:52:3f:83:11:39:59:57:67:7d:6a:6c:de:ea:0d:
3b:83:31:1c:ea:54:1f:1a:08:11:a7:6f:9d:b3:92:
78:ff:6d:04:e2:83:b2:97:7a:ef:55:24:38:95:d2:
68:4c:73:2e:2a:d0:73:20:e1:ad:59:92:f7:05:6a:
38:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:86:A7:2D:05:10:6B:48:F9:97:1C:D4:85:74:EE:02:8C:76:5F:9A
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/74anLQUQa0j5lxzUhXTuAox2X5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:30:29:42:f7:63:88:75:88:5b:5a:85:ea:a7:ac:16:7e:47:
f2:ad:9c:7a:8e:2c:48:00:ef:51:46:2e:87:84:5d:f9:f5:4b:
71:0c:e1:31:81:84:8a:03:af:f5:84:9f:ef:98:90:ef:c0:07:
4a:e6:19:15:90:5a:b9:e8:55:d5:5e:9b:ec:f4:05:c9:7f:48:
a6:d6:70:82:e9:ca:e1:d0:ec:a4:b0:fe:fe:30:b6:11:6d:c2:
86:41:1a:2e:66:7c:80:7f:af:ae:a7:1e:cc:2c:d0:6a:53:3e:
eb:ba:8f:d5:ef:82:d5:4f:6c:69:93:79:8d:17:b4:73:7e:06:
93:cc:66:c2:de:bb:a3:85:a5:e2:5e:28:37:df:89:16:39:ce:
46:3e:a1:42:ad:e4:63:f6:8b:3a:b8:e9:90:cf:7b:f4:61:d9:
54:bb:a6:f7:a4:6c:03:92:5c:ef:5e:9d:00:f8:05:09:a0:02:
8a:50:b7:ec:22:d6:b4:63:cf:b5:16:04:67:52:c1:c7:32:58:
6d:c8:dd:41:c2:d2:fe:1d:43:87:4a:e8:be:01:77:8e:a2:2a:
bc:38:9e:1e:44:6b:dc:e4:7c:65:4a:c2:6f:07:e5:50:b6:8f:
bb:0a:fd:ad:1c:2f:46:cf:81:90:cc:47:2c:07:24:d1:67:df:
a9:e4:a4:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCwQiB2zybM6y+TkDw4PhNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNzE0MDgwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjg2YTcyZDA1MTA2YjQ4Zjk5NzFjZDQ4NTc0ZWUwMjhjNzY1ZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MfweN+kLz2n9EjPCcoegTK1dZPZ
AC8+zVVlUh7+lfapKZmuOR9Ofl2u9ygeCu1OM2aSjEC4nq7AGdget68kH3ZoO1tM
XSsZI6VFw302kvD9agPmWB3290GZVe818MsYOsGdcjU3TXM8XpezBO6wu9/9PuFi
KbndYSgtksha2Rg3sc7z5263dUWW+ZE+CNqoKIf0UI0Zc6jTRx1EiKlGVmG31arM
alvczrCe7xXrObBIrs/U14zHyGa3glUloEde5gwoUj+DETlZV2d9amze6g07gzEc
6lQfGggRp2+ds5J4/20E4oOyl3rvVSQ4ldJoTHMuKtBzIOGtWZL3BWo4MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO+Gpy0FEGtI+Zcc1IV07gKMdl+aMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvNzRhbkxRVVFhMGo1bHh6VWhYVHVBb3gyWDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQA
vNGLMA0GCSqGSIb3DQEBCwUAA4IBAQAqMClC92OIdYhbWoXqp6wWfkfyrZx6jixI
AO9RRi6HhF359UtxDOExgYSKA6/1hJ/vmJDvwAdK5hkVkFq56FXVXpvs9AXJf0im
1nCC6crh0OyksP7+MLYRbcKGQRouZnyAf6+upx7MLNBqUz7ruo/V74LVT2xpk3mN
F7RzfgaTzGbC3rujhaXiXig334kWOc5GPqFCreRj9os6uOmQz3v0YdlUu6b3pGwD
klzvXp0A+AUJoAKKULfsIta0Y8+1FgRnUsHHMlhtyN1BwtL+HUOHSui+AXeOoiq8
OJ4eRGvc5HxlSsJvB+VQto+7Cv2tHC9Gz4GQzEcsByTRZ9+p5KR0
-----END CERTIFICATE-----
Generated at Mon Jul 15 16:58:15 2024 by rpki-client on console-fra.rpki-client.org