Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/vKJz5pE1glSbyhDAoydNoPjYeDc.roa
File: vKJz5pE1glSbyhDAoydNoPjYeDc.roa (raw, json)
Hash identifier: ZX+Y3qjtBCdXcJOwxpm+htDw63zZOCeugmDKrJA32RQ=
Subject key identifier: BC:A2:73:E6:91:35:82:54:9B:CA:10:C0:A3:27:4D:A0:F8:D8:78:37
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018DE1E094E7BA927A32DA8E76565281E8D4
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/vKJz5pE1glSbyhDAoydNoPjYeDc.roa
Signing time: Sun 25 Feb 2024 20:06:48 +0000
ROA not before: Sun 25 Feb 2024 20:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 188.209.132.0/22 maxlen: 24
188.209.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 Feb 2024 06:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e1:e0:94:e7:ba:92:7a:32:da:8e:76:56:52:81:e8:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 25 20:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bca273e6913582549bca10c0a3274da0f8d87837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d0:d0:30:6f:34:db:fb:d3:07:f1:04:bd:c3:
ac:b9:3e:73:fd:52:23:26:d1:d5:f8:6b:1a:18:03:
a1:36:77:57:c6:2a:22:07:d2:d0:40:be:54:69:25:
ca:24:37:ef:bc:37:5c:53:2a:9e:6c:12:b6:c9:8c:
58:cd:7d:fe:29:b6:63:f3:37:75:6f:cc:26:6f:23:
d8:01:a8:7a:24:b4:c7:cd:00:71:78:1c:44:72:cc:
77:5b:5f:e5:07:9c:2e:66:ac:cb:88:f8:de:cc:57:
cc:e4:2d:97:6e:14:c3:67:fb:e7:08:65:5b:ea:b9:
1a:7e:6e:b8:0b:4d:3a:fa:22:14:e9:fd:d1:15:bc:
e1:e2:00:5a:ca:be:96:16:05:f9:a7:fb:27:3a:dc:
77:4b:cf:4e:e8:9c:c0:20:f2:c0:16:ad:ff:e1:4a:
9c:85:2c:03:88:de:e1:3a:7b:7a:94:e8:f2:7b:7c:
7a:22:19:70:19:f2:89:b2:9a:1d:83:e6:48:e5:75:
ec:35:59:dc:cc:e9:1b:50:42:24:db:cc:8f:21:c7:
88:a8:24:a1:61:9e:7a:00:dd:37:3a:d2:35:da:20:
40:f1:1a:2b:87:f3:29:4a:75:dd:e4:d3:a0:aa:5f:
00:d3:e0:52:bf:75:3e:47:20:f2:c2:6f:32:ec:37:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A2:73:E6:91:35:82:54:9B:CA:10:C0:A3:27:4D:A0:F8:D8:78:37
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/vKJz5pE1glSbyhDAoydNoPjYeDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0-188.209.139.255
Signature Algorithm: sha256WithRSAEncryption
62:f4:cd:57:02:cf:c8:aa:06:2c:d7:71:c1:a1:aa:3e:fd:b6:
64:80:50:10:9c:b2:68:ed:e7:d3:2b:c2:f4:42:89:2e:a4:d3:
9f:97:be:7a:e5:4f:1a:51:4b:c6:af:bd:8d:a4:b4:b4:9b:4d:
49:b2:f4:a0:47:09:f8:f1:ea:e4:98:56:cb:ed:89:81:5b:66:
45:45:dd:a2:23:19:b0:80:aa:d2:d5:60:19:b8:e2:93:ea:27:
77:a1:2e:22:3f:70:33:64:26:ec:07:6b:ab:f3:8f:4e:11:53:
8f:32:9b:b5:7a:75:10:e3:c5:e1:56:14:a5:fd:f5:d8:fc:bc:
34:a5:a5:f1:85:67:5c:de:46:c8:6c:bf:a0:99:58:ac:8d:a0:
88:92:df:28:f7:d6:10:07:fc:5c:15:b1:6f:6a:de:f8:f5:9b:
8e:03:fe:21:71:a5:53:3c:26:a0:44:e4:c9:c6:15:4e:b6:b5:
18:d3:05:bd:16:47:c3:e1:8f:7d:ba:86:8c:60:b9:8e:3c:77:
5a:c2:b9:f3:25:a5:f0:08:2f:cc:e0:c8:b7:5c:e8:d7:af:b2:
62:a6:44:27:ab:0b:b5:94:4f:40:93:26:1f:14:3c:42:d1:06:
a8:aa:4e:b5:f9:57:89:f8:7d:88:99:9c:2a:71:1f:ef:59:21:
91:0d:89:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3h4JTnupJ6MtqOdlZSgejUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjI1MjAwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2EyNzNlNjkxMzU4MjU0OWJjYTEwYzBhMzI3NGRhMGY4ZDg3ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutDQMG802/vTB/EEvcOsuT5z/VIj
JtHV+GsaGAOhNndXxioiB9LQQL5UaSXKJDfvvDdcUyqebBK2yYxYzX3+KbZj8zd1
b8wmbyPYAah6JLTHzQBxeBxEcsx3W1/lB5wuZqzLiPjezFfM5C2XbhTDZ/vnCGVb
6rkafm64C006+iIU6f3RFbzh4gBayr6WFgX5p/snOtx3S89O6JzAIPLAFq3/4Uqc
hSwDiN7hOnt6lOjye3x6IhlwGfKJspodg+ZI5XXsNVnczOkbUEIk28yPIceIqCSh
YZ56AN03OtI12iBA8Rorh/MpSnXd5NOgql8A0+BSv3U+RyDywm8y7DfSRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLyic+aRNYJUm8oQwKMnTaD42Hg3MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvdktKejVwRTFnbFNieWhEQW95ZE5vUGpZZURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK80YQD
BAK80YgwDQYJKoZIhvcNAQELBQADggEBAGL0zVcCz8iqBizXccGhqj79tmSAUBCc
smjt59MrwvRCiS6k05+XvnrlTxpRS8avvY2ktLSbTUmy9KBHCfjx6uSYVsvtiYFb
ZkVF3aIjGbCAqtLVYBm44pPqJ3ehLiI/cDNkJuwHa6vzj04RU48ym7V6dRDjxeFW
FKX99dj8vDSlpfGFZ1zeRshsv6CZWKyNoIiS3yj31hAH/FwVsW9q3vj1m44D/iFx
pVM8JqBE5MnGFU62tRjTBb0WR8Phj326hoxguY48d1rCufMlpfAIL8zgyLdc6Nev
smKmRCerC7WUT0CTJh8UPELRBqiqTrX5V4n4fYiZnCpxH+9ZIZENif4=
-----END CERTIFICATE-----
Generated at Mon Feb 26 11:26:08 2024 by rpki-client on console-ams.rpki-client.org