Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/7kGQn8jqPzJ9U1wCsfw1IYga-aM.roa
File: 7kGQn8jqPzJ9U1wCsfw1IYga-aM.roa (raw, json)
Hash identifier: lG/X9A6OXUN+211fVL8BLkK4IWFti47Bc4HUmRqpAtI=
Subject key identifier: EE:41:90:9F:C8:EA:3F:32:7D:53:5C:02:B1:FC:35:21:88:1A:F9:A3
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018E5949139F3DE0F6470C44236D4C9E0DFC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/7kGQn8jqPzJ9U1wCsfw1IYga-aM.roa
Signing time: Wed 20 Mar 2024 00:35:45 +0000
ROA not before: Wed 20 Mar 2024 00:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.130.0/23 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 00:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:59:49:13:9f:3d:e0:f6:47:0c:44:23:6d:4c:9e:0d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Mar 20 00:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee41909fc8ea3f327d535c02b1fc3521881af9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0e:71:a1:87:25:d0:be:27:6e:a8:db:0b:15:
0c:1d:90:51:87:58:20:da:e6:29:91:5c:8f:74:03:
a3:bb:37:d8:e1:18:b3:63:52:4c:5a:7f:48:53:05:
a6:29:ad:70:df:c8:b5:ed:0b:ac:0c:a5:2a:6b:1d:
a3:36:4f:85:bf:82:94:64:24:5f:e1:51:39:7b:d2:
5d:52:cf:e3:44:4f:97:32:cc:b1:3e:52:10:28:74:
f1:27:27:78:d3:5d:f8:c3:f1:c0:e7:6f:a9:2d:77:
cc:09:4c:81:d7:1e:c7:10:31:46:34:2c:80:6f:ae:
59:68:c8:73:a5:0a:e0:7e:0f:4d:bb:31:5d:9e:2f:
27:30:49:ca:63:1f:af:3e:6f:5f:7d:46:5e:c7:a3:
a7:ec:93:0d:b3:24:32:48:d4:59:e7:9c:03:f8:c5:
6b:de:80:3f:fc:af:ca:e5:0d:4f:9a:1a:e0:24:b8:
46:ed:d7:2f:bf:e1:4f:97:89:42:4b:22:b7:cc:4f:
44:ae:59:37:96:46:ed:0a:6e:c1:e1:23:e7:0a:e9:
cf:7c:b5:c6:dd:02:78:86:c3:48:ae:55:9f:3e:77:
db:32:6c:31:36:26:83:bd:2e:78:85:50:1a:ca:5c:
ee:c5:6d:60:50:dd:bf:45:7a:78:c6:e5:0c:ba:5b:
69:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:41:90:9F:C8:EA:3F:32:7D:53:5C:02:B1:FC:35:21:88:1A:F9:A3
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/7kGQn8jqPzJ9U1wCsfw1IYga-aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.130.0-188.209.135.255
Signature Algorithm: sha256WithRSAEncryption
9a:bc:b9:54:2f:fc:3b:33:95:d8:28:87:7e:35:b7:8c:75:4c:
1f:18:ad:9b:c1:62:53:dd:85:8b:e5:6b:5b:e8:88:3e:b9:6a:
49:cc:3d:4d:86:2a:7c:37:c3:8b:4d:ec:1c:4e:8b:bb:7c:c3:
2f:9d:08:95:ed:23:40:f1:e6:54:09:e1:80:c8:c0:04:83:90:
d7:4e:16:11:7b:cb:1f:ff:a9:8e:bc:74:37:1b:7f:d5:72:3c:
9a:cb:41:b5:8f:43:ef:6f:28:42:53:8a:d9:2c:15:f3:9c:cd:
4e:2c:aa:00:9d:88:dc:a1:ab:d1:e2:c8:6f:ce:40:ad:e2:e0:
f0:2d:ec:3e:6d:83:30:da:81:2b:55:bb:b3:8f:ab:43:07:4a:
9a:33:b7:07:ae:d8:6c:e9:cf:f4:7b:f0:70:bd:47:d3:04:6f:
53:d1:0e:d0:ee:00:6a:5d:97:88:d7:74:1f:5d:42:66:45:15:
a2:62:6a:4e:89:34:26:97:c4:4f:83:8c:28:57:1c:4e:70:b7:
5c:86:12:1b:16:9a:73:f2:96:1a:ba:b8:ab:f5:da:38:d5:45:
62:c3:71:57:4a:28:31:29:c4:28:5c:dd:75:0d:4a:1d:74:ba:
3a:63:37:d6:49:85:ab:46:0c:fb:3b:1e:b1:76:94:85:f4:f6:
cc:f8:05:5c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5ZSROfPeD2RwxEI21Mng38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMzIwMDAzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTQxOTA5ZmM4ZWEzZjMyN2Q1MzVjMDJiMWZjMzUyMTg4MWFmOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ5xoYcl0L4nbqjbCxUMHZBRh1gg
2uYpkVyPdAOjuzfY4RizY1JMWn9IUwWmKa1w38i17QusDKUqax2jNk+Fv4KUZCRf
4VE5e9JdUs/jRE+XMsyxPlIQKHTxJyd40134w/HA52+pLXfMCUyB1x7HEDFGNCyA
b65ZaMhzpQrgfg9NuzFdni8nMEnKYx+vPm9ffUZex6On7JMNsyQySNRZ55wD+MVr
3oA//K/K5Q1PmhrgJLhG7dcvv+FPl4lCSyK3zE9Erlk3lkbtCm7B4SPnCunPfLXG
3QJ4hsNIrlWfPnfbMmwxNiaDvS54hVAaylzuxW1gUN2/RXp4xuUMultp2wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO5BkJ/I6j8yfVNcArH8NSGIGvmjMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvN2tHUW44anFQeko5VTF3Q3NmdzFJWWdhLWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAG80YID
BAO80YAwDQYJKoZIhvcNAQELBQADggEBAJq8uVQv/Dszldgoh341t4x1TB8YrZvB
YlPdhYvla1voiD65aknMPU2GKnw3w4tN7BxOi7t8wy+dCJXtI0Dx5lQJ4YDIwASD
kNdOFhF7yx//qY68dDcbf9VyPJrLQbWPQ+9vKEJTitksFfOczU4sqgCdiNyhq9Hi
yG/OQK3i4PAt7D5tgzDagStVu7OPq0MHSpoztweu2Gzpz/R78HC9R9MEb1PRDtDu
AGpdl4jXdB9dQmZFFaJiak6JNCaXxE+DjChXHE5wt1yGEhsWmnPylhq6uKv12jjV
RWLDcVdKKDEpxChc3XUNSh10ujpjN9ZJhatGDPs7HrF2lIX09sz4BVw=
-----END CERTIFICATE-----
Generated at Sat Mar 23 01:12:19 2024 by rpki-client on console-fra.rpki-client.org