Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/leKchGs6OGYtIIeWp6lbkCmMscA.roa
File: leKchGs6OGYtIIeWp6lbkCmMscA.roa (raw, json)
Hash identifier: tUTzMSiOmgJ89DKiIiV4q0YbJeYZ54KVCKZf2sS2EAs=
Subject key identifier: 95:E2:9C:84:6B:3A:38:66:2D:20:87:96:A7:A9:5B:90:29:8C:B1:C0
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018DC79C36C17B18C30D3AEBC71688CC1FC6
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/leKchGs6OGYtIIeWp6lbkCmMscA.roa
Signing time: Tue 20 Feb 2024 17:42:00 +0000
ROA not before: Tue 20 Feb 2024 17:42:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.136.0/22 maxlen: 22
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 06:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:9c:36:c1:7b:18:c3:0d:3a:eb:c7:16:88:cc:1f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 20 17:42:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95e29c846b3a38662d208796a7a95b90298cb1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:93:e4:29:65:9d:4a:9d:bd:67:2c:ce:73:
8f:bd:8b:aa:42:c0:2d:1d:22:73:5a:cd:e5:d9:ed:
c3:35:c6:df:f7:3c:49:1d:d3:65:43:17:6a:a5:63:
89:04:e7:ca:b9:47:32:8c:dc:24:38:3b:42:59:e1:
22:09:7c:07:56:c6:aa:6c:02:51:6d:b8:14:de:0f:
de:ee:b6:72:eb:65:0c:a3:a8:a2:56:80:d2:c3:14:
ed:f1:a0:32:a9:86:6d:bf:4f:36:ad:0b:a8:bc:b8:
52:63:a8:ab:d2:25:f0:2f:7c:a9:af:00:f8:29:48:
88:79:7a:80:71:f6:b5:9d:7c:46:f9:f0:0d:0a:20:
06:40:96:c2:01:18:77:91:07:35:6b:1b:87:d6:6a:
fb:f6:4f:5a:63:05:12:75:9d:06:0c:4e:65:8b:27:
f6:bf:69:12:47:62:97:eb:40:f0:76:26:d0:cc:85:
f9:f5:5a:45:6d:73:f4:c7:30:0d:45:75:7c:37:08:
87:bd:7b:e1:3b:a9:70:04:15:d0:c4:2c:f4:a7:6d:
24:81:5d:03:24:82:2b:78:28:b8:ff:40:89:40:47:
c9:00:7c:a5:7a:c5:5d:5e:8c:5b:a2:e2:0d:62:bc:
74:c9:e3:41:3a:80:c3:21:d7:fe:30:a7:2e:aa:94:
0d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E2:9C:84:6B:3A:38:66:2D:20:87:96:A7:A9:5B:90:29:8C:B1:C0
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/leKchGs6OGYtIIeWp6lbkCmMscA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.136.0/22
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
89:58:dd:b5:e9:23:80:c5:ee:3a:12:6d:b6:63:66:f6:fb:05:
81:9f:0a:ce:1a:55:c6:d8:8b:fb:26:41:d9:16:f5:4d:90:19:
d9:09:83:17:d9:a3:59:2b:f9:65:3e:6c:ea:e8:89:e6:25:16:
dc:47:c7:1c:50:a6:8b:92:74:98:76:67:18:73:42:13:c2:61:
3d:6a:cd:e0:29:37:3a:86:30:9f:cc:43:6d:59:45:65:d1:2a:
83:d1:c8:a6:18:d4:26:42:76:d2:62:ad:33:da:90:a9:e6:d4:
73:10:4f:91:15:20:05:8c:51:a9:13:6e:09:b5:95:67:49:bf:
cb:2c:9c:ee:84:37:26:f1:6e:52:a9:ca:a8:c8:41:6a:d9:e8:
27:36:1a:a2:ad:b6:b9:a1:2f:d4:20:ba:9a:5a:ad:df:4e:55:
9f:32:9e:43:e1:00:95:f2:bd:77:f3:8f:d2:74:13:d6:82:7e:
b6:e7:7f:22:f9:7a:9f:f0:96:95:55:0f:17:56:53:63:95:7b:
e6:1b:fe:af:1c:86:4a:ee:b5:c0:3e:f4:49:bc:40:18:48:4b:
a6:9c:19:2b:03:57:c4:0f:e3:41:b1:bd:c7:84:b4:ad:bd:74:
a8:50:1a:2b:9c:a8:f7:5e:81:a3:d1:db:47:9f:86:28:b5:91:
3b:93:f5:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3HnDbBexjDDTrrxxaIzB/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjIwMTc0MjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUyOWM4NDZiM2EzODY2MmQyMDg3OTZhN2E5NWI5MDI5OGNiMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFuT5CllnUqdvWcsznOPvYuqQsAt
HSJzWs3l2e3DNcbf9zxJHdNlQxdqpWOJBOfKuUcyjNwkODtCWeEiCXwHVsaqbAJR
bbgU3g/e7rZy62UMo6iiVoDSwxTt8aAyqYZtv082rQuovLhSY6ir0iXwL3yprwD4
KUiIeXqAcfa1nXxG+fANCiAGQJbCARh3kQc1axuH1mr79k9aYwUSdZ0GDE5liyf2
v2kSR2KX60DwdibQzIX59VpFbXP0xzANRXV8NwiHvXvhO6lwBBXQxCz0p20kgV0D
JIIreCi4/0CJQEfJAHylesVdXoxbouINYrx0yeNBOoDDIdf+MKcuqpQN1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXinIRrOjhmLSCHlqepW5ApjLHAMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvbGVLY2hHczZPR1l0SUllV3A2bGJrQ21Nc2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvNGIAwQA
wg9hMA0GCSqGSIb3DQEBCwUAA4IBAQCJWN216SOAxe46Em22Y2b2+wWBnwrOGlXG
2Iv7JkHZFvVNkBnZCYMX2aNZK/llPmzq6InmJRbcR8ccUKaLknSYdmcYc0ITwmE9
as3gKTc6hjCfzENtWUVl0SqD0cimGNQmQnbSYq0z2pCp5tRzEE+RFSAFjFGpE24J
tZVnSb/LLJzuhDcm8W5SqcqoyEFq2egnNhqirba5oS/UILqaWq3fTlWfMp5D4QCV
8r1384/SdBPWgn62538i+Xqf8JaVVQ8XVlNjlXvmG/6vHIZK7rXAPvRJvEAYSEum
nBkrA1fED+NBsb3HhLStvXSoUBornKj3XoGj0dtHn4YotZE7k/Uy
-----END CERTIFICATE-----
Generated at Fri Feb 23 10:44:38 2024 by rpki-client on console-ams.rpki-client.org