Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CKCmQYevDqWRezgrkjBORPf4KoU.roa
File: CKCmQYevDqWRezgrkjBORPf4KoU.roa (raw, json)
Hash identifier: jPaLbhytg1xQs/ntXft5k/uIQVTUT4pkHDLVOJXzVbI=
Subject key identifier: 08:A0:A6:41:87:AF:0E:A5:91:7B:38:2B:92:30:4E:44:F7:F8:2A:85
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0187A756E0795D06DD3DE137472255544E08
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CKCmQYevDqWRezgrkjBORPf4KoU.roa
Signing time: Sat 22 Apr 2023 05:01:41 +0000
ROA not before: Sat 22 Apr 2023 05:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.209.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a7:56:e0:79:5d:06:dd:3d:e1:37:47:22:55:54:4e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Apr 22 05:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08a0a64187af0ea5917b382b92304e44f7f82a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:41:a1:a5:4d:62:25:6b:91:78:42:8e:1f:fc:
49:ff:59:1d:55:b2:a1:54:b1:e4:78:64:12:4b:5b:
cb:09:00:85:24:f3:a6:5c:5c:d4:f7:df:14:9a:03:
d7:3b:d2:be:7d:13:a9:b6:fa:5b:fc:52:0e:b8:2d:
29:57:ce:60:92:59:04:cf:2b:e9:8b:96:52:05:41:
4b:ad:9a:2a:81:73:8c:e5:a7:9a:54:e3:11:e9:c6:
7c:f6:bc:76:82:b9:9d:f2:90:1d:50:eb:36:1c:23:
39:96:d7:19:74:bd:31:cc:7d:67:8e:45:10:f4:9a:
61:83:ee:2b:6d:5b:c7:92:3a:4b:9a:6a:f2:10:ac:
b1:36:6d:13:9c:a6:80:2a:5e:1d:97:b4:62:93:ac:
79:c3:3b:a7:43:18:a0:86:a6:ba:88:1b:1e:43:e5:
08:e6:bf:aa:d2:75:5a:40:fe:58:ff:64:c6:40:5d:
5a:20:89:93:3a:de:f0:94:ac:c8:2c:6c:c1:6e:5a:
f6:dd:1e:0b:9c:56:e0:fe:e6:06:f7:f0:1f:f5:3d:
78:59:af:a6:c6:be:52:de:b5:4d:c5:a8:4d:8e:6b:
08:3f:d2:0e:d8:eb:d6:06:12:0b:ca:60:4c:73:6b:
b1:c3:ac:42:a3:a5:d9:75:fb:91:0b:d4:e2:1a:12:
f5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A0:A6:41:87:AF:0E:A5:91:7B:38:2B:92:30:4E:44:F7:F8:2A:85
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CKCmQYevDqWRezgrkjBORPf4KoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.140.0/22
Signature Algorithm: sha256WithRSAEncryption
92:08:b2:4e:78:fe:31:f9:0a:2a:16:e1:26:76:a7:14:23:62:
70:95:e2:a3:d3:69:89:59:9d:98:b0:b8:65:24:66:00:c2:4f:
23:b0:b2:55:b0:57:77:f8:38:d4:ee:31:82:76:5d:6f:7e:10:
35:40:e6:1e:de:25:ff:67:9c:ca:65:a6:88:c4:83:92:49:15:
dd:0a:0d:03:2c:8c:7a:36:56:df:55:84:c9:ab:8f:62:3f:05:
4d:4a:1a:fd:f1:a5:77:4d:77:9a:5a:06:52:ee:72:9a:53:4e:
d5:6c:9b:d2:2d:4b:1a:52:c1:75:16:9f:65:a7:d7:3c:67:30:
7b:78:ef:15:19:8f:2b:ad:30:6b:9b:68:92:93:eb:b5:b3:23:
c2:6e:c4:8f:68:79:0b:16:08:82:64:70:a9:cd:19:8f:3c:f6:
d9:7b:c5:b7:f4:56:53:fb:b7:94:84:7f:2e:3d:45:f6:76:b1:
da:e0:25:5d:2e:e0:96:18:2c:e3:09:c3:15:c9:b8:f8:a3:a7:
3a:a5:91:ea:b1:f3:5c:58:69:71:5b:fb:9d:dc:d1:98:25:f4:
2e:30:0a:4e:57:cf:bb:5d:61:a1:58:03:11:2a:45:f5:73:32:
03:40:b6:09:e7:bf:ac:51:37:a0:3b:fc:0a:f6:91:cf:68:62:
87:21:d0:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYenVuB5XQbdPeE3RyJVVE4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNDIyMDUwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGEwYTY0MTg3YWYwZWE1OTE3YjM4MmI5MjMwNGU0NGY3ZjgyYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UGhpU1iJWuReEKOH/xJ/1kdVbKh
VLHkeGQSS1vLCQCFJPOmXFzU998UmgPXO9K+fROptvpb/FIOuC0pV85gklkEzyvp
i5ZSBUFLrZoqgXOM5aeaVOMR6cZ89rx2grmd8pAdUOs2HCM5ltcZdL0xzH1njkUQ
9Jphg+4rbVvHkjpLmmryEKyxNm0TnKaAKl4dl7Rik6x5wzunQxighqa6iBseQ+UI
5r+q0nVaQP5Y/2TGQF1aIImTOt7wlKzILGzBblr23R4LnFbg/uYG9/Af9T14Wa+m
xr5S3rVNxahNjmsIP9IO2OvWBhILymBMc2uxw6xCo6XZdfuRC9TiGhL11wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAigpkGHrw6lkXs4K5IwTkT3+CqFMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvQ0tDbVFZZXZEcVdSZXpncmtqQk9SUGY0S29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQCSCLJOeP4x+QoqFuEmdqcUI2JwleKj02mJWZ2YsLhl
JGYAwk8jsLJVsFd3+DjU7jGCdl1vfhA1QOYe3iX/Z5zKZaaIxIOSSRXdCg0DLIx6
NlbfVYTJq49iPwVNShr98aV3TXeaWgZS7nKaU07VbJvSLUsaUsF1Fp9lp9c8ZzB7
eO8VGY8rrTBrm2iSk+u1syPCbsSPaHkLFgiCZHCpzRmPPPbZe8W39FZT+7eUhH8u
PUX2drHa4CVdLuCWGCzjCcMVybj4o6c6pZHqsfNcWGlxW/ud3NGYJfQuMApOV8+7
XWGhWAMRKkX1czIDQLYJ57+sUTegO/wK9pHPaGKHIdBS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org