Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/JdPxodvwcDjevZJoQNC0LUcDSu8.roa
File: JdPxodvwcDjevZJoQNC0LUcDSu8.roa (raw, json)
Hash identifier: TmTT6ofKud92eXj1w3DD3Z1TDJUnkYCI+PtgbWMqCao=
Subject key identifier: 25:D3:F1:A1:DB:F0:70:38:DE:BD:92:68:40:D0:B4:2D:47:03:4A:EF
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01884E936D737D3F2894489991D63A3E6CBB
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/JdPxodvwcDjevZJoQNC0LUcDSu8.roa
Signing time: Wed 24 May 2023 16:24:24 +0000
ROA not before: Wed 24 May 2023 16:24:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Jun 2023 09:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4e:93:6d:73:7d:3f:28:94:48:99:91:d6:3a:3e:6c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 24 16:24:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25d3f1a1dbf07038debd926840d0b42d47034aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:09:df:e1:9e:88:36:59:44:a3:82:54:84:35:
16:ea:a4:7b:41:2f:00:28:c8:18:b1:bc:fe:47:a1:
eb:a1:6c:2d:b7:7d:4e:c5:23:1d:81:ed:47:01:29:
9d:ff:35:d1:b5:d6:9c:eb:1b:ad:c4:b7:1f:7e:9b:
25:3e:1b:a0:67:5a:12:5e:24:d2:08:d0:67:83:ba:
d6:63:1d:d5:17:11:83:eb:80:f6:06:3a:5c:84:21:
f7:10:ca:94:e6:17:e5:df:c1:12:1d:41:ce:40:4e:
3d:7b:f3:50:60:c1:d8:e3:4b:50:61:a8:83:f3:33:
15:4c:e0:28:07:37:49:b7:38:f8:79:29:82:fb:21:
4f:b0:bc:23:37:68:44:32:76:b2:fe:d9:fd:eb:88:
79:aa:85:87:1c:9f:22:08:81:60:1e:a7:90:c5:ff:
bf:03:23:32:8c:90:1b:64:64:98:7c:62:bc:cb:f0:
24:93:70:5c:66:3f:6c:8e:8f:21:52:ae:75:d0:f5:
a7:be:4e:f6:b8:48:22:2f:2e:30:34:7f:80:33:0d:
46:e6:09:46:22:1c:fc:6c:0f:53:f7:3e:0c:94:21:
ec:6e:5e:e0:42:04:7f:ac:49:9f:96:37:1b:5d:4d:
8b:97:df:3a:9a:97:60:1c:77:ea:c4:4c:02:c6:f8:
1c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D3:F1:A1:DB:F0:70:38:DE:BD:92:68:40:D0:B4:2D:47:03:4A:EF
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/JdPxodvwcDjevZJoQNC0LUcDSu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:84:cd:8b:eb:37:4d:d6:62:6f:b9:8f:10:9d:e0:81:cd:fe:
28:a4:10:39:fa:9c:e5:04:be:d4:69:94:99:e1:17:f0:0a:d9:
7f:d2:60:95:d6:f8:a2:ff:be:ba:7a:b5:a7:2e:be:3a:8e:b5:
5c:78:b7:bc:5d:2a:52:41:b5:7a:f2:55:5d:ec:96:45:28:54:
e1:04:a7:da:f0:d5:07:cb:07:e4:89:cf:4d:03:0d:76:88:c5:
2e:33:21:cc:ba:56:c7:46:c4:95:fb:ee:b0:cf:de:86:3f:9a:
02:ec:97:ba:aa:d3:f2:49:f7:f4:83:26:0a:6b:89:25:39:9c:
7d:ee:02:44:43:95:2e:e1:5e:73:77:38:de:77:3b:77:14:ed:
ad:98:73:85:d6:46:a1:83:97:22:e0:93:f1:98:4c:0a:a8:3a:
a1:29:bb:d5:ad:72:fe:7d:4c:50:6b:dc:1d:13:34:ca:77:72:
12:a7:ec:24:30:a5:cf:b5:31:d1:d6:3f:d7:df:6b:87:4b:23:
f2:aa:9b:fd:38:f0:a6:0c:02:aa:37:5a:fa:2a:70:17:a4:15:
90:f7:3d:dd:e9:2b:b8:f2:2c:5e:7c:ca:d0:c6:78:be:82:8c:
8e:cd:88:b1:92:c1:ce:cc:3e:9c:e7:2a:b0:49:86:54:05:54:
b3:ed:1e:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhOk21zfT8olEiZkdY6Pmy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNTI0MTYyNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQzZjFhMWRiZjA3MDM4ZGViZDkyNjg0MGQwYjQyZDQ3MDM0YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAnf4Z6INllEo4JUhDUW6qR7QS8A
KMgYsbz+R6HroWwtt31OxSMdge1HASmd/zXRtdac6xutxLcffpslPhugZ1oSXiTS
CNBng7rWYx3VFxGD64D2BjpchCH3EMqU5hfl38ESHUHOQE49e/NQYMHY40tQYaiD
8zMVTOAoBzdJtzj4eSmC+yFPsLwjN2hEMnay/tn964h5qoWHHJ8iCIFgHqeQxf+/
AyMyjJAbZGSYfGK8y/Akk3BcZj9sjo8hUq510PWnvk72uEgiLy4wNH+AMw1G5glG
Ihz8bA9T9z4MlCHsbl7gQgR/rEmfljcbXU2Ll986mpdgHHfqxEwCxvgcHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCXT8aHb8HA43r2SaEDQtC1HA0rvMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSmRQeG9kdndjRGpldlpKb1FOQzBMVWNEU3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvNGEAwQC
wg9gMA0GCSqGSIb3DQEBCwUAA4IBAQCKhM2L6zdN1mJvuY8QneCBzf4opBA5+pzl
BL7UaZSZ4RfwCtl/0mCV1vii/766erWnLr46jrVceLe8XSpSQbV68lVd7JZFKFTh
BKfa8NUHywfkic9NAw12iMUuMyHMulbHRsSV++6wz96GP5oC7Je6qtPySff0gyYK
a4klOZx97gJEQ5Uu4V5zdzjedzt3FO2tmHOF1kahg5ci4JPxmEwKqDqhKbvVrXL+
fUxQa9wdEzTKd3ISp+wkMKXPtTHR1j/X32uHSyPyqpv9OPCmDAKqN1r6KnAXpBWQ
9z3d6Su48ixefMrQxni+goyOzYixksHOzD6c5yqwSYZUBVSz7R4m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org