Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/L_p8TSdNjKNBN7Kgw5GWXEqdRds.roa
File: L_p8TSdNjKNBN7Kgw5GWXEqdRds.roa (raw, json)
Hash identifier: U5btbhRnEWC+ex3E16925mnu3Y0+HNg/J46x2iPN6k0=
Subject key identifier: 2F:FA:7C:4D:27:4D:8C:A3:41:37:B2:A0:C3:91:96:5C:4A:9D:45:DB
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0192CA963F199F7AAC6053788F19FD745944
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/L_p8TSdNjKNBN7Kgw5GWXEqdRds.roa
Signing time: Sat 26 Oct 2024 20:48:17 +0000
ROA not before: Sat 26 Oct 2024 20:48:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ca:96:3f:19:9f:7a:ac:60:53:78:8f:19:fd:74:59:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Oct 26 20:48:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ffa7c4d274d8ca34137b2a0c391965c4a9d45db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:aa:d3:5a:e2:ee:d5:32:f6:3d:ea:95:5c:f5:
e6:b4:5f:0a:cd:f1:46:a6:eb:61:28:b6:cc:63:b2:
c2:b3:b6:48:f6:ac:6f:30:ba:bf:2c:f7:e5:f0:37:
13:c1:5c:cd:b8:69:77:b2:84:51:ee:e9:ce:8b:c6:
44:d0:63:34:1b:6a:7e:74:2c:1d:bb:35:d7:2a:99:
32:a0:65:4a:ea:12:ce:41:29:91:3d:e6:3e:0e:4e:
45:ec:a5:3e:47:7d:ad:09:f4:37:74:a3:03:52:a7:
1f:ee:58:41:7b:90:c7:e4:17:37:4f:8d:6c:fd:8f:
44:5e:79:e4:18:15:5e:98:d1:fa:74:a7:a2:1a:8a:
1e:97:75:0a:3c:75:34:39:42:17:61:75:13:a8:bc:
aa:eb:42:d3:23:10:40:62:4e:ba:d3:12:2a:a0:85:
b0:b2:38:ea:bd:44:0f:8b:8a:af:d1:7f:ed:80:c7:
e6:13:1f:17:ba:16:a0:84:13:fb:a1:e6:ca:0b:35:
2e:9e:c3:43:d3:4a:52:0b:f4:8a:f8:2b:40:49:2e:
cd:03:b4:5d:f0:d2:87:26:9b:4b:70:05:6d:14:de:
a0:66:ab:ef:2f:ee:46:00:35:14:e7:e0:98:cd:ec:
85:e4:8d:70:ce:35:b6:48:1f:65:92:37:e3:22:93:
17:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FA:7C:4D:27:4D:8C:A3:41:37:B2:A0:C3:91:96:5C:4A:9D:45:DB
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/L_p8TSdNjKNBN7Kgw5GWXEqdRds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
Signature Algorithm: sha256WithRSAEncryption
56:e9:1b:07:72:60:9f:57:ca:85:c7:c6:ad:18:80:21:db:dd:
69:44:4e:85:8a:6c:8d:f8:47:f9:5b:f6:7f:ed:69:61:6c:34:
7e:1b:70:ba:31:03:c6:83:cb:67:51:b6:f6:cc:26:01:1b:2f:
27:b2:99:fd:52:4a:26:1d:b3:c1:8e:6d:68:96:e0:86:65:28:
30:9f:5f:06:0f:f8:96:db:f8:79:1f:18:5c:7c:12:da:a9:27:
09:8c:5f:5c:8a:3d:4b:81:a1:3b:98:29:0b:eb:b2:56:c0:0f:
7e:1d:c9:9e:fc:35:34:8f:de:12:42:9e:3c:2e:ad:28:39:7b:
d7:76:08:cf:9d:c8:2c:5b:27:2e:fc:55:4b:71:4e:bc:13:01:
19:ef:dc:2a:24:2a:2b:57:39:22:ce:bc:22:99:4d:ec:b5:4c:
67:45:11:9c:f6:85:f4:7f:05:88:bb:be:45:27:7e:7e:fa:38:
53:c5:5c:ce:b5:ee:18:1c:a2:16:dc:07:5b:16:be:4f:2c:4d:
5b:60:f7:c9:e2:e8:04:15:3c:b1:f1:2d:35:89:31:12:09:f5:
90:c9:00:87:af:17:1f:7f:a9:9f:2e:62:2d:5b:c2:0b:b0:ed:
32:91:cf:68:99:ff:e9:83:97:8e:63:8e:31:1d:89:98:bd:41:
7a:12:67:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLKlj8Zn3qsYFN4jxn9dFlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQxMDI2MjA0ODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZhN2M0ZDI3NGQ4Y2EzNDEzN2IyYTBjMzkxOTY1YzRhOWQ0NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KrTWuLu1TL2PeqVXPXmtF8KzfFG
puthKLbMY7LCs7ZI9qxvMLq/LPfl8DcTwVzNuGl3soRR7unOi8ZE0GM0G2p+dCwd
uzXXKpkyoGVK6hLOQSmRPeY+Dk5F7KU+R32tCfQ3dKMDUqcf7lhBe5DH5Bc3T41s
/Y9EXnnkGBVemNH6dKeiGooel3UKPHU0OUIXYXUTqLyq60LTIxBAYk660xIqoIWw
sjjqvUQPi4qv0X/tgMfmEx8XuhaghBP7oebKCzUunsND00pSC/SK+CtASS7NA7Rd
8NKHJptLcAVtFN6gZqvvL+5GADUU5+CYzeyF5I1wzjW2SB9lkjfjIpMXIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/6fE0nTYyjQTeyoMORllxKnUXbMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTF9wOFRTZE5qS05CTjdLZ3c1R1dYRXFkUmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGEMA0G
CSqGSIb3DQEBCwUAA4IBAQBW6RsHcmCfV8qFx8atGIAh291pRE6FimyN+Ef5W/Z/
7WlhbDR+G3C6MQPGg8tnUbb2zCYBGy8nspn9UkomHbPBjm1oluCGZSgwn18GD/iW
2/h5HxhcfBLaqScJjF9cij1LgaE7mCkL67JWwA9+Hcme/DU0j94SQp48Lq0oOXvX
dgjPncgsWycu/FVLcU68EwEZ79wqJCorVzkizrwimU3stUxnRRGc9oX0fwWIu75F
J35++jhTxVzOte4YHKIW3AdbFr5PLE1bYPfJ4ugEFTyx8S01iTESCfWQyQCHrxcf
f6mfLmItW8ILsO0ykc9omf/pg5eOY44xHYmYvUF6Emfl
-----END CERTIFICATE-----
Generated at Sun Nov 10 09:36:25 2024 by rpki-client on console-fra.rpki-client.org