Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LbekOhDY5a9WVd99tMT5hI5GGTw.roa
File: LbekOhDY5a9WVd99tMT5hI5GGTw.roa (raw, json)
Hash identifier: g+R4IUriONw7kZbtIxHGMVjFC8fFe6FIIhk9fvQyEjY=
Subject key identifier: 2D:B7:A4:3A:10:D8:E5:AF:56:55:DF:7D:B4:C4:F9:84:8E:46:19:3C
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018DBDD493FAE1197CE9C85C367A31347223
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LbekOhDY5a9WVd99tMT5hI5GGTw.roa
Signing time: Sun 18 Feb 2024 20:07:21 +0000
ROA not before: Sun 18 Feb 2024 20:07:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 188.209.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 25 Feb 2024 20:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bd:d4:93:fa:e1:19:7c:e9:c8:5c:36:7a:31:34:72:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 18 20:07:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2db7a43a10d8e5af5655df7db4c4f9848e46193c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:63:10:15:e3:94:c3:b9:0b:8c:01:17:18:74:
1b:7d:60:03:98:40:a5:b2:e7:19:de:31:10:24:90:
9d:13:b3:44:c3:da:85:0d:8a:57:63:b8:3d:f5:db:
16:f3:ee:93:2c:b9:06:3d:8b:93:67:bf:f7:c2:14:
9f:e0:6a:83:24:7c:e6:3b:b2:33:ea:40:33:3b:7c:
3d:5b:b7:63:c0:f7:4b:7f:03:22:27:8c:21:28:c7:
d9:17:54:2a:82:28:39:ba:d1:8e:d9:04:da:ef:ff:
8e:19:77:ff:0c:f7:46:98:ef:4c:57:f8:19:b2:10:
b2:a8:d1:08:bf:ae:23:06:e1:fa:4a:80:be:d4:e6:
57:dd:c9:2f:cb:e1:7e:ac:9c:7e:c2:0f:58:bf:b1:
b8:1a:80:eb:f6:d2:e7:c7:10:58:1c:8b:f7:9f:71:
20:e2:06:93:25:d1:0a:0b:9a:66:d0:e5:0c:3d:73:
e8:dc:69:87:84:52:73:2e:96:23:1d:2c:a8:15:d4:
b2:0b:34:c8:40:9e:82:9e:64:c3:70:d4:55:04:70:
34:8f:b2:ba:8f:b0:3a:48:36:ba:9d:d7:a4:ca:ab:
4b:35:a7:32:68:82:1c:c2:e4:91:2e:cf:28:dc:30:
88:2d:9d:8a:0c:ad:a1:d3:2b:f6:31:c7:5a:52:d4:
14:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B7:A4:3A:10:D8:E5:AF:56:55:DF:7D:B4:C4:F9:84:8E:46:19:3C
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LbekOhDY5a9WVd99tMT5hI5GGTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:cc:02:58:ab:86:80:7c:92:0d:e7:bb:6e:cd:da:62:4e:8e:
6c:09:14:f3:b9:8c:a6:a8:67:b5:33:c1:fd:a7:fa:ee:3f:c3:
d9:7e:9c:21:be:2e:71:e4:01:86:db:e4:ab:b9:39:bc:95:1d:
48:fa:6e:99:57:c1:c8:22:1d:d5:ad:f5:15:d0:7d:2d:f5:6b:
64:0c:2c:b8:43:9c:ae:38:1f:08:6e:14:1a:d7:fe:49:04:d1:
e5:51:3a:2c:03:29:7e:02:75:18:74:49:64:53:6c:53:e9:5a:
26:80:46:f5:04:c8:72:4b:b6:f5:c6:f4:bf:c4:45:b0:4f:3d:
ed:8d:be:3a:65:f3:2d:b9:fd:6d:4f:cf:a2:29:e4:39:e8:59:
10:d3:b0:6a:45:de:8b:38:24:78:d1:27:ac:26:0f:ff:ca:55:
af:1d:d0:79:da:e0:99:8c:fb:81:de:4b:1d:4a:52:67:1e:de:
cb:3e:fc:29:2f:28:9d:32:aa:8d:30:2a:47:95:ff:61:7d:d8:
2c:48:51:9d:c6:48:b1:ec:51:28:d2:d1:df:71:35:fc:10:73:
0f:3c:d4:50:f4:e9:c4:97:1e:d4:ab:50:e0:ba:6a:15:b5:4a:
01:94:cf:a2:0e:5e:7e:8b:38:35:03:6b:cc:39:9c:a9:45:ca:
89:ee:b2:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY291JP64Rl86chcNnoxNHIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjE4MjAwNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGI3YTQzYTEwZDhlNWFmNTY1NWRmN2RiNGM0Zjk4NDhlNDYxOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2MQFeOUw7kLjAEXGHQbfWADmECl
sucZ3jEQJJCdE7NEw9qFDYpXY7g99dsW8+6TLLkGPYuTZ7/3whSf4GqDJHzmO7Iz
6kAzO3w9W7djwPdLfwMiJ4whKMfZF1Qqgig5utGO2QTa7/+OGXf/DPdGmO9MV/gZ
shCyqNEIv64jBuH6SoC+1OZX3ckvy+F+rJx+wg9Yv7G4GoDr9tLnxxBYHIv3n3Eg
4gaTJdEKC5pm0OUMPXPo3GmHhFJzLpYjHSyoFdSyCzTIQJ6CnmTDcNRVBHA0j7K6
j7A6SDa6ndekyqtLNacyaIIcwuSRLs8o3DCILZ2KDK2h0yv2McdaUtQU6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC23pDoQ2OWvVlXffbTE+YSORhk8MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTGJla09oRFk1YTlXVmQ5OXRNVDVoSTVHR1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGEMA0G
CSqGSIb3DQEBCwUAA4IBAQB8zAJYq4aAfJIN57tuzdpiTo5sCRTzuYymqGe1M8H9
p/ruP8PZfpwhvi5x5AGG2+SruTm8lR1I+m6ZV8HIIh3VrfUV0H0t9WtkDCy4Q5yu
OB8IbhQa1/5JBNHlUTosAyl+AnUYdElkU2xT6VomgEb1BMhyS7b1xvS/xEWwTz3t
jb46ZfMtuf1tT8+iKeQ56FkQ07BqRd6LOCR40SesJg//ylWvHdB52uCZjPuB3ksd
SlJnHt7LPvwpLyidMqqNMCpHlf9hfdgsSFGdxkix7FEo0tHfcTX8EHMPPNRQ9OnE
lx7Uq1DgumoVtUoBlM+iDl5+izg1A2vMOZypRcqJ7rKy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org