Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/l-2ZgZFIQRhEm8vm7WEsTCj7nd0.roa
File: l-2ZgZFIQRhEm8vm7WEsTCj7nd0.roa (raw, json)
Hash identifier: 6bhIiFmu7gnJpMtnrMkWB7m0Kmow42C++vIiQZ2FoaA=
Subject key identifier: 97:ED:99:81:91:48:41:18:44:9B:CB:E6:ED:61:2C:4C:28:FB:9D:DD
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 019035B3CEAB9C4EB0CB73845C1984CB137A
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/l-2ZgZFIQRhEm8vm7WEsTCj7nd0.roa
Signing time: Thu 20 Jun 2024 12:51:34 +0000
ROA not before: Thu 20 Jun 2024 12:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.128.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 05:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:b3:ce:ab:9c:4e:b0:cb:73:84:5c:19:84:cb:13:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jun 20 12:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97ed998191484118449bcbe6ed612c4c28fb9ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ae:21:aa:bb:80:cd:6e:5b:8a:51:7f:16:0b:
a7:37:b8:22:1c:3b:c5:99:f0:84:c1:b4:8d:4b:e1:
f8:66:d7:e4:96:3c:cf:9a:7b:9b:88:8e:bd:5f:6a:
45:a5:ce:bc:4a:65:cb:bb:a1:b7:68:d8:98:0e:d3:
b4:ee:5c:5c:76:d6:33:8e:01:a8:29:e7:60:39:d4:
f6:17:f2:60:97:c1:ea:7a:8b:31:ee:ec:85:0c:5e:
1d:29:8e:75:f9:0a:bc:d7:57:9d:43:9c:06:9c:26:
f7:f7:9a:52:d7:40:9c:83:f4:57:f3:1b:29:b9:53:
ab:90:25:1b:bf:9e:86:63:1d:de:7c:de:d4:89:e5:
1c:0a:18:39:64:e6:f1:f0:e0:b9:21:79:ca:eb:e9:
dd:f2:71:e2:fd:68:80:e9:10:f8:ff:21:6c:e3:d7:
29:a5:0f:12:5d:17:be:21:95:c8:6e:a5:db:d2:1c:
d4:3c:df:58:71:d2:13:3a:26:81:af:43:2e:86:56:
83:ef:f4:db:d4:d8:6a:b3:a4:77:e9:e5:1f:bf:93:
3d:e7:06:e8:7f:df:9e:e3:d7:fb:99:64:59:a4:85:
c3:35:73:4a:f5:35:cf:2c:34:d2:ca:e5:65:03:f2:
58:4a:92:ae:5a:34:1b:f6:80:e6:f7:e7:67:bb:a5:
e1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:ED:99:81:91:48:41:18:44:9B:CB:E6:ED:61:2C:4C:28:FB:9D:DD
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/l-2ZgZFIQRhEm8vm7WEsTCj7nd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/21
Signature Algorithm: sha256WithRSAEncryption
09:ba:59:16:a1:cd:aa:d8:79:cf:4d:04:d6:2c:51:62:77:54:
48:c9:cd:d1:59:29:13:96:07:ae:39:0a:9a:8c:2c:11:78:20:
84:a6:4a:ad:cd:1e:27:5b:6c:47:98:6e:5d:72:67:04:45:68:
78:3b:df:5a:ff:7c:7c:2d:2c:14:00:43:c5:e1:78:ed:45:b0:
12:fc:88:f3:9b:1c:6d:52:ce:08:b2:1f:91:43:6b:6f:5d:17:
37:f1:57:d2:f0:5c:86:ae:e9:a2:da:f2:56:9a:1b:d2:a0:96:
d0:34:5b:f2:17:ef:00:e6:dc:99:62:69:8f:8d:d9:61:90:2a:
b7:8d:c5:f2:2b:ff:88:0b:74:05:43:60:56:67:5e:23:55:ed:
ef:ee:14:33:25:05:8b:d2:1c:cf:73:4c:81:9b:d9:20:16:55:
67:d1:5c:1a:e7:8d:0c:7c:ee:63:7d:0f:7b:66:fd:2d:58:22:
16:c3:00:cc:37:f5:51:5c:1d:c3:48:51:06:47:4b:64:03:57:
69:f6:de:ff:29:37:ea:3c:ad:a9:82:72:51:a6:c4:fc:58:72:
6a:e2:72:84:4d:51:99:d7:1e:bd:cd:15:f9:a2:0c:80:c0:29:
28:7c:11:16:b1:10:08:84:90:eb:5a:d5:70:e4:f8:e1:87:1e:
80:f6:39:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZA1s86rnE6wy3OEXBmEyxN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNjIwMTI1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VkOTk4MTkxNDg0MTE4NDQ5YmNiZTZlZDYxMmM0YzI4ZmI5ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7a4hqruAzW5bilF/FgunN7giHDvF
mfCEwbSNS+H4ZtfkljzPmnubiI69X2pFpc68SmXLu6G3aNiYDtO07lxcdtYzjgGo
KedgOdT2F/Jgl8Hqeosx7uyFDF4dKY51+Qq811edQ5wGnCb395pS10Ccg/RX8xsp
uVOrkCUbv56GYx3efN7UieUcChg5ZObx8OC5IXnK6+nd8nHi/WiA6RD4/yFs49cp
pQ8SXRe+IZXIbqXb0hzUPN9YcdITOiaBr0MuhlaD7/Tb1Nhqs6R36eUfv5M95wbo
f9+e49f7mWRZpIXDNXNK9TXPLDTSyuVlA/JYSpKuWjQb9oDm9+dnu6XhLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJftmYGRSEEYRJvL5u1hLEwo+53dMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvbC0yWmdaRklRUmhFbTh2bTdXRXNUQ2o3bmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJulkWoc2q2HnPTQTWLFFid1RIyc3RWSkTlgeuOQqa
jCwReCCEpkqtzR4nW2xHmG5dcmcERWh4O99a/3x8LSwUAEPF4XjtRbAS/Ijzmxxt
Us4Ish+RQ2tvXRc38VfS8FyGrumi2vJWmhvSoJbQNFvyF+8A5tyZYmmPjdlhkCq3
jcXyK/+IC3QFQ2BWZ14jVe3v7hQzJQWL0hzPc0yBm9kgFlVn0Vwa540MfO5jfQ97
Zv0tWCIWwwDMN/VRXB3DSFEGR0tkA1dp9t7/KTfqPK2pgnJRpsT8WHJq4nKETVGZ
1x69zRX5ogyAwCkofBEWsRAIhJDrWtVw5Pjhhx6A9jmt
-----END CERTIFICATE-----
Generated at Thu Jul 11 06:32:13 2024 by rpki-client on console-fra.rpki-client.org