Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/YFFHRuY7nrZxs-64he-cYW79zW0.roa
File: YFFHRuY7nrZxs-64he-cYW79zW0.roa (raw, json)
Hash identifier: hP5HEkLi8178sZVnzP2TzBRMXYIorL+M7bo0Wr+ClwE=
Subject key identifier: 60:51:47:46:E6:3B:9E:B6:71:B3:EE:B8:85:EF:9C:61:6E:FD:CD:6D
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0191F7110B3E307A4859439D655369291C7C
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/YFFHRuY7nrZxs-64he-cYW79zW0.roa
Signing time: Sun 15 Sep 2024 19:02:55 +0000
ROA not before: Sun 15 Sep 2024 19:02:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.131.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 21:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f7:11:0b:3e:30:7a:48:59:43:9d:65:53:69:29:1c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Sep 15 19:02:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60514746e63b9eb671b3eeb885ef9c616efdcd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1a:93:06:57:ae:8c:07:50:33:2e:60:22:6d:
30:c3:09:e8:f7:88:14:b8:7d:85:b0:47:17:f7:66:
3d:6e:fb:ba:e7:04:92:d3:7e:d4:92:c4:ab:f9:76:
f5:b0:46:10:ef:09:99:3d:82:86:54:4b:10:87:ca:
42:b3:09:e0:59:9a:c3:48:79:ed:7b:cf:2d:6f:d4:
6d:0a:b4:86:fb:39:44:cf:df:d1:db:c5:c9:86:fe:
2e:9b:be:66:88:a9:2d:54:3a:34:71:08:d2:fc:b7:
b4:88:3d:3f:ed:50:78:0e:45:10:3a:fe:21:89:5b:
ef:50:d5:14:d0:50:4d:d9:c5:16:06:5e:c6:46:52:
67:26:66:d7:9f:02:62:33:f2:a5:22:ba:14:ac:37:
67:5d:0d:2b:cb:e3:ee:45:86:cd:06:d4:90:e5:9d:
38:91:0a:13:9d:5c:0e:9c:4c:80:87:57:b9:08:a6:
50:be:03:a9:be:94:9f:35:f6:0c:9d:47:eb:b6:c3:
ac:e6:ac:96:7c:b4:a3:32:27:61:3e:23:c6:32:b3:
74:56:8b:6c:72:16:89:df:41:e9:57:62:1a:8e:d4:
27:94:7a:24:32:a5:30:2b:3c:f5:95:f8:2b:4c:f4:
5c:3b:58:d5:17:5e:89:e9:60:2d:95:71:cb:3f:3f:
1d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:51:47:46:E6:3B:9E:B6:71:B3:EE:B8:85:EF:9C:61:6E:FD:CD:6D
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/YFFHRuY7nrZxs-64he-cYW79zW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.131.0-188.209.135.255
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
73:16:87:a4:42:29:72:b8:43:be:a2:cf:e1:ac:af:22:5d:ed:
cb:4d:94:28:5e:f5:66:aa:67:8f:04:a9:68:3d:7c:e2:27:81:
48:13:d4:d0:d2:1c:23:19:5d:a5:b7:a0:b5:f4:77:fd:76:22:
7a:a9:c8:dc:db:bb:0c:db:88:35:92:ae:5d:7b:15:05:48:32:
09:47:0b:e2:50:7b:7b:df:7c:85:77:2d:36:5c:94:fb:bc:06:
5a:20:26:8a:c7:f0:0f:32:fa:bc:6e:d3:3b:bb:46:c9:43:de:
7c:7d:19:f7:dc:5f:06:74:fa:73:9f:8d:8d:28:56:60:c9:53:
ba:64:cb:ce:56:d2:44:50:81:fd:2b:89:a7:de:b7:31:34:74:
c5:a1:a1:b0:1d:b9:8b:67:09:77:bc:72:ca:b7:e0:ef:cb:8a:
75:90:0e:6e:02:54:fa:99:79:2b:01:22:4e:80:dd:30:24:f1:
17:5c:3b:e3:82:4f:c1:4a:1e:cd:2a:f0:98:e2:54:04:1d:51:
35:2c:9c:cb:e8:6e:d8:cf:47:8d:2a:50:43:96:13:fe:77:9d:
4d:dd:25:c3:33:59:9b:2e:7b:c0:e2:b0:ac:04:40:51:dd:4a:
75:70:37:68:03:fa:e3:5c:3d:01:86:cb:c3:b2:5a:8f:be:c6:
66:7c:21:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZH3EQs+MHpIWUOdZVNpKRx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwOTE1MTkwMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUxNDc0NmU2M2I5ZWI2NzFiM2VlYjg4NWVmOWM2MTZlZmRjZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xqTBleujAdQMy5gIm0wwwno94gU
uH2FsEcX92Y9bvu65wSS037UksSr+Xb1sEYQ7wmZPYKGVEsQh8pCswngWZrDSHnt
e88tb9RtCrSG+zlEz9/R28XJhv4um75miKktVDo0cQjS/Le0iD0/7VB4DkUQOv4h
iVvvUNUU0FBN2cUWBl7GRlJnJmbXnwJiM/KlIroUrDdnXQ0ry+PuRYbNBtSQ5Z04
kQoTnVwOnEyAh1e5CKZQvgOpvpSfNfYMnUfrtsOs5qyWfLSjMidhPiPGMrN0Vots
chaJ30HpV2IajtQnlHokMqUwKzz1lfgrTPRcO1jVF16J6WAtlXHLPz8diQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGBRR0bmO562cbPuuIXvnGFu/c1tMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvWUZGSFJ1WTduclp4cy02NGhlLWNZVzc5elcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC80YMD
BAO80YADBAC80YswDQYJKoZIhvcNAQELBQADggEBAHMWh6RCKXK4Q76iz+GsryJd
7ctNlChe9WaqZ48EqWg9fOIngUgT1NDSHCMZXaW3oLX0d/12InqpyNzbuwzbiDWS
rl17FQVIMglHC+JQe3vffIV3LTZclPu8BlogJorH8A8y+rxu0zu7RslD3nx9Gffc
XwZ0+nOfjY0oVmDJU7pky85W0kRQgf0riafetzE0dMWhobAduYtnCXe8csq34O/L
inWQDm4CVPqZeSsBIk6A3TAk8RdcO+OCT8FKHs0q8JjiVAQdUTUsnMvobtjPR40q
UEOWE/53nU3dJcMzWZsue8DisKwEQFHdSnVwN2gD+uNcPQGGy8OyWo++xmZ8Ics=
-----END CERTIFICATE-----
Generated at Tue Sep 17 00:24:21 2024 by rpki-client on console-fra.rpki-client.org