Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/f1AaMXhu8lFo1GH04jZKg1gtlZA.roa
File: f1AaMXhu8lFo1GH04jZKg1gtlZA.roa (raw, json)
Hash identifier: BWQ2YqPV2N5Y977O/cUbEUUL+8leK+1ta5CBL/GvukI=
Subject key identifier: 7F:50:1A:31:78:6E:F2:51:68:D4:61:F4:E2:36:4A:83:58:2D:95:90
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 019142DA3E790E30C904BA6863D35A284CBC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/f1AaMXhu8lFo1GH04jZKg1gtlZA.roa
Signing time: Sun 11 Aug 2024 19:11:24 +0000
ROA not before: Sun 11 Aug 2024 19:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.137.0/24 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 19:25:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:42:da:3e:79:0e:30:c9:04:ba:68:63:d3:5a:28:4c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 11 19:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f501a31786ef25168d461f4e2364a83582d9590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:d2:79:d7:f6:26:e7:3c:88:6a:55:38:c4:
9f:09:33:7b:a2:8c:fb:ba:50:e6:65:83:c0:cb:41:
ac:bc:83:77:32:bd:2f:02:4a:d3:2a:30:5d:5e:d1:
a6:60:cd:75:3c:95:48:34:06:c0:23:1e:eb:40:4f:
02:93:ec:71:a7:2f:8a:44:77:dc:e3:ab:24:ae:77:
a5:2d:22:ee:d9:fb:30:11:20:21:4d:0f:93:4e:af:
85:76:04:82:d4:c5:86:52:f7:21:53:0e:93:7a:26:
32:7e:db:64:5f:a8:0e:60:b3:fb:86:f5:f5:24:26:
2b:2b:ad:ba:c3:96:38:8e:d6:5a:a6:ea:c5:32:44:
91:ff:da:68:3f:eb:8a:c0:85:88:b5:06:a9:ab:67:
80:c7:7f:e3:a2:63:24:6a:97:d5:10:64:97:cc:c9:
f9:f1:db:5d:53:b6:a1:86:13:86:d1:71:0f:0b:7a:
2d:79:4d:fb:73:74:35:0d:fd:22:05:7d:99:a3:4b:
dc:4e:78:53:08:8a:bb:82:9d:cf:41:17:ac:55:7a:
09:cd:68:e0:16:01:51:eb:7e:a5:bb:58:89:41:4f:
b7:26:61:43:93:a8:ca:98:d1:25:cf:9e:54:aa:34:
00:be:43:45:e1:a6:34:6a:3c:fe:ab:68:4a:02:c2:
81:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:50:1A:31:78:6E:F2:51:68:D4:61:F4:E2:36:4A:83:58:2D:95:90
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/f1AaMXhu8lFo1GH04jZKg1gtlZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
188.209.137.0/24
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:1c:9b:7e:a0:bb:a5:62:ae:8c:cd:0d:a9:f3:9b:71:ae:2a:
4e:7f:a8:08:d8:bc:1b:12:65:0a:8c:1d:2d:93:aa:2c:00:25:
73:ac:46:f7:58:2b:d5:f1:17:12:42:b0:13:91:d8:2c:e6:1d:
db:01:f1:e9:02:1d:4a:9a:98:f1:be:be:2c:16:5a:24:a2:94:
59:30:34:06:7c:74:04:13:61:2a:d4:df:8c:a9:47:22:c2:ba:
b2:eb:d3:67:7f:0f:9e:76:28:53:d7:9f:9b:9a:bc:9b:f3:e4:
60:9c:de:ae:64:6d:02:cd:e9:68:57:a5:ca:71:9c:b1:e5:06:
f8:5f:35:96:ae:9d:a1:b2:31:b4:2a:0f:50:6b:fc:ed:29:38:
ea:a7:4a:d2:b6:57:24:50:0b:b4:22:09:2e:0c:9f:a7:9b:eb:
18:28:e7:a9:16:38:82:61:ad:98:c1:7b:9c:d4:36:ed:14:78:
ce:66:3e:6c:bc:e0:ff:19:1a:fc:a2:66:10:25:d1:71:df:b2:
3a:50:a4:ab:9e:ef:85:b2:21:0d:18:e6:f0:bf:22:4f:33:11:
80:c1:75:0a:b3:31:f2:ce:40:b9:7e:f9:30:6b:b8:e9:c6:29:
8b:b0:b0:1b:86:23:3f:ba:d1:b3:ff:43:7c:f2:35:7c:a5:aa:
5c:cc:a5:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFC2j55DjDJBLpoY9NaKEy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwODExMTkxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjUwMWEzMTc4NmVmMjUxNjhkNDYxZjRlMjM2NGE4MzU4MmQ5NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbzSedf2Juc8iGpVOMSfCTN7ooz7
ulDmZYPAy0GsvIN3Mr0vAkrTKjBdXtGmYM11PJVINAbAIx7rQE8Ck+xxpy+KRHfc
46skrnelLSLu2fswESAhTQ+TTq+FdgSC1MWGUvchUw6TeiYyfttkX6gOYLP7hvX1
JCYrK626w5Y4jtZapurFMkSR/9poP+uKwIWItQapq2eAx3/jomMkapfVEGSXzMn5
8dtdU7ahhhOG0XEPC3oteU37c3Q1Df0iBX2Zo0vcTnhTCIq7gp3PQResVXoJzWjg
FgFR636lu1iJQU+3JmFDk6jKmNElz55UqjQAvkNF4aY0ajz+q2hKAsKBsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH9QGjF4bvJRaNRh9OI2SoNYLZWQMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvZjFBYU1YaHU4bEZvMUdIMDRqWktnMWd0bFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDvNGAAwQA
vNGJAwQAwg9hMA0GCSqGSIb3DQEBCwUAA4IBAQAOHJt+oLulYq6MzQ2p85txripO
f6gI2LwbEmUKjB0tk6osACVzrEb3WCvV8RcSQrATkdgs5h3bAfHpAh1Kmpjxvr4s
FlokopRZMDQGfHQEE2Eq1N+MqUciwrqy69Nnfw+edihT15+bmryb8+RgnN6uZG0C
zeloV6XKcZyx5Qb4XzWWrp2hsjG0Kg9Qa/ztKTjqp0rStlckUAu0IgkuDJ+nm+sY
KOepFjiCYa2YwXuc1DbtFHjOZj5svOD/GRr8omYQJdFx37I6UKSrnu+FsiENGObw
vyJPMxGAwXUKszHyzkC5fvkwa7jpximLsLAbhiM/utGz/0N88jV8papczKX2
-----END CERTIFICATE-----
Generated at Tue Aug 13 22:07:14 2024 by rpki-client on console-ams.rpki-client.org