Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/AEdpqfJlNVdue0u1BUdT9v4qrl4.roa
File: AEdpqfJlNVdue0u1BUdT9v4qrl4.roa (raw, json)
Hash identifier: lUZTpUq8wGgZU4Q0jJovhMtqAi6oWheK6uuwNC64KpE=
Subject key identifier: 00:47:69:A9:F2:65:35:57:6E:7B:4B:B5:05:47:53:F6:FE:2A:AE:5E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0190F2445CDB371CA5B1A70883ED2BEA67A4
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/AEdpqfJlNVdue0u1BUdT9v4qrl4.roa
Signing time: Sat 27 Jul 2024 03:38:04 +0000
ROA not before: Sat 27 Jul 2024 03:38:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.130.0/24 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 11:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f2:44:5c:db:37:1c:a5:b1:a7:08:83:ed:2b:ea:67:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 27 03:38:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=004769a9f26535576e7b4bb5054753f6fe2aae5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e7:11:df:0a:cf:9b:5b:34:21:8f:57:4c:7a:
4e:af:09:eb:a8:5d:c4:47:eb:57:db:e2:0c:6e:a0:
16:0d:b5:b5:9d:0b:c0:e6:1a:69:22:41:2b:ad:ea:
45:73:f3:c8:66:ac:92:6d:23:16:4a:61:df:0b:d2:
6e:09:f1:b4:92:42:d6:d7:e7:42:67:f8:ab:64:06:
e5:29:86:43:de:50:84:20:53:60:d8:b5:e7:40:5a:
1f:c9:4e:27:8d:9c:45:28:d0:58:09:48:f5:7f:20:
9c:84:eb:62:d8:30:62:ab:bc:57:26:15:03:8a:60:
11:4b:d2:c0:e4:6b:33:4e:e0:09:05:33:f7:1f:f6:
70:a9:a2:ba:c0:48:76:e3:53:66:19:ee:55:52:49:
3b:71:3b:e9:67:0e:12:0c:10:68:be:73:5a:91:16:
82:8f:be:0c:94:25:5b:3c:16:a7:25:cf:51:ca:eb:
05:a8:e2:fb:c2:db:29:ec:48:1f:5e:54:ef:ec:6a:
ea:7f:d8:10:57:9e:d9:66:9d:61:43:12:5a:73:5b:
28:e3:fc:2e:c9:75:3e:c5:47:28:33:be:a8:64:c5:
5d:f7:70:60:ad:d6:43:33:c0:80:6a:ab:19:26:6c:
e5:a4:34:55:93:73:a5:ea:02:ba:c3:11:e1:79:08:
21:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:47:69:A9:F2:65:35:57:6E:7B:4B:B5:05:47:53:F6:FE:2A:AE:5E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/AEdpqfJlNVdue0u1BUdT9v4qrl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:38:b3:95:d4:51:98:f6:16:ca:45:fd:be:12:9e:76:36:00:
48:36:19:3c:11:36:e2:3b:a8:9f:c9:17:99:cc:39:c8:5c:c7:
91:aa:61:af:76:d7:57:87:c3:3e:df:cf:e4:ba:66:05:06:18:
b9:0d:e8:ca:29:cb:27:18:75:bc:9a:d3:fe:d2:4b:6a:44:92:
fa:bd:70:10:d0:22:66:33:29:4a:ab:d9:cd:c8:b2:47:a6:b3:
7e:41:34:b0:24:ba:7e:fb:74:d8:09:c7:d3:ac:fa:ff:72:de:
20:10:cf:98:8a:db:20:7a:dc:af:c8:7e:8f:09:91:46:ee:3d:
de:2c:b4:67:e7:45:b0:99:44:25:15:53:d0:84:f7:f9:fc:c5:
19:b1:91:c9:92:ae:06:11:d7:06:a7:73:af:4d:d5:06:80:69:
b2:8b:2b:25:85:d6:8d:f4:d5:82:28:f2:c4:05:c6:f6:c5:ca:
0f:69:75:1f:3d:d9:5f:cb:44:77:16:e5:2f:dd:20:4e:83:b9:
4d:f0:d2:a6:4a:89:ec:bd:5a:cd:51:06:58:41:61:05:e8:c8:
a8:c7:05:5f:e7:a2:ea:56:19:b1:f5:86:46:65:53:11:94:8e:
1f:fb:05:23:2d:94:23:1c:dd:fb:9c:44:ed:d2:59:cb:e7:39:
62:e6:90:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDyRFzbNxylsacIg+0r6mekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNzI3MDMzODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQ3NjlhOWYyNjUzNTU3NmU3YjRiYjUwNTQ3NTNmNmZlMmFhZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOcR3wrPm1s0IY9XTHpOrwnrqF3E
R+tX2+IMbqAWDbW1nQvA5hppIkErrepFc/PIZqySbSMWSmHfC9JuCfG0kkLW1+dC
Z/irZAblKYZD3lCEIFNg2LXnQFofyU4njZxFKNBYCUj1fyCchOti2DBiq7xXJhUD
imARS9LA5GszTuAJBTP3H/ZwqaK6wEh241NmGe5VUkk7cTvpZw4SDBBovnNakRaC
j74MlCVbPBanJc9RyusFqOL7wtsp7EgfXlTv7Grqf9gQV57ZZp1hQxJac1so4/wu
yXU+xUcoM76oZMVd93BgrdZDM8CAaqsZJmzlpDRVk3Ol6gK6wxHheQgh7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFABHaanyZTVXbntLtQVHU/b+Kq5eMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvQUVkcHFmSmxOVmR1ZTB1MUJVZFQ5djRxcmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQA
wg9hMA0GCSqGSIb3DQEBCwUAA4IBAQAaOLOV1FGY9hbKRf2+Ep52NgBINhk8ETbi
O6ifyReZzDnIXMeRqmGvdtdXh8M+38/kumYFBhi5DejKKcsnGHW8mtP+0ktqRJL6
vXAQ0CJmMylKq9nNyLJHprN+QTSwJLp++3TYCcfTrPr/ct4gEM+YitsgetyvyH6P
CZFG7j3eLLRn50WwmUQlFVPQhPf5/MUZsZHJkq4GEdcGp3OvTdUGgGmyiyslhdaN
9NWCKPLEBcb2xcoPaXUfPdlfy0R3FuUv3SBOg7lN8NKmSonsvVrNUQZYQWEF6Mio
xwVf56LqVhmx9YZGZVMRlI4f+wUjLZQjHN37nETt0lnL5zli5pAU
-----END CERTIFICATE-----
Generated at Sat Aug 3 13:12:29 2024 by rpki-client on console-ams.rpki-client.org