Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/hKh9CBlNi4T6ZtwrCK_M__BLnw4.roa
File: hKh9CBlNi4T6ZtwrCK_M__BLnw4.roa (raw, json)
Hash identifier: SdaQfOzi8M5CwInkv4gZeZa03S3WUNNHyMNeIVuHSgY=
Subject key identifier: 84:A8:7D:08:19:4D:8B:84:FA:66:DC:2B:08:AF:CC:FF:F0:4B:9F:0E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01920EBF9241B3BC96003641AD4E2A8D58FC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/hKh9CBlNi4T6ZtwrCK_M__BLnw4.roa
Signing time: Fri 20 Sep 2024 09:24:48 +0000
ROA not before: Fri 20 Sep 2024 09:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 188.209.131.0/24 maxlen: 24
188.209.134.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 11:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:bf:92:41:b3:bc:96:00:36:41:ad:4e:2a:8d:58:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Sep 20 09:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84a87d08194d8b84fa66dc2b08afccfff04b9f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d4:74:35:e5:83:17:c5:78:88:30:80:1e:e2:
61:2c:f0:69:61:53:2c:08:2a:30:4e:33:1e:91:3d:
13:89:ea:6e:02:9f:73:65:e5:aa:cd:31:4e:55:c1:
86:27:0e:4b:46:a5:ae:99:48:4f:9d:f4:18:9b:2d:
bc:45:f0:50:ca:97:46:88:78:f7:4c:99:b0:40:23:
3c:8b:7e:ac:85:ae:62:90:a4:f6:ea:3f:4d:1b:b8:
0c:18:4a:0b:c5:10:de:b4:77:3e:c0:86:03:7a:84:
81:7b:3d:8f:21:ef:4d:08:24:2c:28:e5:08:a1:f8:
6c:87:92:51:e4:62:b2:0d:1f:ed:84:a9:08:f0:52:
5f:5e:dd:48:68:77:80:7b:a9:e1:44:74:56:0f:fb:
26:5f:7c:f6:da:99:04:fb:dc:9e:63:9c:fb:13:7f:
ea:42:aa:39:5f:28:d7:e2:81:c5:6e:31:04:c3:78:
5e:c0:74:3e:29:c6:15:98:6a:0c:bd:6f:38:a5:6e:
80:93:a5:5a:5b:a9:0d:37:aa:84:02:df:75:f1:06:
f7:0a:e2:64:fc:c0:39:11:cc:0e:9e:0d:c8:c3:e7:
f7:65:0d:af:89:19:9d:dc:c4:4f:a9:85:80:86:06:
b3:a6:0c:cc:7b:de:22:96:af:73:7d:fa:62:a5:0b:
17:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A8:7D:08:19:4D:8B:84:FA:66:DC:2B:08:AF:CC:FF:F0:4B:9F:0E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/hKh9CBlNi4T6ZtwrCK_M__BLnw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.131.0/24
188.209.134.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
72:bd:ae:a5:9b:2e:7a:b9:e4:0d:f5:80:1a:cd:d8:96:35:fc:
12:fd:8c:25:36:d9:b0:f4:56:48:61:35:eb:d7:4f:1f:88:b3:
8e:45:fb:5b:11:54:f6:0d:22:25:d7:67:65:90:79:01:0d:2a:
84:12:cd:ac:70:80:c8:e4:08:54:59:a9:11:55:e5:1c:28:5a:
0d:d4:3e:94:3f:6f:1b:05:46:80:c5:6d:7b:34:bf:e9:91:fa:
13:cf:2b:c3:8d:72:eb:db:79:d5:22:fb:4b:05:78:5c:d4:72:
a3:12:0b:ac:26:94:72:a9:54:b6:9a:a5:b6:b1:f1:f6:92:87:
37:13:d9:5a:8a:26:6e:25:61:62:65:b4:3b:fc:e1:d3:70:11:
ed:69:82:69:c5:94:de:e9:7c:39:af:8a:bf:4e:aa:c8:05:10:
d7:a8:db:bf:1e:9a:2a:ef:4d:b0:04:55:84:6a:1a:74:6c:55:
33:0c:c4:6c:fc:cc:18:3c:0a:51:2b:cd:bb:32:66:6b:d0:93:
5c:fe:86:4b:f0:cb:61:c5:47:d5:43:3b:e5:9c:75:40:23:b2:
8e:53:4b:9d:0a:50:ff:45:37:a5:5d:3b:d3:03:02:a0:b5:f9:
b8:2e:99:bf:79:16:db:06:66:c9:8d:2e:95:d4:1c:be:44:a7:
5a:9e:c2:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIOv5JBs7yWADZBrU4qjVj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwOTIwMDkyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE4N2QwODE5NGQ4Yjg0ZmE2NmRjMmIwOGFmY2NmZmYwNGI5ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9R0NeWDF8V4iDCAHuJhLPBpYVMs
CCowTjMekT0TiepuAp9zZeWqzTFOVcGGJw5LRqWumUhPnfQYmy28RfBQypdGiHj3
TJmwQCM8i36sha5ikKT26j9NG7gMGEoLxRDetHc+wIYDeoSBez2PIe9NCCQsKOUI
ofhsh5JR5GKyDR/thKkI8FJfXt1IaHeAe6nhRHRWD/smX3z22pkE+9yeY5z7E3/q
Qqo5XyjX4oHFbjEEw3hewHQ+KcYVmGoMvW84pW6Ak6VaW6kNN6qEAt918Qb3CuJk
/MA5EcwOng3Iw+f3ZQ2viRmd3MRPqYWAhgazpgzMe94ilq9zffpipQsX+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFISofQgZTYuE+mbcKwivzP/wS58OMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvaEtoOUNCbE5pNFQ2WnR3ckNLX01fX0JMbnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvNGDAwQA
vNGGAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQByva6lmy56ueQN9YAazdiWNfwS
/YwlNtmw9FZIYTXr108fiLOORftbEVT2DSIl12dlkHkBDSqEEs2scIDI5AhUWakR
VeUcKFoN1D6UP28bBUaAxW17NL/pkfoTzyvDjXLr23nVIvtLBXhc1HKjEgusJpRy
qVS2mqW2sfH2koc3E9laiiZuJWFiZbQ7/OHTcBHtaYJpxZTe6Xw5r4q/TqrIBRDX
qNu/Hpoq702wBFWEahp0bFUzDMRs/MwYPApRK827MmZr0JNc/oZL8MthxUfVQzvl
nHVAI7KOU0udClD/RTelXTvTAwKgtfm4Lpm/eRbbBmbJjS6V1By+RKdansLe
-----END CERTIFICATE-----
Generated at Thu Oct 17 16:48:32 2024 by rpki-client on console-ams.rpki-client.org