Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/rPJlAfMg1odpvdLVCxzPXZV97i8.roa
File: rPJlAfMg1odpvdLVCxzPXZV97i8.roa (raw, json)
Hash identifier: rGZV/7reLlwVNz1VCBrzGVjgvw1w4yga5S+cgZsEBJ0=
Subject key identifier: AC:F2:65:01:F3:20:D6:87:69:BD:D2:D5:0B:1C:CF:5D:95:7D:EE:2F
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01914D344FA5D4F084D241C36C3C4C1D1336
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/rPJlAfMg1odpvdLVCxzPXZV97i8.roa
Signing time: Tue 13 Aug 2024 19:25:59 +0000
ROA not before: Tue 13 Aug 2024 19:25:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
188.209.137.0/24 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 12:26:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:34:4f:a5:d4:f0:84:d2:41:c3:6c:3c:4c:1d:13:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 13 19:25:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acf26501f320d68769bdd2d50b1ccf5d957dee2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d9:c4:85:b4:68:21:68:e2:37:b0:f1:ed:8e:
eb:74:70:d7:6d:ec:f0:39:b1:ae:d3:ae:2a:75:4b:
8e:d3:40:c5:a2:b8:75:5f:5a:cb:75:ab:57:6d:5d:
2c:0d:87:26:be:88:59:58:69:f4:1f:7d:6d:f5:b9:
c6:df:00:7f:33:4b:4c:b5:c1:4d:8d:85:ad:d5:08:
24:cb:cb:1e:3e:47:9d:4e:08:78:9c:64:80:2f:38:
bb:d8:69:f0:82:db:6c:01:bb:41:db:be:93:42:0b:
45:07:f6:47:6d:46:3a:0e:0f:28:c2:9b:7e:bf:fc:
23:23:dd:bc:f0:36:2e:33:16:71:3d:e4:0e:86:05:
35:3f:05:94:d0:76:9e:9d:59:f4:3f:4b:a4:a1:37:
fc:e2:7e:3d:fa:4f:c0:8c:06:a5:63:d0:86:ec:29:
7a:23:5b:72:1f:b6:36:eb:b8:56:f8:75:2a:76:59:
63:19:2c:ae:b2:8c:69:b9:5b:35:8e:8e:24:a2:8c:
d9:49:72:aa:f0:1b:6f:4a:65:d0:b0:cc:82:3a:b2:
5a:f6:bf:e0:10:b8:7c:1b:04:97:fe:6e:b5:38:c9:
4c:c4:cf:3d:6e:0b:d9:b6:f3:fc:ad:fd:98:6d:f7:
10:a8:27:43:fe:9d:eb:c2:12:df:60:c7:2f:0f:bd:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F2:65:01:F3:20:D6:87:69:BD:D2:D5:0B:1C:CF:5D:95:7D:EE:2F
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/rPJlAfMg1odpvdLVCxzPXZV97i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
188.209.137.0/24
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:fb:97:12:a7:cd:c7:5d:8a:b6:a6:83:2e:68:88:db:92:70:
53:60:db:df:05:a6:8a:a2:a7:d0:f2:c9:d2:82:c4:94:fd:83:
42:c3:30:cb:56:92:c5:fc:b6:18:aa:76:06:12:61:99:0f:50:
c7:81:34:46:0a:51:81:1a:d1:dd:6a:eb:1b:d8:f3:5a:cf:e0:
ea:1f:ef:c1:3f:a7:b3:f3:2d:cd:d3:11:8f:aa:79:69:5c:1f:
11:c5:aa:cf:95:91:27:59:d3:1c:b8:41:1d:bf:b9:98:d8:d2:
76:8c:78:e9:42:b4:c8:27:83:94:50:a6:fa:d1:95:7a:56:ea:
cf:15:af:12:53:e7:ff:9c:28:1e:a2:9d:b7:e8:35:05:46:09:
87:49:d4:9d:36:74:66:a6:ca:89:f7:87:6b:2c:eb:9d:ce:d8:
8f:5a:0d:94:cb:af:e3:35:75:b1:95:8a:9e:40:9c:44:28:d2:
97:d8:a8:b4:c1:75:23:61:c7:96:b0:fe:65:34:69:19:af:18:
35:5a:8e:7b:f5:19:12:0d:05:d7:00:6a:1f:ff:11:a5:4e:a7:
2d:35:32:f3:9b:a2:77:24:72:3f:30:09:b5:b2:b6:cf:5c:bb:
24:43:d5:ce:77:de:aa:c5:33:1f:22:4e:20:f2:b8:93:41:9c:
20:f7:06:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFNNE+l1PCE0kHDbDxMHRM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwODEzMTkyNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2YyNjUwMWYzMjBkNjg3NjliZGQyZDUwYjFjY2Y1ZDk1N2RlZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9nEhbRoIWjiN7Dx7Y7rdHDXbezw
ObGu064qdUuO00DForh1X1rLdatXbV0sDYcmvohZWGn0H31t9bnG3wB/M0tMtcFN
jYWt1Qgky8sePkedTgh4nGSALzi72GnwgttsAbtB276TQgtFB/ZHbUY6Dg8owpt+
v/wjI9288DYuMxZxPeQOhgU1PwWU0HaenVn0P0ukoTf84n49+k/AjAalY9CG7Cl6
I1tyH7Y267hW+HUqdlljGSyusoxpuVs1jo4koozZSXKq8BtvSmXQsMyCOrJa9r/g
ELh8GwSX/m61OMlMxM89bgvZtvP8rf2YbfcQqCdD/p3rwhLfYMcvD72zQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKzyZQHzINaHab3S1Qscz12Vfe4vMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvclBKbEFmTWcxb2RwdmRMVkN4elBYWlY5N2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCvNGEAwQA
vNGJAwQAwg9hMA0GCSqGSIb3DQEBCwUAA4IBAQBv+5cSp83HXYq2poMuaIjbknBT
YNvfBaaKoqfQ8snSgsSU/YNCwzDLVpLF/LYYqnYGEmGZD1DHgTRGClGBGtHdausb
2PNaz+DqH+/BP6ez8y3N0xGPqnlpXB8RxarPlZEnWdMcuEEdv7mY2NJ2jHjpQrTI
J4OUUKb60ZV6VurPFa8SU+f/nCgeop236DUFRgmHSdSdNnRmpsqJ94drLOudztiP
Wg2Uy6/jNXWxlYqeQJxEKNKX2Ki0wXUjYceWsP5lNGkZrxg1Wo579RkSDQXXAGof
/xGlTqctNTLzm6J3JHI/MAm1srbPXLskQ9XOd96qxTMfIk4g8riTQZwg9waI
-----END CERTIFICATE-----
Generated at Wed Aug 14 15:15:12 2024 by rpki-client on console-ams.rpki-client.org