Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/okH9R_moYtusV9gaD6mxPfm-ZHs.roa
File: okH9R_moYtusV9gaD6mxPfm-ZHs.roa (raw, json)
Hash identifier: Jxa5+zXcIAqu99/F7pOLDNE2qW1xPxW5ElECC7fL0nQ=
Subject key identifier: A2:41:FD:47:F9:A8:62:DB:AC:57:D8:1A:0F:A9:B1:3D:F9:BE:64:7B
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018D49968C9116F89B19FC0E58A046CE5ABA
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/okH9R_moYtusV9gaD6mxPfm-ZHs.roa
Signing time: Sat 27 Jan 2024 06:23:39 +0000
ROA not before: Sat 27 Jan 2024 06:23:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 188.209.132.0/22 maxlen: 22
188.209.136.0/22 maxlen: 22
188.209.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 10 Feb 2024 06:56:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:49:96:8c:91:16:f8:9b:19:fc:0e:58:a0:46:ce:5a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 27 06:23:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a241fd47f9a862dbac57d81a0fa9b13df9be647b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:09:da:10:9f:80:16:9e:23:bf:fa:05:23:
f7:ea:d5:5a:01:f9:43:44:c3:e5:cc:40:35:9e:e1:
5e:d4:f1:00:a1:3a:18:cd:15:d0:dc:4a:fd:9f:e4:
03:ce:94:60:7f:3c:56:9c:a3:59:21:fc:ae:01:59:
20:5e:4a:9b:15:f7:7c:4d:54:fa:b9:b4:21:9b:51:
d9:38:c6:86:f3:23:f2:49:37:0e:29:18:11:2f:6c:
79:90:ab:78:99:0a:05:7d:90:48:2a:dd:e6:3f:4a:
50:f9:80:7b:55:10:83:3f:9b:37:bf:ed:67:14:e7:
e6:25:1b:0c:90:a5:1b:08:a3:49:2d:1b:01:c8:4f:
1d:ad:7a:9f:af:8c:5c:3d:fd:d9:39:35:55:61:a3:
a2:9f:c4:6e:51:1a:5c:4e:74:35:16:48:65:45:a1:
c5:72:e5:34:ca:ea:e8:be:60:cf:51:8e:ed:a5:dd:
29:68:2a:4a:5e:05:c0:19:85:ec:0d:4b:fe:8c:fc:
7d:e9:5a:8e:57:40:cd:e0:2f:21:36:c9:53:51:64:
ea:1b:fc:10:93:ab:a1:f3:29:84:b2:1a:12:95:36:
32:e7:b0:ce:bc:66:40:2d:8e:2d:42:9d:cc:be:e9:
04:3a:c9:30:62:95:26:e6:a8:02:38:60:db:6a:97:
ae:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:41:FD:47:F9:A8:62:DB:AC:57:D8:1A:0F:A9:B1:3D:F9:BE:64:7B
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/okH9R_moYtusV9gaD6mxPfm-ZHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0-188.209.143.255
Signature Algorithm: sha256WithRSAEncryption
4f:64:e5:c0:4e:f5:d3:a6:dc:d5:f0:d3:5b:c9:6c:7d:ad:24:
b2:a8:7b:fa:d2:89:10:dc:4d:bc:4a:08:29:26:9c:0a:a5:2d:
1b:2e:43:e2:9f:12:c9:3f:be:e4:83:ba:b4:b2:23:d8:a1:5e:
97:00:83:44:48:98:53:38:13:d0:aa:76:0b:f6:15:a1:18:10:
3d:69:66:8b:3c:bc:43:df:17:37:cb:78:11:24:da:ef:b9:7e:
b2:d6:1e:0b:01:24:da:75:82:32:7f:22:ca:db:d8:60:b5:ea:
74:2b:fa:99:f0:3a:73:c8:43:1b:c7:f9:8e:9a:75:a7:77:5a:
8f:5c:0d:70:ba:39:f2:9b:c6:dd:2a:24:fd:07:ae:33:ba:02:
97:28:fa:e4:b6:61:c5:49:90:4a:40:5f:2b:1a:bd:96:c0:72:
b3:2a:52:fa:bf:82:ee:18:b9:10:4f:93:7d:fc:44:96:9e:28:
e1:8f:79:03:23:4e:77:e8:5a:6e:1b:37:75:1c:c7:46:6a:2d:
e6:8b:e2:22:d4:8d:3d:9e:2d:78:62:5b:63:fb:46:f9:83:84:
13:3a:1d:da:f0:fa:53:14:a0:05:34:34:96:be:29:47:45:e1:
c1:a5:14:89:25:cf:1d:1e:62:37:09:49:42:37:9a:9d:42:9b:
f9:00:54:19
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY1JloyRFvibGfwOWKBGzlq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTI3MDYyMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQxZmQ0N2Y5YTg2MmRiYWM1N2Q4MWEwZmE5YjEzZGY5YmU2NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRoJ2hCfgBaeI7/6BSP36tVaAflD
RMPlzEA1nuFe1PEAoToYzRXQ3Er9n+QDzpRgfzxWnKNZIfyuAVkgXkqbFfd8TVT6
ubQhm1HZOMaG8yPySTcOKRgRL2x5kKt4mQoFfZBIKt3mP0pQ+YB7VRCDP5s3v+1n
FOfmJRsMkKUbCKNJLRsByE8drXqfr4xcPf3ZOTVVYaOin8RuURpcTnQ1FkhlRaHF
cuU0yurovmDPUY7tpd0paCpKXgXAGYXsDUv+jPx96VqOV0DN4C8hNslTUWTqG/wQ
k6uh8ymEshoSlTYy57DOvGZALY4tQp3MvukEOskwYpUm5qgCOGDbapeuiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKJB/Uf5qGLbrFfYGg+psT35vmR7MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvb2tIOVJfbW9ZdHVzVjlnYUQ2bXhQZm0tWkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK80YQD
BAS80YAwDQYJKoZIhvcNAQELBQADggEBAE9k5cBO9dOm3NXw01vJbH2tJLKoe/rS
iRDcTbxKCCkmnAqlLRsuQ+KfEsk/vuSDurSyI9ihXpcAg0RImFM4E9Cqdgv2FaEY
ED1pZos8vEPfFzfLeBEk2u+5frLWHgsBJNp1gjJ/Isrb2GC16nQr+pnwOnPIQxvH
+Y6adad3Wo9cDXC6OfKbxt0qJP0HrjO6Apco+uS2YcVJkEpAXysavZbAcrMqUvq/
gu4YuRBPk338RJaeKOGPeQMjTnfoWm4bN3Ucx0ZqLeaL4iLUjT2eLXhiW2P7RvmD
hBM6Hdrw+lMUoAU0NJa+KUdF4cGlFIklzx0eYjcJSUI3mp1Cm/kAVBk=
-----END CERTIFICATE-----
Generated at Sat Feb 10 08:57:39 2024 by rpki-client on console-ams.rpki-client.org