Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XcyMFPKinINHTKgdjwMsCrR34vg.roa
File: XcyMFPKinINHTKgdjwMsCrR34vg.roa (raw, json)
Hash identifier: rZy2I9p1i44TM1JxDOR7wqJP7YcJRgNI3c3zwWutExc=
Subject key identifier: 5D:CC:8C:14:F2:A2:9C:83:47:4C:A8:1D:8F:03:2C:0A:B4:77:E2:F8
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0190A2656CA1A661D4E255945A964A661B71
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XcyMFPKinINHTKgdjwMsCrR34vg.roa
Signing time: Thu 11 Jul 2024 15:24:34 +0000
ROA not before: Thu 11 Jul 2024 15:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jul 2024 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:65:6c:a1:a6:61:d4:e2:55:94:5a:96:4a:66:1b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 11 15:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dcc8c14f2a29c83474ca81d8f032c0ab477e2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:88:a4:9b:53:7a:90:17:50:5d:dd:13:89:1c:
c7:a4:36:99:e2:95:64:99:52:8e:d9:b1:93:f6:38:
e1:01:40:bd:28:bb:68:5a:52:7b:aa:19:f7:ee:12:
f1:c0:fc:5d:8a:10:5a:7b:58:37:e6:00:07:86:21:
b0:1e:bc:22:49:43:49:c5:88:8b:fd:d5:53:44:ae:
51:56:7f:4e:b0:c7:32:6b:23:66:e8:49:4a:fa:94:
2d:74:8d:c2:ed:55:06:c5:57:dc:8a:b0:9f:10:a5:
3a:ed:a2:cf:67:20:eb:42:b8:7b:89:54:40:3e:18:
fc:fa:6f:bd:8d:d0:a8:0d:06:a7:66:a6:ef:b8:f9:
be:6b:a2:c3:f6:cf:5c:07:41:ed:81:2e:a8:2a:4e:
fc:67:3d:a1:c9:19:a6:72:19:c3:45:b8:48:da:69:
7f:66:90:22:cc:54:36:dd:5d:92:15:3c:84:50:82:
af:28:fe:5a:88:ef:f5:8d:4d:76:fa:ca:8b:17:9f:
2b:9a:89:e9:cd:14:aa:84:2a:ea:03:8a:71:08:3a:
8d:7d:cc:2c:f1:2f:61:10:10:54:70:21:be:29:cb:
5d:e4:05:fe:7d:e7:e8:01:23:24:66:fb:4b:20:05:
46:1d:d4:f0:30:5d:ae:6b:eb:62:e2:24:3d:f0:72:
a5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CC:8C:14:F2:A2:9C:83:47:4C:A8:1D:8F:03:2C:0A:B4:77:E2:F8
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XcyMFPKinINHTKgdjwMsCrR34vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:1a:dc:91:d8:4b:3e:2d:9f:82:bb:81:ce:6c:43:8e:a6:62:
f0:30:0d:82:8f:ae:d3:40:92:02:a4:63:ce:cc:89:ba:05:a7:
1f:23:f5:c8:ce:42:59:66:4e:50:81:96:c3:54:26:a4:8e:97:
03:64:1f:64:a3:55:10:2f:36:dd:7b:dc:2c:20:3c:b8:4c:7a:
c5:8f:f9:af:5a:1a:cd:7a:be:97:89:38:3b:e5:fa:3d:05:8e:
8a:62:19:fb:b4:42:af:76:cd:79:b3:2c:aa:a6:79:36:2e:cd:
7e:28:58:06:2c:fd:42:9c:f6:6b:45:c5:1a:1f:80:c5:a6:2a:
18:83:19:b2:e2:51:05:b1:c7:b7:a8:85:fd:58:42:72:0b:03:
cd:54:33:7c:73:dd:23:38:88:b0:26:60:d3:de:32:9f:0d:a7:
6f:f1:e0:f9:e0:5e:54:16:0e:ee:44:f9:bc:98:45:d3:88:74:
ae:f9:78:8a:d2:a9:12:b7:7a:d8:76:b3:c6:8e:7e:28:6c:95:
a9:90:c0:9b:53:b1:ec:a8:9b:5c:e8:2d:8a:78:ff:53:fb:31:
78:88:75:7c:0f:3f:6f:f7:99:31:a7:60:49:56:42:be:14:ee:
01:be:fd:ac:e5:21:87:31:f8:60:91:9a:85:23:68:cd:52:69:
60:ed:74:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCiZWyhpmHU4lWUWpZKZhtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNzExMTUyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNjOGMxNGYyYTI5YzgzNDc0Y2E4MWQ4ZjAzMmMwYWI0NzdlMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oikm1N6kBdQXd0TiRzHpDaZ4pVk
mVKO2bGT9jjhAUC9KLtoWlJ7qhn37hLxwPxdihBae1g35gAHhiGwHrwiSUNJxYiL
/dVTRK5RVn9OsMcyayNm6ElK+pQtdI3C7VUGxVfcirCfEKU67aLPZyDrQrh7iVRA
Phj8+m+9jdCoDQanZqbvuPm+a6LD9s9cB0HtgS6oKk78Zz2hyRmmchnDRbhI2ml/
ZpAizFQ23V2SFTyEUIKvKP5aiO/1jU12+sqLF58rmonpzRSqhCrqA4pxCDqNfcws
8S9hEBBUcCG+Kctd5AX+fefoASMkZvtLIAVGHdTwMF2ua+ti4iQ98HKl+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3MjBTyopyDR0yoHY8DLAq0d+L4MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvWGN5TUZQS2luSU5IVEtnZGp3TXNDclIzNHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqGtyR2Es+LZ+Cu4HObEOOpmLwMA2Cj67TQJICpGPO
zIm6BacfI/XIzkJZZk5QgZbDVCakjpcDZB9ko1UQLzbde9wsIDy4THrFj/mvWhrN
er6XiTg75fo9BY6KYhn7tEKvds15syyqpnk2Ls1+KFgGLP1CnPZrRcUaH4DFpioY
gxmy4lEFsce3qIX9WEJyCwPNVDN8c90jOIiwJmDT3jKfDadv8eD54F5UFg7uRPm8
mEXTiHSu+XiK0qkSt3rYdrPGjn4obJWpkMCbU7HsqJtc6C2KeP9T+zF4iHV8Dz9v
95kxp2BJVkK+FO4Bvv2s5SGHMfhgkZqFI2jNUmlg7XRE
-----END CERTIFICATE-----
Generated at Sun Jul 14 09:26:04 2024 by rpki-client on console-ams.rpki-client.org