Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/uKJQ-_pmGN_hTlCuEb4qJzhQyKs.roa
File: uKJQ-_pmGN_hTlCuEb4qJzhQyKs.roa (raw, json)
Hash identifier: BEId/KcU7o4qciInujSa5kY+KavMzsA7fQdkE2/qb9w=
Subject key identifier: B8:A2:50:FB:FA:66:18:DF:E1:4E:50:AE:11:BE:2A:27:38:50:C8:AB
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018B6A37FC90E216963F3D07AA36551EC0BD
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/uKJQ-_pmGN_hTlCuEb4qJzhQyKs.roa
Signing time: Thu 26 Oct 2023 04:22:15 +0000
ROA not before: Thu 26 Oct 2023 04:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.15.98.0/24 maxlen: 24
188.209.128.0/22 maxlen: 22
188.209.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Oct 2023 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6a:37:fc:90:e2:16:96:3f:3d:07:aa:36:55:1e:c0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Oct 26 04:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8a250fbfa6618dfe14e50ae11be2a273850c8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:ab:80:fd:0c:7c:94:0d:26:53:f9:e4:43:
0a:45:a8:87:fe:e2:ae:f3:7f:ff:98:05:68:1c:56:
35:b4:2c:fc:58:11:0d:d0:3b:df:59:ca:ce:31:93:
a1:1e:0f:1f:4f:42:9d:5e:3f:7d:5a:0b:d6:4e:ee:
fe:3d:d2:9d:de:be:1d:a1:05:d0:e9:e8:6d:25:a0:
3f:c1:99:51:74:bd:67:b8:ea:ee:df:50:93:18:c9:
1f:d7:55:23:6a:c0:bf:03:c0:6f:a7:0c:83:8d:c8:
32:58:2b:92:90:ef:ef:86:16:38:8a:4d:09:9b:02:
b0:a8:55:a4:2d:07:9e:b6:9a:1f:37:cc:3d:1f:ae:
1a:bd:cf:b2:37:9e:53:db:03:04:c4:48:04:39:d3:
d2:42:4d:7c:35:78:b5:8e:95:be:11:22:4c:3b:dd:
d8:eb:99:53:1e:f1:2c:ba:26:64:02:4d:20:b9:55:
8a:a8:e9:d6:0c:d1:ab:e1:e4:87:bc:98:84:e2:cc:
f2:86:4f:cb:76:1a:23:9e:27:b8:d9:cd:a7:41:61:
33:00:7c:60:06:e0:9e:51:5c:02:0b:b9:04:3e:a8:
25:cc:02:f4:b0:a7:fa:5e:73:ea:2a:59:29:74:d9:
ff:44:01:70:68:b4:db:af:50:85:63:86:66:ec:ed:
aa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A2:50:FB:FA:66:18:DF:E1:4E:50:AE:11:BE:2A:27:38:50:C8:AB
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/uKJQ-_pmGN_hTlCuEb4qJzhQyKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/22
188.209.140.0/22
194.15.98.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a1:b5:bf:d1:5d:0d:e0:2d:fe:b4:48:53:ca:8a:f2:8f:69:
b3:aa:e0:1b:80:56:5f:f8:f0:de:b7:eb:cd:c2:9b:6b:70:2c:
fa:9c:c4:79:05:a5:23:ca:93:6d:95:27:d8:88:ff:ca:e6:92:
a4:f2:12:e2:2f:d1:f7:14:f3:e6:40:ab:38:0d:7e:55:00:fa:
1b:07:05:af:8f:b5:02:a7:9e:dd:21:6f:f0:1f:d8:b0:e8:5e:
41:92:f4:46:2d:cd:cf:cd:b9:35:92:39:77:60:5b:2a:74:5a:
af:d4:b2:79:80:7c:0b:f1:d9:80:b7:6f:45:fa:20:13:9d:e7:
cb:e4:98:6d:90:7d:96:4c:50:69:a1:ed:e7:36:97:28:92:37:
6f:02:6e:dd:a5:55:ef:84:c5:46:e7:01:50:97:d0:66:8d:f0:
d3:1f:14:15:e8:8b:35:19:76:c8:70:b2:ab:0a:6b:e6:83:0e:
90:68:c4:7b:02:32:83:e5:5e:ae:01:13:73:fd:31:7f:dc:b1:
2a:62:cb:ab:51:e7:ed:56:79:12:b5:e1:48:0f:1c:ab:7f:2a:
c0:37:c8:01:48:5e:04:01:1b:34:c2:28:75:dc:fc:c8:7c:a3:
de:79:8c:dc:2d:a4:b7:d2:30:70:31:f2:b8:b6:cc:4f:1e:2e:
79:13:72:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtqN/yQ4haWPz0HqjZVHsC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMxMDI2MDQyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGEyNTBmYmZhNjYxOGRmZTE0ZTUwYWUxMWJlMmEyNzM4NTBjOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoWrgP0MfJQNJlP55EMKRaiH/uKu
83//mAVoHFY1tCz8WBEN0DvfWcrOMZOhHg8fT0KdXj99WgvWTu7+PdKd3r4doQXQ
6ehtJaA/wZlRdL1nuOru31CTGMkf11UjasC/A8BvpwyDjcgyWCuSkO/vhhY4ik0J
mwKwqFWkLQeetpofN8w9H64avc+yN55T2wMExEgEOdPSQk18NXi1jpW+ESJMO93Y
65lTHvEsuiZkAk0guVWKqOnWDNGr4eSHvJiE4szyhk/Ldhojnie42c2nQWEzAHxg
BuCeUVwCC7kEPqglzAL0sKf6XnPqKlkpdNn/RAFwaLTbr1CFY4Zm7O2qUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLiiUPv6Zhjf4U5QrhG+Kic4UMirMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvdUtKUS1fcG1HTl9oVGxDdUViNHFKemhReUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCvNGAAwQC
vNGMAwQAwg9iMA0GCSqGSIb3DQEBCwUAA4IBAQB1obW/0V0N4C3+tEhTyoryj2mz
quAbgFZf+PDet+vNwptrcCz6nMR5BaUjypNtlSfYiP/K5pKk8hLiL9H3FPPmQKs4
DX5VAPobBwWvj7UCp57dIW/wH9iw6F5BkvRGLc3Pzbk1kjl3YFsqdFqv1LJ5gHwL
8dmAt29F+iATnefL5JhtkH2WTFBpoe3nNpcokjdvAm7dpVXvhMVG5wFQl9BmjfDT
HxQV6Is1GXbIcLKrCmvmgw6QaMR7AjKD5V6uARNz/TF/3LEqYsurUeftVnkSteFI
DxyrfyrAN8gBSF4EARs0wih13PzIfKPeeYzcLaS30jBwMfK4tsxPHi55E3Lr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:55 2024 by rpki-client on console-ams.rpki-client.org