Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/jwfSyQZi-HqGHqA_ieZchXgLLwA.roa
File: jwfSyQZi-HqGHqA_ieZchXgLLwA.roa (raw, json)
Hash identifier: BZU8x9h6+wCOuwfamF1E0KlN3/QvIzxsM4W+yXxSSlI=
Subject key identifier: 8F:07:D2:C9:06:62:F8:7A:86:1E:A0:3F:89:E6:5C:85:78:0B:2F:00
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018E1F6EF95641CD47C5DCF070788BB0FF68
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/jwfSyQZi-HqGHqA_ieZchXgLLwA.roa
Signing time: Fri 08 Mar 2024 18:59:10 +0000
ROA not before: Fri 08 Mar 2024 18:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
194.15.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Mar 2024 05:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1f:6e:f9:56:41:cd:47:c5:dc:f0:70:78:8b:b0:ff:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Mar 8 18:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f07d2c90662f87a861ea03f89e65c85780b2f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:be:ee:22:b8:1f:c6:aa:6f:07:50:f7:e1:08:
b8:25:31:fa:ca:e4:5d:68:b3:93:c3:b9:2f:88:43:
83:d4:4b:03:54:a6:60:cb:1c:3b:f7:ce:96:af:1c:
5b:4d:d7:c8:19:28:20:f7:78:30:e1:21:c2:9e:b6:
c4:80:d8:cd:c5:ca:76:4e:da:94:ba:c1:9b:fb:1f:
eb:51:1b:d1:b8:59:e8:81:2a:08:dc:cb:0d:cd:cc:
20:d9:37:37:90:9f:5c:be:73:ed:ed:48:73:49:96:
9b:1b:37:0c:da:e5:ad:7a:7c:fa:06:3f:3e:b8:b7:
e2:e1:e8:d2:f9:92:fb:ce:e1:a3:35:20:4d:ca:96:
7d:32:03:aa:ee:95:44:88:28:7f:2f:b9:e2:0c:09:
2e:4c:74:25:cd:ea:30:5b:98:64:ce:08:97:38:7f:
b1:96:db:68:b7:6c:62:c9:77:0b:c0:77:9c:a4:06:
3c:63:9b:a7:8a:ba:ec:7b:81:28:16:6a:e3:30:04:
a0:83:ca:65:9d:6b:9b:c2:b3:0f:40:53:5f:86:d3:
02:6a:5d:b4:98:34:81:0b:66:4f:11:b1:0a:17:1b:
bd:e2:c5:26:49:72:ec:84:3e:46:57:d8:2d:fb:c1:
de:ef:80:0f:77:93:b6:0f:17:0f:8c:f6:9d:68:6f:
e0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:07:D2:C9:06:62:F8:7A:86:1E:A0:3F:89:E6:5C:85:78:0B:2F:00
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/jwfSyQZi-HqGHqA_ieZchXgLLwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
194.15.98.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:bb:d9:d1:1a:55:10:96:3c:b3:6c:bc:91:2a:97:3d:3d:bb:
37:dc:2d:8a:65:87:56:0d:16:cf:47:66:ca:10:af:b0:fe:14:
d7:1a:84:e9:37:2d:86:11:80:6f:85:35:32:d7:da:5f:fe:4f:
8e:d4:99:27:dd:4a:38:b3:fe:c7:c1:5a:18:e5:a7:eb:0a:cb:
39:26:0d:07:08:73:35:69:7b:73:e1:eb:ab:6b:c7:31:33:b0:
8d:62:fa:91:8d:19:0a:06:c3:5b:51:e5:99:bd:77:37:2c:27:
ab:01:a6:c0:5f:31:a3:ce:ec:6f:4f:12:2d:75:42:df:bc:65:
25:94:28:97:3e:24:79:72:20:9a:b7:31:3a:1d:8c:27:80:54:
25:d2:2d:d7:f2:8f:c0:0d:4d:13:45:14:0b:a0:7a:55:e9:3e:
fe:eb:7c:20:7b:b9:dd:f1:c1:c4:11:df:c2:f5:99:44:a2:c9:
4c:81:1b:1a:80:6f:76:12:82:34:63:22:e2:35:58:21:ae:ef:
a1:b3:79:67:80:1e:b8:3d:6f:3d:13:ff:85:ad:a2:67:71:d5:
92:f1:85:75:79:0c:3f:a9:05:92:15:ea:7c:67:f6:e1:86:22:
fe:7c:e4:2d:45:59:11:5d:c6:e3:91:dc:90:e1:d1:e2:22:b0:
3c:e6:e8:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4fbvlWQc1HxdzwcHiLsP9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMzA4MTg1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA3ZDJjOTA2NjJmODdhODYxZWEwM2Y4OWU2NWM4NTc4MGIyZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL7uIrgfxqpvB1D34Qi4JTH6yuRd
aLOTw7kviEOD1EsDVKZgyxw7986WrxxbTdfIGSgg93gw4SHCnrbEgNjNxcp2TtqU
usGb+x/rURvRuFnogSoI3MsNzcwg2Tc3kJ9cvnPt7UhzSZabGzcM2uWtenz6Bj8+
uLfi4ejS+ZL7zuGjNSBNypZ9MgOq7pVEiCh/L7niDAkuTHQlzeowW5hkzgiXOH+x
lttot2xiyXcLwHecpAY8Y5unirrse4EoFmrjMASgg8plnWubwrMPQFNfhtMCal20
mDSBC2ZPEbEKFxu94sUmSXLshD5GV9gt+8He74APd5O2DxcPjPadaG/gjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI8H0skGYvh6hh6gP4nmXIV4Cy8AMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvandmU3lRWmktSHFHSHFBX2llWmNoWGdMTHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvNGEAwQA
wg9iMA0GCSqGSIb3DQEBCwUAA4IBAQCxu9nRGlUQljyzbLyRKpc9Pbs33C2KZYdW
DRbPR2bKEK+w/hTXGoTpNy2GEYBvhTUy19pf/k+O1Jkn3Uo4s/7HwVoY5afrCss5
Jg0HCHM1aXtz4eura8cxM7CNYvqRjRkKBsNbUeWZvXc3LCerAabAXzGjzuxvTxIt
dULfvGUllCiXPiR5ciCatzE6HYwngFQl0i3X8o/ADU0TRRQLoHpV6T7+63wge7nd
8cHEEd/C9ZlEoslMgRsagG92EoI0YyLiNVghru+hs3lngB64PW89E/+FraJncdWS
8YV1eQw/qQWSFep8Z/bhhiL+fOQtRVkRXcbjkdyQ4dHiIrA85ujh
-----END CERTIFICATE-----
Generated at Sun Mar 10 08:31:10 2024 by rpki-client on console-ams.rpki-client.org