Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/J5U04booC0HrmN7j-WgC2obHj0s.roa
File: J5U04booC0HrmN7j-WgC2obHj0s.roa (raw, json)
Hash identifier: YoSdXVm86MS3K/dnUtTYTIuZvyzTKjtwGrWOeEHbfog=
Subject key identifier: 27:95:34:E1:BA:28:0B:41:EB:98:DE:E3:F9:68:02:DA:86:C7:8F:4B
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0191FCB3D1F8F4ACA6EB965250FB8D97CDCA
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/J5U04booC0HrmN7j-WgC2obHj0s.roa
Signing time: Mon 16 Sep 2024 21:18:48 +0000
ROA not before: Mon 16 Sep 2024 21:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.131.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 08:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fc:b3:d1:f8:f4:ac:a6:eb:96:52:50:fb:8d:97:cd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Sep 16 21:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=279534e1ba280b41eb98dee3f96802da86c78f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:33:fd:e6:16:24:09:7c:11:93:57:a5:a4:
40:10:62:22:0c:60:75:6d:34:12:df:a1:9b:34:94:
30:b7:f5:ae:7b:4a:c6:bf:3e:aa:01:ca:16:76:79:
d9:5e:c9:f8:be:8a:ab:f1:02:4a:75:26:24:7e:9b:
b8:6a:a2:fb:e6:3c:b6:eb:fd:65:b8:47:87:52:ae:
ae:db:0a:e7:ed:e8:b7:de:c0:c6:cb:82:65:bf:4e:
3c:f9:27:96:c9:74:f9:f8:05:c2:eb:b7:90:1b:b7:
d9:82:3d:23:99:2b:4f:5a:df:82:cd:17:bc:08:eb:
ea:67:14:dc:12:e2:32:e2:4f:13:6e:d5:06:dd:3f:
db:cd:0c:e5:55:fc:24:f9:d5:c9:74:88:51:f7:96:
ff:f4:4b:52:8e:01:3e:c5:c8:05:9d:51:c7:ae:96:
bc:6b:19:45:0d:da:f8:7e:86:5f:16:dc:52:90:b4:
19:3a:5a:0e:04:98:9e:01:13:09:fe:7f:59:83:c9:
80:00:7b:a1:d3:48:66:44:14:d6:e9:b3:5f:29:5f:
da:b5:18:d0:48:23:d0:74:4f:2a:cd:0f:d7:3e:88:
07:fc:9a:43:31:20:ab:20:6c:18:30:64:0d:42:66:
78:77:26:46:28:b2:0e:f3:d9:ac:97:42:91:b0:a0:
81:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:95:34:E1:BA:28:0B:41:EB:98:DE:E3:F9:68:02:DA:86:C7:8F:4B
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/J5U04booC0HrmN7j-WgC2obHj0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.131.0-188.209.135.255
Signature Algorithm: sha256WithRSAEncryption
28:9c:1e:75:b1:a9:75:96:12:cd:0b:41:e2:7b:bf:12:b7:f9:
4a:2e:ab:09:7a:b4:f5:63:19:02:5f:cc:22:3f:68:41:ad:47:
a5:7b:59:46:e0:5f:3b:02:5e:a2:01:e8:f2:09:9d:b7:79:2a:
63:fb:33:2e:3f:bb:98:97:34:4c:5d:0a:24:49:37:a5:92:10:
9e:48:3f:2a:84:7d:42:fe:ac:59:9e:ad:80:5c:cd:df:ef:79:
66:87:e6:f3:28:f1:8d:a9:1b:23:79:2c:50:88:e0:26:1e:75:
cf:37:d0:a7:bd:f8:78:bc:29:ba:a5:2b:c7:9a:35:cd:8d:84:
1a:15:cf:b3:7d:7d:71:0f:90:63:c9:e7:96:12:42:1b:63:92:
cb:f3:76:c8:97:c4:1e:f9:bc:f6:d4:aa:e8:fc:e2:59:62:ae:
4d:ff:50:f3:59:06:8a:22:9d:26:ea:f1:f7:1d:fd:e5:88:9d:
f2:fd:06:33:e8:d9:84:97:6f:7a:1d:e1:4c:6d:49:1c:73:7d:
c0:93:3d:22:26:59:9c:ac:60:8a:98:d3:db:6b:b3:d0:72:30:
03:30:c4:02:57:1b:81:dc:b7:d4:eb:0b:43:d7:ff:24:b0:ac:
47:c1:0f:8e:f1:55:25:e5:44:e8:ba:87:a4:2e:93:8c:a5:e8:
20:1f:85:51
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZH8s9H49Kym65ZSUPuNl83KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwOTE2MjExODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzk1MzRlMWJhMjgwYjQxZWI5OGRlZTNmOTY4MDJkYTg2Yzc4ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkoz/eYWJAl8EZNXpaRAEGIiDGB1
bTQS36GbNJQwt/Wue0rGvz6qAcoWdnnZXsn4voqr8QJKdSYkfpu4aqL75jy26/1l
uEeHUq6u2wrn7ei33sDGy4Jlv048+SeWyXT5+AXC67eQG7fZgj0jmStPWt+CzRe8
COvqZxTcEuIy4k8TbtUG3T/bzQzlVfwk+dXJdIhR95b/9EtSjgE+xcgFnVHHrpa8
axlFDdr4foZfFtxSkLQZOloOBJieARMJ/n9Zg8mAAHuh00hmRBTW6bNfKV/atRjQ
SCPQdE8qzQ/XPogH/JpDMSCrIGwYMGQNQmZ4dyZGKLIO89msl0KRsKCBawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCeVNOG6KAtB65je4/loAtqGx49LMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSjVVMDRib29DMEhybU43ai1XZ0Myb2JIajBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC80YMD
BAO80YAwDQYJKoZIhvcNAQELBQADggEBACicHnWxqXWWEs0LQeJ7vxK3+Uouqwl6
tPVjGQJfzCI/aEGtR6V7WUbgXzsCXqIB6PIJnbd5KmP7My4/u5iXNExdCiRJN6WS
EJ5IPyqEfUL+rFmerYBczd/veWaH5vMo8Y2pGyN5LFCI4CYedc830Ke9+Hi8Kbql
K8eaNc2NhBoVz7N9fXEPkGPJ55YSQhtjksvzdsiXxB75vPbUquj84llirk3/UPNZ
BooinSbq8fcd/eWInfL9BjPo2YSXb3od4UxtSRxzfcCTPSImWZysYIqY09trs9By
MAMwxAJXG4Hct9TrC0PX/ySwrEfBD47xVSXlROi6h6Quk4yl6CAfhVE=
-----END CERTIFICATE-----
Generated at Thu Sep 19 10:53:28 2024 by rpki-client on console-fra.rpki-client.org