Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/C847SckLaEVjR1UBZ4eurCsHW50.roa
File: C847SckLaEVjR1UBZ4eurCsHW50.roa (raw, json)
Hash identifier: j7tg2xT4rjohdvoCeMrmcY4Bx3+jKH5bGyobupY6iPI=
Subject key identifier: 0B:CE:3B:49:C9:0B:68:45:63:47:55:01:67:87:AE:AC:2B:07:5B:9D
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018E0B31DD209BC9A09C53ADAD2CC3654F50
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/C847SckLaEVjR1UBZ4eurCsHW50.roa
Signing time: Mon 04 Mar 2024 20:40:01 +0000
ROA not before: Mon 04 Mar 2024 20:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.209.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 16:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0b:31:dd:20:9b:c9:a0:9c:53:ad:ad:2c:c3:65:4f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Mar 4 20:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bce3b49c90b6845634755016787aeac2b075b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0e:22:ad:8c:e5:32:3a:02:79:a2:93:0c:aa:
a7:fa:40:f6:73:fd:b7:6e:d2:58:02:d6:1c:3e:66:
c6:96:66:fd:7b:45:66:a5:9d:60:48:41:b9:c9:cf:
20:56:4b:7e:58:05:88:4f:4c:48:b4:7e:d8:0e:27:
e0:ec:38:06:30:64:a9:f9:6c:b9:4b:2a:05:42:2a:
67:c4:63:99:f0:da:da:7c:cf:69:ab:73:f8:91:36:
41:e8:5d:4d:d3:6d:64:ad:5c:f5:22:04:4d:71:86:
1a:9a:4c:5a:7c:a9:8a:5b:af:94:5b:8d:e7:53:a2:
21:a2:04:53:3f:00:99:7f:71:42:d4:bf:5a:71:fd:
84:4d:10:b5:fd:b5:8f:07:55:d1:84:af:77:9b:92:
b9:5a:ac:f9:f4:27:35:d6:f4:6a:c1:0f:14:b9:81:
73:dd:2e:6a:76:28:24:19:34:8f:63:bf:86:2c:75:
56:0b:d6:c4:46:4b:77:18:4b:f6:64:9f:eb:78:33:
1f:29:3c:39:16:76:cf:b6:6c:0b:71:ff:0e:20:a3:
b5:d5:03:d2:ee:a1:4a:ac:de:dc:7f:15:cb:32:4e:
8a:00:55:0d:40:f9:cd:fa:1b:bf:7a:d9:b7:4b:11:
c1:e7:bc:46:18:4b:7b:e5:39:ac:05:d6:c7:80:9b:
31:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CE:3B:49:C9:0B:68:45:63:47:55:01:67:87:AE:AC:2B:07:5B:9D
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/C847SckLaEVjR1UBZ4eurCsHW50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7c:31:7d:95:0e:bc:2a:8e:1a:f4:19:c0:c0:ad:62:1f:2e:
a2:3d:30:cb:5f:8c:3f:10:c0:1b:28:b0:fb:00:41:b7:8c:53:
66:a3:d1:fe:f5:02:2d:34:5e:a0:4c:3f:cd:e3:69:a7:38:22:
c4:de:36:49:b7:26:9d:4e:38:e6:03:c0:ec:23:32:12:44:4c:
6c:d6:86:c8:10:7f:00:a7:f5:07:cd:a4:ac:47:ec:f6:5d:b4:
e5:49:c7:39:62:d4:9d:95:d3:3a:f9:a1:b7:b8:2c:0b:8a:83:
27:aa:f5:1e:f1:45:fe:08:67:55:7f:ee:4f:04:41:c8:c5:7a:
7f:1c:24:bb:b2:dd:f2:95:24:a3:45:8a:bc:1b:bd:75:2c:1d:
ac:46:d2:5c:e1:5e:b6:93:99:cb:ab:f7:8a:a4:1d:c5:bc:e7:
e1:f4:f7:4d:09:c1:ea:c2:f6:f8:70:f4:de:5b:dc:2e:b6:9f:
91:3c:18:b9:f6:45:c4:b4:92:66:47:26:e5:97:2f:1a:36:cd:
b8:3f:9a:a0:5a:f6:b1:46:1f:45:0b:2a:af:1e:8c:3f:e9:a3:
69:4f:2c:e8:f9:72:30:46:bd:2c:43:63:a0:83:54:54:96:57:
90:4f:f1:71:10:a8:b0:9f:68:21:ee:79:db:c7:ea:00:6a:42:
c6:35:8d:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4LMd0gm8mgnFOtrSzDZU9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMzA0MjA0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmNlM2I0OWM5MGI2ODQ1NjM0NzU1MDE2Nzg3YWVhYzJiMDc1YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg4irYzlMjoCeaKTDKqn+kD2c/23
btJYAtYcPmbGlmb9e0VmpZ1gSEG5yc8gVkt+WAWIT0xItH7YDifg7DgGMGSp+Wy5
SyoFQipnxGOZ8NrafM9pq3P4kTZB6F1N021krVz1IgRNcYYamkxafKmKW6+UW43n
U6IhogRTPwCZf3FC1L9acf2ETRC1/bWPB1XRhK93m5K5Wqz59Cc11vRqwQ8UuYFz
3S5qdigkGTSPY7+GLHVWC9bERkt3GEv2ZJ/reDMfKTw5FnbPtmwLcf8OIKO11QPS
7qFKrN7cfxXLMk6KAFUNQPnN+hu/etm3SxHB57xGGEt75TmsBdbHgJsxsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAvOO0nJC2hFY0dVAWeHrqwrB1udMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvQzg0N1Nja0xhRVZqUjFVQlo0ZXVyQ3NIVzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGDMA0G
CSqGSIb3DQEBCwUAA4IBAQAXfDF9lQ68Ko4a9BnAwK1iHy6iPTDLX4w/EMAbKLD7
AEG3jFNmo9H+9QItNF6gTD/N42mnOCLE3jZJtyadTjjmA8DsIzISRExs1obIEH8A
p/UHzaSsR+z2XbTlScc5YtSdldM6+aG3uCwLioMnqvUe8UX+CGdVf+5PBEHIxXp/
HCS7st3ylSSjRYq8G711LB2sRtJc4V62k5nLq/eKpB3FvOfh9PdNCcHqwvb4cPTe
W9wutp+RPBi59kXEtJJmRyblly8aNs24P5qgWvaxRh9FCyqvHow/6aNpTyzo+XIw
Rr0sQ2Ogg1RUlleQT/FxEKiwn2gh7nnbx+oAakLGNY3d
-----END CERTIFICATE-----
Generated at Thu Apr 11 19:13:25 2024 by rpki-client on console-fra.rpki-client.org