Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XrLBTuOqNIQ000e1kMQUpJDlSwI.roa
File: XrLBTuOqNIQ000e1kMQUpJDlSwI.roa (raw, json)
Hash identifier: A/QCkz888behw/1e+ZzqLW9/GamGi8i8vLhA6O6ZQJY=
Subject key identifier: 5E:B2:C1:4E:E3:AA:34:84:34:D3:47:B5:90:C4:14:A4:90:E5:4B:02
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018DF6A337EBA60883CA0D1BE2E766A2E05E
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XrLBTuOqNIQ000e1kMQUpJDlSwI.roa
Signing time: Thu 29 Feb 2024 20:51:48 +0000
ROA not before: Thu 29 Feb 2024 20:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59895
IP address blocks: 188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 21:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f6:a3:37:eb:a6:08:83:ca:0d:1b:e2:e7:66:a2:e0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 29 20:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5eb2c14ee3aa348434d347b590c414a490e54b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:de:ad:67:ea:69:a7:98:a9:b8:e8:c9:c0:a8:
73:ab:79:64:c7:70:4d:1e:84:16:39:2f:d8:b5:66:
74:23:2e:e5:dd:93:03:3a:b8:e4:84:56:53:4e:d5:
6b:60:00:92:1e:5c:cb:be:27:f3:25:14:db:3b:c8:
8a:be:8e:51:a8:76:f4:00:eb:80:7b:61:27:38:81:
6b:60:2a:ed:e6:8d:8e:6a:02:15:53:72:0c:ec:7e:
a9:39:79:1c:f3:fd:87:4a:b6:71:24:6c:0c:24:d6:
8d:bd:48:fc:c4:0b:d7:2f:1e:d3:71:95:f3:bf:a1:
09:65:3c:33:6f:e2:d6:02:9f:85:8d:e9:c9:55:b0:
8e:eb:d5:3a:a7:15:e8:89:23:85:1d:aa:13:82:b5:
60:d7:fc:a3:dc:c2:2c:68:95:74:2d:d0:7e:d7:1c:
ca:e6:0d:9a:1d:5f:20:7d:e8:b1:a3:6b:01:eb:d9:
a9:f8:c7:3e:ab:2b:d0:89:e8:58:a4:cb:1d:30:f1:
19:ec:f9:a9:2c:1c:ce:20:6c:f3:20:d7:df:b5:7f:
4f:37:d2:b9:b7:ab:25:0b:33:0b:20:16:4c:d1:0b:
6b:bb:44:12:e6:e4:3d:c5:b5:e0:9a:15:d2:40:d3:
44:ad:0d:44:47:09:e2:19:96:38:42:ad:09:3f:f0:
d8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B2:C1:4E:E3:AA:34:84:34:D3:47:B5:90:C4:14:A4:90:E5:4B:02
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/XrLBTuOqNIQ000e1kMQUpJDlSwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:04:19:52:27:af:db:46:bf:2c:d4:25:f9:73:e9:1e:85:ca:
2b:d8:ef:b1:06:db:a6:c8:a7:7c:f6:ff:1d:4f:55:3f:73:f6:
8a:61:6d:e1:8e:31:00:f4:4a:78:6a:64:ff:a2:64:58:71:90:
92:45:51:82:0c:ca:8f:76:db:61:49:de:3d:9d:d7:bd:e5:15:
6c:bc:62:3d:2c:e4:6d:80:49:a4:0e:2e:84:7c:b5:71:07:04:
86:f1:ee:3d:2c:e5:8b:52:c6:d9:64:3b:1c:51:3f:09:95:10:
0b:70:30:1b:c9:3e:39:5d:ae:44:80:05:79:e6:ec:9f:86:a2:
4e:8d:ab:2e:a1:88:44:29:ca:09:59:e9:fe:75:f2:eb:2f:97:
d0:f7:62:90:d4:a0:06:8a:61:72:d6:35:ac:be:c6:d8:3a:ea:
75:65:48:1a:fa:81:3a:51:fc:16:0a:ca:ea:b9:27:67:a0:5a:
33:3b:ae:1f:7f:ce:b9:2e:4e:12:39:36:7d:8a:b2:13:79:71:
ac:5d:2b:b7:d6:45:5b:f7:e9:7a:f8:e7:31:8d:3c:15:f3:b6:
68:d6:ea:86:8f:3d:22:a6:9c:95:79:3f:14:96:97:71:ac:cf:
70:d2:40:e9:69:77:cc:7e:37:7c:49:24:14:a3:fa:1e:7f:3c:
e1:64:04:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY32ozfrpgiDyg0b4udmouBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjI5MjA1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWIyYzE0ZWUzYWEzNDg0MzRkMzQ3YjU5MGM0MTRhNDkwZTU0YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN6tZ+ppp5ipuOjJwKhzq3lkx3BN
HoQWOS/YtWZ0Iy7l3ZMDOrjkhFZTTtVrYACSHlzLvifzJRTbO8iKvo5RqHb0AOuA
e2EnOIFrYCrt5o2OagIVU3IM7H6pOXkc8/2HSrZxJGwMJNaNvUj8xAvXLx7TcZXz
v6EJZTwzb+LWAp+FjenJVbCO69U6pxXoiSOFHaoTgrVg1/yj3MIsaJV0LdB+1xzK
5g2aHV8gfeixo2sB69mp+Mc+qyvQiehYpMsdMPEZ7PmpLBzOIGzzINfftX9PN9K5
t6slCzMLIBZM0Qtru0QS5uQ9xbXgmhXSQNNErQ1ERwniGZY4Qq0JP/DY9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6ywU7jqjSENNNHtZDEFKSQ5UsCMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvWHJMQlR1T3FOSVEwMDBlMWtNUVVwSkRsU3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGLMA0G
CSqGSIb3DQEBCwUAA4IBAQCKBBlSJ6/bRr8s1CX5c+kehcor2O+xBtumyKd89v8d
T1U/c/aKYW3hjjEA9Ep4amT/omRYcZCSRVGCDMqPdtthSd49nde95RVsvGI9LORt
gEmkDi6EfLVxBwSG8e49LOWLUsbZZDscUT8JlRALcDAbyT45Xa5EgAV55uyfhqJO
jasuoYhEKcoJWen+dfLrL5fQ92KQ1KAGimFy1jWsvsbYOup1ZUga+oE6UfwWCsrq
uSdnoFozO64ff865Lk4SOTZ9irITeXGsXSu31kVb9+l6+OcxjTwV87Zo1uqGjz0i
ppyVeT8UlpdxrM9w0kDpaXfMfjd8SSQUo/oefzzhZASd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org