Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/X_kvIEqiEYjQ_SrKseFAdzWq0z8.roa
File: X_kvIEqiEYjQ_SrKseFAdzWq0z8.roa (raw, json)
Hash identifier: 2EfyCdZmbQyUQPcKy/fmtWU2ihEa2nxTDw5OCXhXKDQ=
Subject key identifier: 5F:F9:2F:20:4A:A2:11:88:D0:FD:2A:CA:B1:E1:40:77:35:AA:D3:3F
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0190DFFAE03EDDF71F00B06C7F57BE45E404
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/X_kvIEqiEYjQ_SrKseFAdzWq0z8.roa
Signing time: Tue 23 Jul 2024 14:24:38 +0000
ROA not before: Tue 23 Jul 2024 14:24:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 03:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:fa:e0:3e:dd:f7:1f:00:b0:6c:7f:57:be:45:e4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 23 14:24:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff92f204aa21188d0fd2acab1e1407735aad33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:8d:fe:f3:a5:13:0e:c2:83:69:45:31:97:
a3:28:47:9f:56:67:7b:cc:1a:eb:34:44:3f:94:26:
93:41:8e:fc:27:b5:47:b8:6c:76:61:3a:d9:97:c1:
1c:f8:20:55:79:e7:70:21:d1:27:1e:7b:b8:8a:82:
52:7e:d8:b9:a5:67:32:76:3c:3a:83:89:30:f4:5d:
39:cf:54:4f:09:30:33:a6:f6:ee:5a:f5:6b:65:dd:
2e:ca:10:ba:67:11:69:45:d5:06:39:2d:36:e2:12:
04:13:6c:6f:ca:dd:d7:31:c2:87:5a:4d:da:fb:0c:
e2:54:1b:b8:59:1e:95:d5:51:78:2d:08:ee:21:43:
f6:ae:ee:d9:0b:a3:ee:98:83:e0:7c:7c:6a:71:59:
ee:3c:af:93:ec:31:f3:39:be:0c:2a:bb:57:31:0d:
a5:df:14:8d:ee:bb:9a:33:be:e5:b6:ad:d2:61:4f:
6e:98:ee:a8:33:42:5d:cd:af:8f:f7:1d:79:64:58:
d6:e8:8e:ae:0e:9c:fb:68:83:a1:c7:13:ff:2d:23:
95:78:8a:ca:10:71:a2:56:7b:37:16:7c:b9:b6:4c:
f8:d5:14:6b:a8:c2:e2:72:04:bc:5b:5d:0b:d4:b5:
05:90:cb:05:0b:e8:6b:63:2e:15:bb:9a:67:68:0f:
66:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F9:2F:20:4A:A2:11:88:D0:FD:2A:CA:B1:E1:40:77:35:AA:D3:3F
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/X_kvIEqiEYjQ_SrKseFAdzWq0z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:a0:14:74:49:3f:bd:4c:ec:1e:e3:aa:48:64:5d:1b:d9:fb:
ed:19:dc:1e:11:af:94:89:38:4e:06:e0:59:11:63:37:b9:33:
5c:9f:ec:5c:b6:c2:0e:88:89:8b:72:88:96:83:39:8d:3c:aa:
4c:be:79:21:28:1f:78:57:0b:97:01:a8:ac:e0:5b:ca:98:eb:
5a:73:a6:18:ae:4a:a2:46:34:f2:b5:9b:be:a3:e4:b3:70:b9:
1d:b9:87:02:ff:91:93:b1:06:19:d8:d8:26:8b:0a:9a:7c:6b:
5a:5f:f7:d4:b6:ca:a6:a7:08:e3:08:57:ef:13:1e:3e:70:41:
bc:3f:71:76:54:3b:9c:b1:c2:b2:9b:b3:15:cf:21:42:ce:ef:
37:fe:ef:77:61:cd:e4:dc:fd:2d:c7:1e:a5:4c:dd:22:a1:62:
10:4e:cb:12:99:30:bd:9e:a6:68:4e:f2:ec:bb:94:1c:9b:cd:
8f:7b:31:d9:3b:fe:5c:e4:ae:d3:64:b4:f3:89:c4:ba:f4:a4:
8e:ed:03:da:da:e7:37:6e:0f:b6:b8:3f:ff:4f:2e:c2:bf:49:
7e:03:54:3c:6a:ef:85:c0:07:ff:6c:12:ff:25:88:2d:23:c0:
33:2d:ee:d5:ba:be:8d:52:ac:a5:2b:c8:0b:e3:cc:4a:93:02:
56:8c:ec:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDf+uA+3fcfALBsf1e+ReQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNzIzMTQyNDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY5MmYyMDRhYTIxMTg4ZDBmZDJhY2FiMWUxNDA3NzM1YWFkMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOCN/vOlEw7Cg2lFMZejKEefVmd7
zBrrNEQ/lCaTQY78J7VHuGx2YTrZl8Ec+CBVeedwIdEnHnu4ioJSfti5pWcydjw6
g4kw9F05z1RPCTAzpvbuWvVrZd0uyhC6ZxFpRdUGOS024hIEE2xvyt3XMcKHWk3a
+wziVBu4WR6V1VF4LQjuIUP2ru7ZC6PumIPgfHxqcVnuPK+T7DHzOb4MKrtXMQ2l
3xSN7ruaM77ltq3SYU9umO6oM0Jdza+P9x15ZFjW6I6uDpz7aIOhxxP/LSOVeIrK
EHGiVns3Fny5tkz41RRrqMLicgS8W10L1LUFkMsFC+hrYy4Vu5pnaA9m5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/5LyBKohGI0P0qyrHhQHc1qtM/MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvWF9rdklFcWlFWWpRX1NyS3NlRkFkeldxMHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvNGAAwQA
wg9hMA0GCSqGSIb3DQEBCwUAA4IBAQBuoBR0ST+9TOwe46pIZF0b2fvtGdweEa+U
iThOBuBZEWM3uTNcn+xctsIOiImLcoiWgzmNPKpMvnkhKB94VwuXAais4FvKmOta
c6YYrkqiRjTytZu+o+SzcLkduYcC/5GTsQYZ2NgmiwqafGtaX/fUtsqmpwjjCFfv
Ex4+cEG8P3F2VDucscKym7MVzyFCzu83/u93Yc3k3P0txx6lTN0ioWIQTssSmTC9
nqZoTvLsu5Qcm82PezHZO/5c5K7TZLTzicS69KSO7QPa2uc3bg+2uD//Ty7Cv0l+
A1Q8au+FwAf/bBL/JYgtI8AzLe7Vur6NUqylK8gL48xKkwJWjOzi
-----END CERTIFICATE-----
Generated at Sat Jul 27 05:29:13 2024 by rpki-client on console-fra.rpki-client.org