Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ab7TqaPgFrrbPku2v6bAOLyjoI4.roa
File: ab7TqaPgFrrbPku2v6bAOLyjoI4.roa (raw, json)
Hash identifier: OFFWt4wEECHc1Z5CWyWMrXayOx3LOUbo+6XH4e+euTc=
Subject key identifier: 69:BE:D3:A9:A3:E0:16:BA:DB:3E:4B:B6:BF:A6:C0:38:BC:A3:A0:8E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0190B6E53B6423C2ADFC88B6456A19229BBB
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ab7TqaPgFrrbPku2v6bAOLyjoI4.roa
Signing time: Mon 15 Jul 2024 14:56:34 +0000
ROA not before: Mon 15 Jul 2024 14:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 14:24:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b6:e5:3b:64:23:c2:ad:fc:88:b6:45:6a:19:22:9b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 15 14:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69bed3a9a3e016badb3e4bb6bfa6c038bca3a08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:93:c1:bc:bf:09:cf:64:49:93:05:c2:db:3d:
21:47:43:b0:e5:d7:c0:a6:d4:a8:eb:74:e5:43:69:
e5:1f:54:3b:0b:59:22:fc:97:58:5f:dc:09:a5:85:
45:97:6e:c6:d5:a3:23:62:15:d7:25:4d:26:8b:09:
e9:02:4b:c5:fd:d9:60:ef:7e:42:32:84:72:08:11:
ac:3f:42:41:0f:6b:d0:00:82:49:01:ca:dd:4d:5d:
c3:43:d4:7e:5a:2f:b3:6f:f6:d3:2e:c9:7c:a5:04:
14:11:51:01:30:69:ff:62:3c:b7:b1:72:04:bf:5c:
f1:4b:f7:16:64:f7:30:91:d7:35:63:87:a2:c2:8a:
2d:d0:1c:b9:65:f0:f0:6b:cb:fd:97:9c:40:05:b5:
0b:df:93:27:50:2c:df:33:27:1d:03:83:d9:78:12:
ae:02:43:a5:67:4c:84:4b:9b:2a:58:cc:e4:b3:07:
dc:4f:b6:ce:25:b1:92:94:8e:25:32:eb:63:2b:28:
91:71:b3:9d:77:dd:eb:44:a3:a9:62:3f:cd:27:c9:
b2:48:56:b7:fb:18:e1:0f:4f:be:19:ba:b1:c1:3c:
9f:5b:78:28:5e:78:d7:c6:11:6f:f0:5f:4a:30:e9:
e0:8a:1f:69:86:6e:d5:19:7e:27:dd:2b:c3:3c:2e:
27:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BE:D3:A9:A3:E0:16:BA:DB:3E:4B:B6:BF:A6:C0:38:BC:A3:A0:8E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ab7TqaPgFrrbPku2v6bAOLyjoI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:18:c9:0b:35:93:49:54:9a:70:ab:ec:b6:79:12:3e:dd:dd:
b4:3e:97:6f:1c:2d:b6:13:1b:c0:08:0b:89:f0:ef:f7:79:87:
8a:f3:bc:18:43:df:59:38:0b:51:6a:ca:8b:0c:49:ff:e6:04:
a5:34:87:5f:34:43:87:19:c2:f8:36:1d:35:91:67:b9:5d:ae:
33:a2:da:5e:5a:11:38:43:83:95:9b:56:7a:c5:cf:76:e2:c5:
50:54:68:16:9f:54:34:11:b6:04:3e:22:7e:95:fd:b9:31:76:
ba:67:4d:c2:7b:34:39:62:f6:31:ef:e1:9b:9f:fd:e9:7f:2d:
86:f5:cc:3b:b6:ea:d4:dc:6f:d8:2d:cd:ef:23:2e:16:8f:68:
5f:ae:96:12:b3:86:69:6e:49:33:49:88:93:54:85:27:be:5a:
59:3d:86:61:da:88:b7:e0:87:43:8d:10:da:33:e6:57:9b:bf:
96:db:ec:1b:a6:31:4b:c6:7e:19:e8:e9:89:2c:3e:5c:87:fe:
a2:ab:b6:bb:7a:d9:89:f2:25:e9:6c:32:3f:4e:7c:3a:62:cf:
2e:b4:54:27:81:12:1b:b3:4d:ba:ee:12:95:8f:db:7c:6d:b2:
7d:88:4d:91:70:d5:25:93:9a:a0:54:2c:7f:e5:49:31:1f:a7:
da:16:77:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC25TtkI8Kt/Ii2RWoZIpu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNzE1MTQ1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJlZDNhOWEzZTAxNmJhZGIzZTRiYjZiZmE2YzAzOGJjYTNhMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55PBvL8Jz2RJkwXC2z0hR0Ow5dfA
ptSo63TlQ2nlH1Q7C1ki/JdYX9wJpYVFl27G1aMjYhXXJU0miwnpAkvF/dlg735C
MoRyCBGsP0JBD2vQAIJJAcrdTV3DQ9R+Wi+zb/bTLsl8pQQUEVEBMGn/Yjy3sXIE
v1zxS/cWZPcwkdc1Y4eiwoot0By5ZfDwa8v9l5xABbUL35MnUCzfMycdA4PZeBKu
AkOlZ0yES5sqWMzkswfcT7bOJbGSlI4lMutjKyiRcbOdd93rRKOpYj/NJ8mySFa3
+xjhD0++GbqxwTyfW3goXnjXxhFv8F9KMOngih9phm7VGX4n3SvDPC4ngwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGm+06mj4Ba62z5Ltr+mwDi8o6COMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvYWI3VHFhUGdGcnJiUGt1MnY2YkFPTHlqb0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQBNGMkLNZNJVJpwq+y2eRI+3d20PpdvHC22ExvACAuJ
8O/3eYeK87wYQ99ZOAtRasqLDEn/5gSlNIdfNEOHGcL4Nh01kWe5Xa4zotpeWhE4
Q4OVm1Z6xc924sVQVGgWn1Q0EbYEPiJ+lf25MXa6Z03CezQ5YvYx7+Gbn/3pfy2G
9cw7turU3G/YLc3vIy4Wj2hfrpYSs4ZpbkkzSYiTVIUnvlpZPYZh2oi34IdDjRDa
M+ZXm7+W2+wbpjFLxn4Z6OmJLD5ch/6iq7a7etmJ8iXpbDI/Tnw6Ys8utFQngRIb
s0267hKVj9t8bbJ9iE2RcNUlk5qgVCx/5UkxH6faFndD
-----END CERTIFICATE-----
Generated at Tue Jul 23 16:54:49 2024 by rpki-client on console-fra.rpki-client.org