Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/m3EIYviv8soMrIjT3sfKtg_iufE.roa
File: m3EIYviv8soMrIjT3sfKtg_iufE.roa (raw, json)
Hash identifier: uCPLYYvL5KnwnWtj8Svc29Wnwj5eXml0DaqVDwcPrGM=
Subject key identifier: 9B:71:08:62:F8:AF:F2:CA:0C:AC:88:D3:DE:C7:CA:B6:0F:E2:B9:F1
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018B2744A2E80ECE6FC6B9B078412D4C98BC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/m3EIYviv8soMrIjT3sfKtg_iufE.roa
Signing time: Fri 13 Oct 2023 04:21:31 +0000
ROA not before: Fri 13 Oct 2023 04:21:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.15.96.0/24 maxlen: 24
188.209.128.0/22 maxlen: 22
188.209.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Oct 2023 04:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:44:a2:e8:0e:ce:6f:c6:b9:b0:78:41:2d:4c:98:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Oct 13 04:21:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b710862f8aff2ca0cac88d3dec7cab60fe2b9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:da:cd:e5:dd:e1:0c:26:93:a1:5c:d9:42:
fa:b1:e9:41:a7:89:5c:22:81:56:bc:c7:f1:bb:0d:
48:b0:4d:11:ec:ae:fb:4a:a4:d7:f6:25:25:14:14:
f4:8c:14:6b:66:d1:82:1b:8b:6a:0a:12:6d:8a:8e:
b9:06:f1:6e:0d:fa:0b:18:6a:60:8f:69:92:b1:94:
f3:c2:c2:33:3a:eb:2e:c6:3b:37:80:3d:94:b1:92:
86:c3:59:a4:0e:b2:84:9e:e7:34:c4:85:3b:f3:29:
12:d6:0c:55:f5:54:0f:91:85:d6:c8:5e:98:bb:bb:
68:ec:55:90:62:a7:84:3e:2f:32:40:7b:ff:78:e0:
bd:a0:45:69:e5:da:59:41:77:bc:d8:68:92:ea:cf:
ae:45:c9:7b:9e:b6:6d:9c:a2:87:8f:a5:9c:29:25:
c8:ba:6b:5b:f8:38:4a:0a:9b:81:48:a0:c3:6d:c1:
d4:ee:32:cf:ca:8e:95:2c:fc:4a:03:81:0c:e1:71:
04:1b:38:13:5e:cc:3f:43:1d:a7:6d:ff:f8:d1:97:
3a:56:99:00:84:26:4d:ac:88:ef:0c:ad:40:52:83:
cb:0f:69:2c:2a:1a:9c:0b:7e:54:38:7e:b6:c0:b3:
d2:0b:08:96:7f:28:50:65:19:76:20:43:7d:5a:44:
e7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:71:08:62:F8:AF:F2:CA:0C:AC:88:D3:DE:C7:CA:B6:0F:E2:B9:F1
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/m3EIYviv8soMrIjT3sfKtg_iufE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/22
188.209.140.0/22
194.15.96.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:41:47:5f:4f:5b:73:71:ac:ac:d1:23:0b:f5:6a:5b:14:57:
0a:33:71:29:c8:88:54:f0:a6:20:aa:ac:16:eb:3e:94:4b:3b:
6f:06:98:90:41:06:18:d3:dd:66:6f:da:8a:0e:72:c4:28:61:
ca:21:a7:68:21:d2:5d:9e:be:cf:ff:2d:04:fc:d9:36:f8:53:
ba:d8:18:8f:af:ca:5a:2c:95:af:52:78:5c:04:20:c1:fc:d1:
90:cf:1d:fb:f3:d5:7b:6a:09:d7:dd:cd:bf:83:a3:22:e4:fd:
af:dc:10:73:15:a0:96:25:ed:af:07:ac:cc:05:57:16:0e:9b:
cb:07:bb:ad:fb:d5:5f:47:18:06:aa:07:e5:b1:a1:c1:f1:d9:
9b:65:d0:77:b1:36:cf:67:b1:d5:d7:de:70:57:e2:79:7f:27:
97:9a:cc:86:d3:ea:fb:06:49:59:35:e1:bd:a9:e4:f5:49:49:
f9:20:e6:d7:6d:41:42:a5:3e:a1:d7:50:3f:36:c7:aa:32:ed:
7d:be:37:3d:45:74:43:e9:cd:fb:ce:84:8e:00:84:31:4b:1a:
17:62:21:51:df:b7:39:cb:50:8b:d6:73:36:54:be:05:8c:27:
2f:a6:91:d0:a4:db:ce:0b:a8:fa:7a:0a:f7:ae:84:92:ad:49:
3e:33:24:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsnRKLoDs5vxrmweEEtTJi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMxMDEzMDQyMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjcxMDg2MmY4YWZmMmNhMGNhYzg4ZDNkZWM3Y2FiNjBmZTJiOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzfazeXd4Qwmk6Fc2UL6selBp4lc
IoFWvMfxuw1IsE0R7K77SqTX9iUlFBT0jBRrZtGCG4tqChJtio65BvFuDfoLGGpg
j2mSsZTzwsIzOusuxjs3gD2UsZKGw1mkDrKEnuc0xIU78ykS1gxV9VQPkYXWyF6Y
u7to7FWQYqeEPi8yQHv/eOC9oEVp5dpZQXe82GiS6s+uRcl7nrZtnKKHj6WcKSXI
umtb+DhKCpuBSKDDbcHU7jLPyo6VLPxKA4EM4XEEGzgTXsw/Qx2nbf/40Zc6VpkA
hCZNrIjvDK1AUoPLD2ksKhqcC35UOH62wLPSCwiWfyhQZRl2IEN9WkTnxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJtxCGL4r/LKDKyI097HyrYP4rnxMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvbTNFSVl2aXY4c29NcklqVDNzZkt0Z19pdWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCvNGAAwQC
vNGMAwQAwg9gMA0GCSqGSIb3DQEBCwUAA4IBAQCrQUdfT1tzcays0SML9WpbFFcK
M3EpyIhU8KYgqqwW6z6USztvBpiQQQYY091mb9qKDnLEKGHKIadoIdJdnr7P/y0E
/Nk2+FO62BiPr8paLJWvUnhcBCDB/NGQzx3789V7agnX3c2/g6Mi5P2v3BBzFaCW
Je2vB6zMBVcWDpvLB7ut+9VfRxgGqgflsaHB8dmbZdB3sTbPZ7HV195wV+J5fyeX
msyG0+r7BklZNeG9qeT1SUn5IObXbUFCpT6h11A/NseqMu19vjc9RXRD6c37zoSO
AIQxSxoXYiFR37c5y1CL1nM2VL4FjCcvppHQpNvOC6j6egr3roSSrUk+MyQ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org