Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/vSqts8tw2h5ysNt3ryiF-r7GA3I.roa
File: vSqts8tw2h5ysNt3ryiF-r7GA3I.roa (raw, json)
Hash identifier: +LdNS0zl1IxsaR9reZQDqtxttuewQgfhu7WRXEgFyY8=
Subject key identifier: BD:2A:AD:B3:CB:70:DA:1E:72:B0:DB:77:AF:28:85:FA:BE:C6:03:72
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018FE7471AC0CC616AB95CB88DCD590018CA
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/vSqts8tw2h5ysNt3ryiF-r7GA3I.roa
Signing time: Wed 05 Jun 2024 07:22:27 +0000
ROA not before: Wed 05 Jun 2024 07:22:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 188.209.136.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 07:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:47:1a:c0:cc:61:6a:b9:5c:b8:8d:cd:59:00:18:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jun 5 07:22:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd2aadb3cb70da1e72b0db77af2885fabec60372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:01:13:41:ad:0e:b9:4e:a7:45:54:b2:22:
c2:3a:e9:bc:b0:72:a9:53:11:10:b0:4e:72:bb:18:
27:2a:2f:cd:a6:db:a3:63:3a:a8:bf:01:e4:8d:94:
88:5b:43:e0:52:40:56:ce:0f:5e:11:ce:9f:e7:5f:
61:c0:05:e9:f0:1f:93:0e:3d:94:98:a4:48:a1:c3:
8d:e3:87:8a:b8:99:e3:ed:26:c6:f6:7d:ae:37:01:
df:b1:4b:e0:82:9b:a2:56:a1:b8:f7:ab:3b:c2:34:
a5:aa:6b:1a:24:64:a1:3d:36:0f:47:d8:7c:0f:bb:
64:9a:c6:0c:50:d8:45:48:3d:42:23:85:30:40:15:
45:89:19:29:6f:03:04:ca:98:51:4f:a9:a7:03:2d:
35:d3:d7:bb:b6:bd:92:79:a7:7c:62:58:65:69:0c:
25:01:dd:55:98:d4:71:10:3f:13:82:27:c4:40:70:
d8:f0:4f:79:52:45:07:14:e1:b5:6d:5c:d2:1d:7e:
90:bf:d4:99:fe:bd:bd:38:a7:09:54:8c:44:74:40:
67:70:9d:ef:d3:c4:0f:ca:46:32:c1:0c:20:d8:e8:
cf:e6:8e:e0:26:a6:47:d0:5c:f1:5a:b5:eb:ec:73:
e3:b1:09:29:0c:24:1e:45:8c:12:bc:07:0b:c7:87:
bc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2A:AD:B3:CB:70:DA:1E:72:B0:DB:77:AF:28:85:FA:BE:C6:03:72
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/vSqts8tw2h5ysNt3ryiF-r7GA3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.136.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
18:85:e1:8b:2d:a8:b4:71:71:40:d5:fc:31:5d:dc:8d:92:d8:
79:b3:a6:2d:dc:50:ba:40:14:21:ec:e8:46:4b:14:ac:3d:c6:
87:e1:96:65:b4:0a:76:58:26:da:46:b7:dc:0e:1c:e2:f2:f5:
4a:70:c6:12:bb:17:ea:e3:08:eb:85:38:b0:55:7f:1e:01:d8:
d8:22:87:66:6c:c5:f5:c9:91:ff:b2:ee:41:7d:e7:2e:77:fc:
d1:4e:a4:b7:6f:ba:aa:bd:8f:09:7f:be:58:5e:0e:1f:48:bd:
ef:d7:30:a6:44:53:1a:bc:b8:c9:94:70:34:57:80:51:86:3c:
53:83:f2:24:70:17:d8:d7:e7:4f:f9:bc:3e:eb:9f:ef:d5:22:
dd:5e:3c:2b:c4:5d:d8:4c:e0:92:33:ca:47:f6:28:06:f8:53:
ab:9d:26:02:43:07:ef:1c:b8:d6:39:67:cc:9d:65:a7:26:cb:
c8:f8:c0:42:82:6d:dc:e2:0a:2f:cb:d9:cc:27:b3:12:b0:e2:
b7:01:e4:e9:46:c2:b0:fd:49:bd:14:77:a7:5e:90:fb:ff:eb:
31:19:b3:03:77:45:ff:4d:70:5f:54:bb:e2:ff:f2:5d:88:d1:
af:5e:2b:a0:35:43:0c:45:85:be:78:6d:68:a7:ac:d5:d1:35:
6e:9d:e5:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/nRxrAzGFquVy4jc1ZABjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNjA1MDcyMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJhYWRiM2NiNzBkYTFlNzJiMGRiNzdhZjI4ODVmYWJlYzYwMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2YBE0GtDrlOp0VUsiLCOum8sHKp
UxEQsE5yuxgnKi/NptujYzqovwHkjZSIW0PgUkBWzg9eEc6f519hwAXp8B+TDj2U
mKRIocON44eKuJnj7SbG9n2uNwHfsUvggpuiVqG496s7wjSlqmsaJGShPTYPR9h8
D7tkmsYMUNhFSD1CI4UwQBVFiRkpbwMEyphRT6mnAy0109e7tr2Sead8YlhlaQwl
Ad1VmNRxED8TgifEQHDY8E95UkUHFOG1bVzSHX6Qv9SZ/r29OKcJVIxEdEBncJ3v
08QPykYywQwg2OjP5o7gJqZH0FzxWrXr7HPjsQkpDCQeRYwSvAcLx4e8XwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL0qrbPLcNoecrDbd68ohfq+xgNyMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvdlNxdHM4dHcyaDV5c050M3J5aUYtcjdHQTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNGIAwQA
vNGLMA0GCSqGSIb3DQEBCwUAA4IBAQAYheGLLai0cXFA1fwxXdyNkth5s6Yt3FC6
QBQh7OhGSxSsPcaH4ZZltAp2WCbaRrfcDhzi8vVKcMYSuxfq4wjrhTiwVX8eAdjY
IodmbMX1yZH/su5Bfecud/zRTqS3b7qqvY8Jf75YXg4fSL3v1zCmRFMavLjJlHA0
V4BRhjxTg/IkcBfY1+dP+bw+65/v1SLdXjwrxF3YTOCSM8pH9igG+FOrnSYCQwfv
HLjWOWfMnWWnJsvI+MBCgm3c4govy9nMJ7MSsOK3AeTpRsKw/Um9FHenXpD7/+sx
GbMDd0X/TXBfVLvi//JdiNGvXiugNUMMRYW+eG1op6zV0TVuneUA
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:04:07 2024 by rpki-client on console-ams.rpki-client.org