Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LEQQM8-Am5_IC4zTw1PkShiZFeY.roa
File: LEQQM8-Am5_IC4zTw1PkShiZFeY.roa (raw, json)
Hash identifier: wPk87RdXITOSJ+klZOD3Tsb6VZA21aD6w26cTdY9nII=
Subject key identifier: 2C:44:10:33:CF:80:9B:9F:C8:0B:8C:D3:C3:53:E4:4A:18:99:15:E6
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018D91CF41EEA86442E36555DEF18CBEA47B
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LEQQM8-Am5_IC4zTw1PkShiZFeY.roa
Signing time: Sat 10 Feb 2024 06:58:15 +0000
ROA not before: Sat 10 Feb 2024 06:58:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 188.209.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 18 Feb 2024 20:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:91:cf:41:ee:a8:64:42:e3:65:55:de:f1:8c:be:a4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 10 06:58:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c441033cf809b9fc80b8cd3c353e44a189915e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:9f:a5:4d:3e:f0:61:2a:e0:e2:25:dd:77:
fa:29:da:ee:c8:19:ba:81:ae:9c:c5:95:6d:12:44:
dc:fd:c8:00:24:ff:a3:dd:8c:14:2c:d9:36:56:6c:
ff:ce:ec:b5:fd:80:dd:39:69:37:66:9c:bb:e5:10:
bf:b7:2f:bd:91:53:19:3b:20:72:3b:87:38:79:3d:
59:da:26:e6:b6:21:2c:f5:67:bf:be:2f:05:b6:d7:
6c:91:b2:aa:ba:0b:1b:ec:75:f3:23:d6:82:d3:d6:
5f:c5:6f:97:fe:9d:e0:b6:24:77:d6:29:b0:23:e7:
9d:5b:03:b4:04:13:ca:37:49:ec:7f:86:bf:d4:7b:
a6:65:72:70:7f:57:56:0c:d6:5a:f3:c9:ad:95:fc:
a5:9e:87:d4:bc:43:83:49:a2:7b:a5:de:e5:84:53:
48:c7:0a:b2:82:97:cc:30:f9:f9:fc:ed:5a:d7:aa:
18:7d:21:97:eb:a1:e1:5b:12:00:01:2d:a4:d7:ff:
6b:9c:7c:0f:f7:21:e4:06:ad:8a:41:c8:d2:83:90:
4e:ca:3f:df:0b:c3:be:e1:5b:bb:a4:f7:51:a0:01:
ce:6d:57:f4:54:be:1c:ca:29:03:8f:49:c8:b5:f8:
2e:74:84:57:37:51:e8:1b:90:69:cf:87:6f:83:ff:
2b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:44:10:33:CF:80:9B:9F:C8:0B:8C:D3:C3:53:E4:4A:18:99:15:E6
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LEQQM8-Am5_IC4zTw1PkShiZFeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:a7:13:bd:97:e5:a5:00:08:cc:22:ca:6a:ec:20:40:fc:7c:
b7:0e:ad:59:5f:43:bb:82:fd:36:80:cf:e3:40:6e:42:12:68:
53:bf:db:40:9a:0e:cf:f2:00:33:d5:81:f4:58:26:1a:bb:7d:
ed:64:9b:a8:31:99:b7:6a:11:c5:93:2e:6b:6d:d7:ca:a8:5e:
23:d4:9e:2f:37:3f:6a:fd:db:d3:d9:69:f8:96:3e:55:32:a4:
31:6a:51:cb:19:18:54:8c:34:99:e5:25:79:b8:69:b8:f6:63:
e8:55:b6:06:71:17:8f:4a:cf:a0:35:fb:a7:75:82:2e:03:0d:
38:ec:3b:da:74:34:75:64:dd:5a:85:98:95:94:2f:b1:3d:e6:
a5:8d:f3:35:c8:98:fc:09:60:b0:68:7d:37:d7:08:a8:2b:3d:
a1:58:6c:e0:ff:a4:d3:c9:0c:43:97:5a:09:91:38:65:dd:ec:
9d:ab:4a:70:ad:a3:17:4b:64:93:e0:fa:ac:32:c3:b1:00:07:
d8:fd:4b:1e:db:61:5e:ab:fb:2d:95:55:1a:4a:21:12:44:44:
9d:30:56:98:22:93:8a:7d:96:9f:a7:71:86:49:bb:f1:9d:98:
75:18:19:f5:f3:e4:7b:ab:37:56:ae:7d:50:8b:ea:e3:35:eb:
94:d5:96:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Rz0HuqGRC42VV3vGMvqR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjEwMDY1ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzQ0MTAzM2NmODA5YjlmYzgwYjhjZDNjMzUzZTQ0YTE4OTkxNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvCfpU0+8GEq4OIl3Xf6KdruyBm6
ga6cxZVtEkTc/cgAJP+j3YwULNk2Vmz/zuy1/YDdOWk3Zpy75RC/ty+9kVMZOyBy
O4c4eT1Z2ibmtiEs9We/vi8FttdskbKqugsb7HXzI9aC09ZfxW+X/p3gtiR31imw
I+edWwO0BBPKN0nsf4a/1HumZXJwf1dWDNZa88mtlfylnofUvEODSaJ7pd7lhFNI
xwqygpfMMPn5/O1a16oYfSGX66HhWxIAAS2k1/9rnHwP9yHkBq2KQcjSg5BOyj/f
C8O+4Vu7pPdRoAHObVf0VL4cyikDj0nItfgudIRXN1HoG5Bpz4dvg/8rDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxEEDPPgJufyAuM08NT5EoYmRXmMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTEVRUU04LUFtNV9JQzR6VHcxUGtTaGlaRmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGEMA0G
CSqGSIb3DQEBCwUAA4IBAQB9pxO9l+WlAAjMIspq7CBA/Hy3Dq1ZX0O7gv02gM/j
QG5CEmhTv9tAmg7P8gAz1YH0WCYau33tZJuoMZm3ahHFky5rbdfKqF4j1J4vNz9q
/dvT2Wn4lj5VMqQxalHLGRhUjDSZ5SV5uGm49mPoVbYGcRePSs+gNfundYIuAw04
7DvadDR1ZN1ahZiVlC+xPealjfM1yJj8CWCwaH031wioKz2hWGzg/6TTyQxDl1oJ
kThl3eydq0pwraMXS2ST4PqsMsOxAAfY/Use22Feq/stlVUaSiESRESdMFaYIpOK
fZafp3GGSbvxnZh1GBn18+R7qzdWrn1Qi+rjNeuU1ZZP
-----END CERTIFICATE-----
Generated at Mon Feb 19 01:19:31 2024 by rpki-client on console-fra.rpki-client.org